urlscan.io logo urlscan.io
SecurityTrails logo

onyu.xyz Open in urlscan Pro
2a02:4780:2b:1666:0:7dd:4856:9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.onyu.xyz/
Effective URL: https://onyu.xyz/
Submission: On September 07 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2a02:4780:2b:1666:0:7dd:4856:9, located in Boston, United States and belongs to AS-HOSTINGER, CY. The main domain is onyu.xyz.
TLS certificate: Issued by WR1 on August 17th 2024. Valid for: 3 months.
This is the only time onyu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2a02:4780:2b:1666:0:7dd:4856:9 (Boston, United States)

ASN47583 (AS-HOSTINGER, CY)
www.onyu.xyz
onyu.xyz
7    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4986deeaac9476d9721f855730baecc4.safeframe.googlesyndication.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4028:809::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
9 onyu.xyz
www.onyu.xyz
onyu.xyz
96 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
4986deeaac9476d9721f855730baecc4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
46 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
180 KB
1 gstatic.com
csi.gstatic.com
234 B
21 4
Domain Requested by
8 onyu.xyz onyu.xyz
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net onyu.xyz
securepubads.g.doubleclick.net
1 csi.gstatic.com pagead2.googlesyndication.com
1 4986deeaac9476d9721f855730baecc4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.onyu.xyz 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
wpastra.com
Subject Issuer Validity Valid
onyu.xyz
WR1		 2024-08-17 -
2024-11-15		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://onyu.xyz/
Frame ID: C45893D22E90624E3881297F8AE7B1C7
Requests: 18 HTTP requests in this frame

Frame: https://4986deeaac9476d9721f855730baecc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C284E570BD6A123CB842649EB602C35D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 288C6F23F472FD98620BF0A7600D3BFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

onyu.xyz

Page URL History Show full URLs

  1. https://www.onyu.xyz/ HTTP 301
    https://onyu.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

21
Requests

90 %
HTTPS

80 %
IPv6

4
Domains

7
Subdomains

6
IPs

3
Countries

322 kB
Transfer

1237 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.onyu.xyz/ HTTP 301
    https://onyu.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onyu.xyz/
Redirect Chain
  • https://www.onyu.xyz/
  • https://onyu.xyz/
206 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.28
Resource Hash
ef4b94adf95b725c9e8e7f9b8fb0123166b9767acff6905a1dfd21e702f00a6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
65126
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 07 Sep 2024 11:26:14 GMT
etag
"35600-1725696924;br"
link
<https://onyu.xyz/wp-json/>; rel="https://api.w.org/"
panel
hpanel
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/8.1.28

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 07 Sep 2024 11:26:13 GMT
location
https://onyu.xyz/
panel
hpanel
platform
hostinger
server
LiteSpeed
x-litespeed-cache
miss
x-powered-by
PHP/8.1.28
x-redirect-by
WordPress
0e035960-7e93-4bd3-a2e8-6274d22b186e
https://onyu.xyz/ Frame 		0
0
main.min.css
onyu.xyz/wp-content/themes/astra/assets/css/minified/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.8.0
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
659d78e86e4eeaf329bc6ce7d9023a5df5212584288eeef25ddc03db94074a5a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:14 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 14:28:15 GMT
server
LiteSpeed
panel
hpanel
etag
"a883-66cf33ff-fe58972ae97f7fac;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8029
expires
Sat, 14 Sep 2024 11:26:14 GMT
style.min.css
onyu.xyz/wp-includes/css/dist/block-library/ 		110 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 10:36:36 GMT
server
LiteSpeed
panel
hpanel
etag
"1b723-66cefdb4-c7d351690a6525bf;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
13654
expires
Sat, 14 Sep 2024 11:26:17 GMT
main.min.css
onyu.xyz/wp-content/themes/astra/assets/css/minified/ 		42 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.8.0
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
659d78e86e4eeaf329bc6ce7d9023a5df5212584288eeef25ddc03db94074a5a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:14 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 14:28:15 GMT
server
LiteSpeed
panel
hpanel
etag
"a883-66cf33ff-fe58972ae97f7fac;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8029
expires
Sat, 14 Sep 2024 11:26:14 GMT
style.min.css
onyu.xyz/wp-includes/css/dist/block-library/ 		110 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 10:36:36 GMT
server
LiteSpeed
panel
hpanel
etag
"1b723-66cefdb4-c7d351690a6525bf;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
13654
expires
Sat, 14 Sep 2024 11:26:17 GMT
frontend.min.js
onyu.xyz/wp-content/themes/astra/assets/js/minified/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.8.0
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fa7d107ff526497197857d49dfe2b6a84d99c97e56facc7b57bef4776d4c4ca2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:17 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 14:28:16 GMT
server
LiteSpeed
panel
hpanel
etag
"5b1a-66cf3400-5b8de4147dfbedfa;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5127
expires
Sat, 14 Sep 2024 11:26:17 GMT
wp-emoji-release.min.js
onyu.xyz/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:18 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Aug 2024 10:36:36 GMT
server
LiteSpeed
panel
hpanel
etag
"4926-66cefdb4-10d828cdd6b3ce5;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4619
expires
Sat, 14 Sep 2024 11:26:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: onyu.xyz
URL: https://onyu.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b1413364d50c1a7628e85d45b21fef96e31851e1e705dbac55fe7df397df55c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32118
x-xss-protection
0
server
cafe
etag
90 / 19973 / m202409030101 / config-hash: 7506296934730633707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 07 Sep 2024 11:26:18 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/ 		478 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f2a185b5ed798dbd038a1fcdcf7fb5b4e4efdaf824d2a5c859e52d040ec2e7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
1317
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152409
x-xss-protection
0
server
cafe
etag
1821858228948995985
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 07 Sep 2025 11:04:21 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5ce626c3314b84713ac5502553fb78644e9f95d77f88e69896de74e2c52d4359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26069
x-xss-protection
0
server
cafe
etag
10172445676258979384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 07 Sep 2024 12:22:45 GMT
ads
pagead2.googlesyndication.com/gampad/ 		580 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1611725219832041&correlator=1474004734369703&eid=31084271%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202409030101&ptt=17&impl=fif&iu_parts=23200846546%2C750x300&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x300&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1725708378637&lmt=1725708378&adxs=425&adys=153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fonyu.xyz%2F&rumc=1611725219832041&rume=1&vis=1&psz=750x300&msz=750x300&fws=4&ohw=1600&td=1&egid=25767&tan=10c1e084-7313-4587-94c2-335809c71880&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725708374111&idt=4469&adks=672815987&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b2ca02fbc1de310f52f8932149a81243a8f0e1a2964a6c7f9d39a5423a774d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://onyu.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		510 B
241 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1611725219832041&correlator=1474004734369703&eid=31084271%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202409030101&ptt=17&impl=fif&iu_parts=23200846546%2C750x300&enc_prev_ius=%2F0%2F1&prev_iu_szs=750x300&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1725708378648&lmt=1725708378&adxs=220&adys=469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fonyu.xyz%2F&rumc=1611725219832041&rume=1&vis=1&psz=750x300&msz=750x300&fws=4&ohw=1600&td=1&egid=25767&tan=10c1e084-7313-4587-94c2-335809c71881&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725708374111&idt=4469&adks=1454789113&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ff8f6878b0fc315064676ba7b2c01049209867187ef39efc1d067b3fde9372d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://onyu.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4986deeaac9476d9721f855730baecc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C284 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4986deeaac9476d9721f855730baecc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Sep 2024 11:26:18 GMT
expires
Sat, 07 Sep 2024 11:26:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202409030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
56ee6f5b783f5726d208e32dfa3575029db2502df91d5c6109d836763999f274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13105
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=onyu.xyz&doc=complete&pg_h=2139&pg_w=1600&pg_hs=2139&c=2&aa_c=0&av_h=300&av_w=750&av_a=225000&s=16&all_s=16&b=1370&all_b=1370&d=0.281&all_d=0.281&ard=0.131&all_ard=0.131&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Sep 2024 11:26:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
onyu.xyz/ 		2 KB
1004 B 		Other
General
Check archive.org
Download Go to
Full URL
https://onyu.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1666:0:7dd:4856:9 Boston, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:18 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 11 Jan 2023 12:29:40 GMT
server
LiteSpeed
panel
hpanel
etag
"999-63beabb4-b0406865e4ab569b;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
platform
hostinger
content-length
912
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 11:26:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 288C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onyu.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
18542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Sep 2024 06:17:17 GMT
expires
Sun, 07 Sep 2025 06:17:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m0s27mzy&c=1611725219832041&e=31084271%2C31061691%2C31061692&ctx=1&met.9=1.4bb~2.4fy~9.0~9.0~3_1.4hv~3_2.4hv~7_1.0~7_2.0~4_2.4mm~5_2.4mo~4_1.4od~5_1.4oe&met.10=1_1.COjdDRDo3Q0YgJh1IMctKAE~1_2.COjdDRDo3Q0YgJh1IMctKAE&met.3=112.4ie_5~113.4nq_9&met.1=1.m0s27ihj~6.vw~7.vw~8.vw~9.vw~10.vw~12.wb~13.z6~14.14u~15.zs~16.409~17.409~18.40a~19.4ne~20.4ne~21.4np~22.453~23.453&qqid.2=CNvUnNfcsIgDFc6W_Qcd1lUqzw&qqid.1=CJKTndfcsIgDFUaP_QcdET4rug
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4028:809::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onyu.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Sep 2024 11:26:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onyu.xyz
URL
blob:https://onyu.xyz/0e035960-7e93-4bd3-a2e8-6274d22b186e
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202409030101&jk=1611725219832041&bg=!1Nel15jNAAY2Tt88Fk47ADQBe5WfOMiHdVuff-E4CorxWcm91bfTmlkJLwfizg87Rbzzg4dZktR_DWWGgFDBJ4IyLpZtAgAAADRSAAAAAmgBB34ANhdK0tOoroWFExrIL4wZPw_RjYt1_LwneQHk38iWw8hKV2RSPXq09uABDgeeboMuUnzcB_8OuZkCoNySAivwDXIjTFzDkPhcYdtgmJPgUATvbvYCrCt46vNP5nLUD2UIhV6RGJuIlOkRY5aAU3mXVIogKHf0Frgm344_RBjYGHYOMKJUHUZoj20WiU99Jt4gSw9ttiQ1cASdibTt_oCN3yHdFzYi22vXbErGPUWcXBrhRabmPg6XAPj8-lhZqV2tPOY_U2k4qaQCwMqtdiQyaUvYreMn_hFrercJxl24ZXlEoyVY3zOoCk7iaqSuT5vsHuZgIe3yyO3BJl-FUIe87t2RMAwpc-vq88YCjwlGxcmEKLtHIlFLg9_RuO6WxGdaYd01kxO_UpthapkhmkUKctdN8aS7yluyJXZ0ZQQXdrDs7H-5UAwoKERQlFd1iEAXYYbbbGtoNgINJDSkms2SSlQ1C1UKThwBa11TeD_b9RLCOwqVJmvGP_r-7sPK-wm9pUF6jNISch-F-3iKRKRPOZD3emMv63XucTYcDnBmc7MUpS48eX52pg91xsUBXU06MJB6T8-W51xr9eGbcPTdLYufq-OWgJVMPmi3UjOY2cddzR7qSGfE2l7JYL_FgNZSAQ8pZNcKyWpTyHpbfQDK481fIkGbu1RApZOHVNOpz1FIEVWNsZ18dBeRtPJdT9aWLJbfYJly4CQ1QcmquEdfSQ623wGU93F-hdc9F49W9GDiHi6AAqyqhl-jfBxSiVpM4nRkVKUs4kHfurUuTW4H_S-XSw--bkgNPVlMNPgMkaIs60wlpZfVRCztCq8P3uBdGovpKHDR3iJqN5ekCTkpwvNhBYkTgCMEtn1M4_q6nG4FojlAtcs2hsPYGu7Y4VVnyvgUbNhvCzQ-MDqeTuUY6RoK0HL92KZgYpdZtiSeK1wGg0AhjDlP797YNLRw-yXQ9scoQwH-ecR3dQ

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| m function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| da function| ia function| b64e function| b64d object| ai_front object| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| googletag object| twemoji object| wp object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing object| google_rum_config object| google_reactive_ads_global_state number| google_unique_id number| google_srt object| _google_rum_ns_ number| link number| len object| google_image_requests object| GoogleGcLKhOms function| arrive function| unbindArrive function| leave function| unbindLeave

1 Cookies

Domain/Path Name / Value
.onyu.xyz/ Name: __eoi
Value: ID=eaf0802003364406:T=1725708378:RT=1725708378:S=AA-AfjZesIqHXIK9jPjH1QsDyXNf

1 Console Messages

Source Level URL
Text
network error URL: https://onyu.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests