urlscan.io logo urlscan.io
SecurityTrails logo

down2.sbs Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://win2.sbs/1/3/?cid=&uid=
Effective URL: https://down2.sbs/1?cid=&uid=&uid=&lp=4143
Submission: On April 26 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in and belongs to . The main domain is down2.sbs.
TLS certificate: Issued by E1 on April 12th 2024. Valid for: 3 months.
This is the only time down2.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 188.114.96.3 13335 (CLOUDFLAR...)
3 178.63.248.57 24940 (HETZNER-AS)
2 157.90.33.68 24940 (HETZNER-AS)
1 2 2a06:98c1:312... ()
13 5
Apex Domain
Subdomains		 Transfer
6 win2.sbs
win2.sbs
39 KB
3 push-sdk.net
push-sdk.net — Cisco Umbrella Rank: 92242
16 KB
2 down2.sbs
down2.sbs
2 KB
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 51021
703 B
0 dkk9.com Failed
free.dkk9.com Failed
13 5
Domain Requested by
6 win2.sbs win2.sbs
3 push-sdk.net win2.sbs
push-sdk.net
2 down2.sbs 1 redirects win2.sbs
2 uidsync.net push-sdk.net
0 free.dkk9.com Failed down2.sbs
13 5

This site contains no links.

Subject Issuer Validity Valid
win2.sbs
E1		 2024-04-12 -
2024-07-11		 3 months crt.sh
push-sdk.net
R3		 2024-04-14 -
2024-07-13		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh
down2.sbs
E1		 2024-04-12 -
2024-07-11		 3 months crt.sh

This page contains 1 frames:

Frame: https://free.dkk9.com/?utm_medium=acefe9c9bf746095d27a942a1207a354b34b8472&utm_campaign=quanju&cid=&uid=&1=4143&np=2&2=
Frame ID: 7F582A93AE6BDCD8FAF0453060C9CB0A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://win2.sbs/1/3/?cid=&uid= HTTP 307
    https://win2.sbs/1/3/?cid=&uid= Page URL
  2. https://down2.sbs/1.html?cid=&uid=&uid=&lp=4143 HTTP 308
    https://down2.sbs/1?cid=&uid=&uid=&lp=4143 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

57 kB
Transfer

166 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win2.sbs/1/3/?cid=&uid= HTTP 307
    https://win2.sbs/1/3/?cid=&uid= Page URL
  2. https://down2.sbs/1.html?cid=&uid=&uid=&lp=4143 HTTP 308
    https://down2.sbs/1?cid=&uid=&uid=&lp=4143 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://win2.sbs/1/3/?cid=&uid= HTTP 307
  • https://win2.sbs/1/3/?cid=&uid=

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
win2.sbs/1/3/
Redirect Chain
  • http://win2.sbs/1/3/?cid=&uid=
  • https://win2.sbs/1/3/?cid=&uid=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win2.sbs/1/3/?cid=&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67b866139145a50cb86b877c40cc76f8c47de1806e8c145ca7a8fc63bf41fdf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87a9a2a21adc0b6e-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 26 Apr 2024 21:23:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYz99%2BHDyEfcGdfz3TTao%2Bk%2FRqpIoCvIMx7NM09qaN19rfmn0KIjQC5dD%2FAljme8qmDrPpoHKa%2FN4AHt2nKbfT2hi4ZA%2BEYuVW9IXuQ3nRfBXTtsvjqdn2IMSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Location
https://win2.sbs/1/3/?cid=&uid=
Non-Authoritative-Reason
HttpsUpgrades
style.css
win2.sbs/1/3/css/ 		358 B
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2.sbs/1/3/css/style.css
Requested by
Host: win2.sbs
URL: https://win2.sbs/1/3/?cid=&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30a11d144673eace27aba7fa428c5b2290f7ce79ae1fb3ffb0b32d5170914647
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win2.sbs/1/3/?cid=&uid=
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 21:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2791
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0901d34c898b49363d45f608c75619cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YbqqXygOWpNA6YMdK0bzQfZjQG%2BeiXojcMbP9KTynjPSYZHVt1V9cojcGbLOwu5QnfbobZQ0jO9LfAnCii3T2NkWcSypTRFaRn5il5G3CC6zZrvk7l%2Ff5J8eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87a9a2a51da50b6e-AMS
jquery.min.js
win2.sbs/1/3/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2.sbs/1/3/jquery.min.js
Requested by
Host: win2.sbs
URL: https://win2.sbs/1/3/?cid=&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win2.sbs/1/3/?cid=&uid=
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 21:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2791
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"464aac024ec34a118ea2664f7bf1c13b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XE6ZBFdBl9RNdccefzck1YmtWmS3F3ocq71%2FnF3KvyS0CjLlvHCMZ93tP7hmRvU79aHTw6MxFXmqUb%2Bug1fVylZJU053XbbSjrgKIFxOvhUEugTK24AsgHAaaVEy2rV03RA1Alm1Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87a9a2a51da70b6e-AMS
translates.js
win2.sbs/1/3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2.sbs/1/3/translates.js
Requested by
Host: win2.sbs
URL: https://win2.sbs/1/3/?cid=&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a61fb4f4b859f8a5d7df24a20c6d55ed24eb43f0f625e13289144cf333c90d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win2.sbs/1/3/?cid=&uid=
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 21:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2791
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"bbc1a78e10291b7a709f70fd036fc614"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCt%2BqruXjQfFzqsYOA%2B6Mg%2Bgplgy8B1%2FJkm3WTJ9pYOWs2iA4a5Sfq0jdn1bScnc7w9uEMM1dXBCVjE83mBsxjy9zx6nQHmNY6127%2BeujXmxZQO4s9G%2BXs%2FAyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87a9a2a51da80b6e-AMS
script.js
win2.sbs/1/3/ 		914 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win2.sbs/1/3/script.js
Requested by
Host: win2.sbs
URL: https://win2.sbs/1/3/?cid=&uid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ea22b6fa07bf5677e0aa2b78cacf1ac604da4686936817d7bada07e4c035ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win2.sbs/1/3/?cid=&uid=
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 21:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2791
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7bcfe25884c6e7b045fe01ac72fc7997"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZZKrZmKqtiU%2FubjT4sqyqAeLwBbNaQxo4eF0rUECE4CjEH9l61imJPSElQez0gOfKijgF0vXVifIzIcH1E%2FxHKZEplpZ%2FPBHm%2BvLDNNz4hqban3R8Rs5OA535eUBmQA8quYjXBkFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87a9a2a51daa0b6e-AMS
sdk.js
push-sdk.net/f/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push-sdk.net/f/sdk.js?z=1196578
Requested by
Host: win2.sbs
URL: https://win2.sbs/1/3/?cid=&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win2.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 21:23:41 GMT
content-encoding
gzip
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
server
Angie
content-length
14884
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
event
push-sdk.net/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://push-sdk.net/event?z=1196578
Requested by
Host: push-sdk.net
URL: https://push-sdk.net/f/sdk.js?z=1196578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://win2.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Apr 2024 21:23:41 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://win2.sbs
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
favicon.ico
win2.sbs/ 		0
433 B 		Other
General
Check archive.org
Download Go to
Full URL
https://win2.sbs/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win2.sbs/1/3/?cid=&uid=
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 21:23:41 GMT
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZ%2BG7G9XfukxsrMkcU30a5EjD%2FQcI0sdjJWuIF9z5hf85LG%2F1Cto9N4j4cpBjv706m6Qw3TAMHHmLmS3PY33nz3qG81oLdpAromrnqw%2FdhntulQFaIB2I0wP3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
87a9a2a62e5d0b6e-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
sync
uidsync.net/ 		62 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=NQ9msYH5RUuye2qL43Cp9b
Requested by
Host: push-sdk.net
URL: https://push-sdk.net/f/sdk.js?z=1196578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
Angie /
Resource Hash
42cc7ce06b2b1bdf4cfd85c709d749f50c28e2079db92faff821bdd24e01701a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://win2.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 26 Apr 2024 21:23:41 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2.sbs
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
62
expires
Tue, 11 Jan 1994 00:00:00 GMT
sync
uidsync.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=NQ9msYH5RUuye2qL43Cp9b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
Angie /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://win2.sbs
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://win2.sbs
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Fri, 26 Apr 2024 21:23:41 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
Angie
event
push-sdk.net/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://push-sdk.net/event?z=1196578
Requested by
Host: push-sdk.net
URL: https://push-sdk.net/f/sdk.js?z=1196578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://win2.sbs/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Apr 2024 21:23:43 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://win2.sbs
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
Primary Request 1
down2.sbs/
Redirect Chain
  • https://down2.sbs/1.html?cid=&uid=&uid=&lp=4143
  • https://down2.sbs/1?cid=&uid=&uid=&lp=4143
17 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://down2.sbs/1?cid=&uid=&uid=&lp=4143
Requested by
Host: win2.sbs
URL: https://win2.sbs/1/3/?cid=&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://win2.sbs/1/3/?cid=&uid=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87a9a2c08f6e775e-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 26 Apr 2024 21:23:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbDaZ99%2BtjZ8QapzuvFtYmCAgZhGNhtNni0x4UIprTNG8YlHxNlUWQKaBGZFgvXm5CgWxnKLwWzFqB9fMcLdBxk6QHk1D35yQ%2BerEXW25QMDBae5BT%2B2ZusyyOF7I1JFkdUIQgR2o7g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87a9a2c03eef775e-AMS
content-length
0
date
Fri, 26 Apr 2024 21:23:45 GMT
location
/1?cid=&uid=&uid=&lp=4143
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMh38I90utlR8sz%2BzYg7sr3q0PBYVlGduCBaZIdOUr6PLyk%2B2i7lm%2FurutHO0f%2BS%2BFiHl84AhrTlsdnRCdMpHezyZbKDUFI7HTbe4RUiutEc03PDw5%2FsBDPTQjxeEjmdU3iFxHnYxME%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
free.dkk9.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
free.dkk9.com
URL
https://free.dkk9.com/?utm_medium=acefe9c9bf746095d27a942a1207a354b34b8472&utm_campaign=quanju&cid=&uid=&1=4143&np=2&2=

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
uidsync.net/ Name: rauid
Value: NQ9msYH5RUuye2qL43Cp9b

2 Console Messages

Source Level URL
Text
network error URL: https://win2.sbs/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://win2.sbs/1/3/?cid=&uid=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff