safety.9t89.xyz Open in urlscan Pro
77.247.126.221  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response safety.9t89.xyz/	12 KB 4 KB	501ms 163ms	Document text/html	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 752f80a0721a523a015fe3ed669cd377a2c0b8876cd2f0648ac896a8b28d49e9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Sun, 28 Apr 2024 08:22:32 GMT etag W/"662cdb23-2f37" last-modified Sat, 27 Apr 2024 11:01:55 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	iconfont.css safety.9t89.xyz/font/	4 KB 1 KB	164ms 164ms	Stylesheet text/css	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/font/iconfont.css?v=111 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 1d5a19546b47227cac00ccca55e6b6282f4ae223e7dc084414371ccb6fbf0393 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 08:22:33 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag W/"662a2787-11b1" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Sun, 28 Apr 2024 20:22:33 GMT
GET H2	200	home_bg.342b00e4.jpg safety.9t89.xyz/img/	133 KB 133 KB	164ms 164ms	Image image/jpeg	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Show image Full URL https://safety.9t89.xyz/img/home_bg.342b00e4.jpg Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 51b55cf6ac0fb3950b37e1a2d58c7376db7fd117227d99c0cd0de8be4f77d6dc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 08:22:33 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-21249" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 135753 expires Tue, 28 May 2024 08:22:33 GMT
GET H2	200	env.js Show response safety.9t89.xyz/	1 KB 805 B	490ms 490ms	Script application/javascript	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/env.js?a=1714292553297 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 0528968ed6d7a5bec9d284a8b621440b7e2c25eb7839e22d3e658b1d7cfbc2f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 08:22:33 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 25 Apr 2024 13:22:16 GMT server nginx etag W/"662a5908-593" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Sun, 28 Apr 2024 20:22:33 GMT
GET H2	200	Baidu.png safety.9t89.xyz/img/safety/	99 KB 99 KB	490ms 490ms	Image image/png	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Show image Full URL https://safety.9t89.xyz/img/safety/Baidu.png Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash f60c8689cb172faea1e5e246d1415755a3b8f6f7b5f2ce0e00fe3f9c790e6162 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 08:22:33 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-18ca9" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 101545 expires Tue, 28 May 2024 08:22:33 GMT
GET H2	200	iconfont.woff2 safety.9t89.xyz/font/	14 KB 14 KB	489ms 489ms	Font font/woff2	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/font/iconfont.woff2?t=1691161820291 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/font/iconfont.css?v=111 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash e7d3fbba3cb54f0a212fb93f4c0ad8d1eddb8080aa1a97300f39b5e3f3e5b8c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/font/iconfont.css?v=111 Origin https://safety.9t89.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 08:22:33 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-37ac" content-type font/woff2 accept-ranges bytes content-length 14252
GET H2	200	add.ttf safety.9t89.xyz/	5 KB 5 KB	489ms 489ms	Font application/octet-stream	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/add.ttf Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/?version=1714292553298 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Origin https://safety.9t89.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 08:22:33 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-1218" content-type application/octet-stream accept-ranges bytes content-length 4632
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	3136ms 1371ms	Script application/javascript	14.215.182.140 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?ffb1a68ad287606065a15c91547f4c4f Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/env.js?a=1714292553297 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash 5cd10e4c84c06d5e525698be73760a4d16b20f7f3ba8e8835693938fc9cfdbfc Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 08:22:36 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 85a6e39427ad45bfd605c3ba36403283 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11253
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	1117ms 1116ms	Image image/gif	14.215.182.140 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1392545226&si=ffb1a68ad287606065a15c91547f4c4f&v=1.3.0&lv=1&sn=28027&r=0&ww=1600&u=https%3A%2F%2Fsafety.9t89.xyz%2F%3Fversion%3D1714292553298&tt=%E5%AE%89%E5%85%A8%E6%A3%80%E6%9F%A5%E9%80%9A%E8%BF%87%EF%BC%8C%E8%AF%B7%E7%95%8C%E5%8F%8B%E6%94%BE%E5%BF%83%E6%B5%8F%E8%A7%88%EF%BC%8C%E6%84%9F%E8%B0%A2%E6%94%AF%E6%8C%81%EF%BC%81 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/?version=1714292553298 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Sun, 28 Apr 2024 08:22:38 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET		favicon.ico safety.9t89.xyz/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

safety.9t89.xyz

URL

https://safety.9t89.xyz/favicon.ico

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| detectBrowser function| setHistoryFN function| updateHrefFn function| loadDynamicScript function| proceedAfterEnvLoaded string| jumpUrl1 string| jumpUrl2 string| jumpUrl3 string| jumpUrl4 string| autoJumpUrl number| time1 number| time2 function| loadBaiduTjFn function| loadBaiduJumpTjFn boolean| _bdhm_loaded_ffb1a68ad287606065a15c91547f4c4f object| _hmt object| mini_tangram_log_azz03c

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 05:47:32	Name: HMACCOUNT_BFESS Value: 9C86FFBCFD07A471
			.safety.9t89.xyz/	1970-01-21 04:57:08	Name: Hm_lvt_ffb1a68ad287606065a15c91547f4c4f Value: 1714292557
			.safety.9t89.xyz/	1969-12-31 23:59:59	Name: Hm_lpvt_ffb1a68ad287606065a15c91547f4c4f Value: 1714292557

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://safety.9t89.xyz/?version=1714292553298 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://safety.9t89.xyz/?version=1714292553298 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
safety.9t89.xyz
safety.9t89.xyz
14.215.182.140
77.247.126.221
0528968ed6d7a5bec9d284a8b621440b7e2c25eb7839e22d3e658b1d7cfbc2f5
1d5a19546b47227cac00ccca55e6b6282f4ae223e7dc084414371ccb6fbf0393
51b55cf6ac0fb3950b37e1a2d58c7376db7fd117227d99c0cd0de8be4f77d6dc
5cd10e4c84c06d5e525698be73760a4d16b20f7f3ba8e8835693938fc9cfdbfc
752f80a0721a523a015fe3ed669cd377a2c0b8876cd2f0648ac896a8b28d49e9
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e7d3fbba3cb54f0a212fb93f4c0ad8d1eddb8080aa1a97300f39b5e3f3e5b8c0
f60c8689cb172faea1e5e246d1415755a3b8f6f7b5f2ce0e00fe3f9c790e6162