ndqloads.com Open in urlscan Pro
172.67.172.200  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request dCMSWJE2ocPa.php Show response ndqloads.com/	3 KB 2 KB	1072ms 771ms	Document text/html	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ndqloads.com/dCMSWJE2ocPa.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e10153832343ac970445a6579bbc3b396a5feb0dc82ac521faf4e739a47d3c9a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 764dc97bfe0e54f7-SYD content-encoding br content-type text/html;charset=UTF-8 date Fri, 04 Nov 2022 13:44:55 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVr%2BgHQGjba2QuZ3K96AeZvXjOAyhCnUm0w6m5QvNMqo21pa7j6Uqn%2Bke2MNXdU3mFmL4JjqyvveObFWQSNt5J%2FsNlqovi8UGEL0PZES8jDfa3FgqQxn43Rn2Zrw0pw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	now.php Show response ndqloads.com/	286 B 447 B	423ms 422ms	Script text/html	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ndqloads.com/now.php?id=71853637 Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d0f4ddad036a68ac458465bc4a6df09321bf705fbad67b09998653c3eeea1dc Request headers accept-language en-NZ,en;q=0.9 Referer https://ndqloads.com/dCMSWJE2ocPa.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 13:44:55 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZWYmGK1nFuYk2kiBfhpRzcBRxpix2npFYC74lp7T3W6aethF1W0o2hM24S9mhZO5qNwXL9nkt40Oq2g7t%2Bb78TjYZaPYnrUqGFPB6eaMJzU92lWmdQCFNeiK7sssD8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 764dc980cfff54f7-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	feature1.svg ndqloads.com/	7 KB 2 KB	150ms 150ms	Image image/svg+xml	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ndqloads.com/feature1.svg Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7018174ddd22cb041c77f11c9c40ab71e68e72b7802fcac0be54c29a07e9284a Request headers accept-language en-NZ,en;q=0.9 Referer https://ndqloads.com/dCMSWJE2ocPa.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 13:44:55 GMT content-encoding br cf-cache-status HIT last-modified Sat, 04 Jun 2022 11:14:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 92740 etag W/"629b3e7c-1cff" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFiNzMtW%2BkUYnmYjOXrlC3dxNrfVAqkaHlPgMLVOQESmai%2B0yCKoyY0eihaR5L3uVWzJfcjgoWONfKB1XPEyXOu5nBORsHN68qo7lJgoWBH7ShLthDnsHvLl9FU2GuU%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=315360000 cf-ray 764dc980c80054f7-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	File.png ndqloads.com/	4 KB 4 KB	153ms 152ms	Image image/png	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ndqloads.com/File.png Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0225aba294c0324fc7963ab7478c48c67dc8479a219283fddfad9a6e84a98d59 Request headers accept-language en-NZ,en;q=0.9 Referer https://ndqloads.com/dCMSWJE2ocPa.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 13:44:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 92740 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4001 last-modified Fri, 03 Jun 2022 13:49:33 GMT server cloudflare etag "629a116d-fa1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLRMwbinlvm%2B3kuLN2aTwMvfFCb0zmmNR9KbhdeEY9MpjoZ81ZVHlePrqrdSguuW8Tdn6yeA5AInXEq0K4j6G%2Fzz9Mqjgk%2FtGUPK%2B0JRBxJB5aoqlgUZbamKchVJ0Xw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 764dc980e80954f7-SYD expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	img.php ndqloads.com/	43 B 316 B	710ms 709ms	Image image/gif	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ndqloads.com/img.php?id=2&sub=2bccsua1a4iv Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-NZ,en;q=0.9 Referer https://ndqloads.com/dCMSWJE2ocPa.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 13:44:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zkwRO0bwq1Mxwbe1J0%2Flyj2aIn%2F5qC73fxE%2BDExaWrpXzoJu39mmESYoahhe99pvxWUBylf1BFxTetV6cJT8PweD2dl9ITk76ELkLEUx4Cjk6E3%2BxB9UjisbVtVIK4%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 764dc980e80c54f7-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43
GET H3	200	img_new.php ndqloads.com/	43 B 475 B	703ms 703ms	Image image/gif	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ndqloads.com/img_new.php?id=2&sub=2bccsua1a4iv&url=0.0.0.0 Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-NZ,en;q=0.9 Referer https://ndqloads.com/dCMSWJE2ocPa.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 13:44:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jWirKvf0ov32Pkg6AVwKzyb4SRlf0C2dEfLKmcAHfWvfpY3DB883L9NTWEvTHrh7DZEJN9JyP9i3UoOypAGtp%2FEM9tkkW4DOLlhBS%2Ff22ANA3QJGltKwR4QN5C31bk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 764dc9850ef9a97a-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43
GET H2	200	376325.rar watertorens.nl/userfiles/	0 0	2266ms 776ms	Document application/octet-stream	185.103.156.50 CLDIN-NL TWS
General Check archive.org Show headers Download Go to Full URL https://watertorens.nl/userfiles/376325.rar Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.103.156.50 , Netherlands, ASN48635 (CLDIN-NL TWS, NL), Reverse DNS c04.route80.eu Software CLB/No-Cache / Resource Hash Request headers Referer https://ndqloads.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers accept-ranges bytes age 0 content-length 9219694 content-type application/octet-stream date Fri, 04 Nov 2022 13:44:57 GMT etag "8cae6e-5eca148401af0" last-modified Fri, 04 Nov 2022 08:58:49 GMT server CLB/No-Cache x-cache yes x-clb-cache No x-clb-hits 0
GET		0.35179844796230864.jpg 0.27935881407114893.uxz9dx6b1i5ytiosibgulr4nvk7k.com/	0 0
GET		0.15096649386617367.jpg 0.7512770732151266.uxz9dx6b1i5ytiosibgulr4nvk7k.com/	0 0
GET		0.06498134638238096.jpg 0.23731742529828637.uxz9dx6b1i5ytiosibgulr4nvk7k.com/	0 0
GET		0.3686808522457399.jpg 0.4190098378574525.uxz9dx6b1i5ytiosibgulr4nvk7k.com/	0 0
GET H3	200	File.png ndqloads.com/	4 KB 4 KB	151ms 150ms	Image image/png	172.67.172.200 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ndqloads.com/File.png Requested by Host: ndqloads.com URL: https://ndqloads.com/dCMSWJE2ocPa.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.200 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0225aba294c0324fc7963ab7478c48c67dc8479a219283fddfad9a6e84a98d59 Request headers accept-language en-NZ,en;q=0.9 Referer https://ndqloads.com/dCMSWJE2ocPa.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 04 Nov 2022 13:44:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 540654 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4001 last-modified Fri, 03 Jun 2022 13:49:33 GMT server cloudflare etag "629a116d-fa1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNGFSS8P4imXZRcKKtX3mZKIORcQQM9Q07fC%2FkffOhT%2BtiKN8IDvbYO4EeaVq%2BwsOVae5T3u2wLnq0u%2Fhl9xGmYPStBzP4s2oH4fAWm77YZ7yfMQlQTGfHL9u9utEnM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 764dc9982c53a97a-SYD expires Thu, 31 Dec 2037 23:55:55 GMT
GET		0.4855417939625184.jpg 0.8939431691479447.uxz9dx6b1i5ytiosibgulr4nvk7k.com/	0 0
GET		0.5395567634638294.jpg 0.8470547498688672.uxz9dx6b1i5ytiosibgulr4nvk7k.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

0.27935881407114893.uxz9dx6b1i5ytiosibgulr4nvk7k.com

URL

https://0.27935881407114893.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.35179844796230864.jpg

Domain

0.7512770732151266.uxz9dx6b1i5ytiosibgulr4nvk7k.com

URL

https://0.7512770732151266.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.15096649386617367.jpg

Domain

0.23731742529828637.uxz9dx6b1i5ytiosibgulr4nvk7k.com

URL

https://0.23731742529828637.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.06498134638238096.jpg

Domain

0.4190098378574525.uxz9dx6b1i5ytiosibgulr4nvk7k.com

URL

https://0.4190098378574525.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.3686808522457399.jpg

Domain

0.8939431691479447.uxz9dx6b1i5ytiosibgulr4nvk7k.com

URL

https://0.8939431691479447.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.4855417939625184.jpg

Domain

0.8470547498688672.uxz9dx6b1i5ytiosibgulr4nvk7k.com

URL

https://0.8470547498688672.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.5395567634638294.jpg

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| intervalID function| myCallback function| changeimageW function| findIP function| addIP function| checkSize function| changeimage function| myFunction

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ndqloads.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: rkscaocuh0rpmeqrpv8uo2d2n3
			.ndqloads.com/	1970-01-20 07:14:15	Name: _subid Value: 2bccsua1a4iv
			.ndqloads.com/	1970-01-20 07:14:15	Name: ae568 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNjY3NTY5NDk0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjY3NTY5NDk0fSxcInRpbWVcIjoxNjY3NTY5NDk0fSJ9.ccp_2z_tujBNeACRcaOJcpIzcGFbR8X0R_vsAYnNlTI

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://0.27935881407114893.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.35179844796230864.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://0.7512770732151266.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.15096649386617367.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://0.23731742529828637.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.06498134638238096.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://0.4190098378574525.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.3686808522457399.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://0.8939431691479447.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.4855417939625184.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://0.8470547498688672.uxz9dx6b1i5ytiosibgulr4nvk7k.com/0.5395567634638294.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.23731742529828637.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.27935881407114893.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.4190098378574525.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.7512770732151266.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.8470547498688672.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.8939431691479447.uxz9dx6b1i5ytiosibgulr4nvk7k.com
ndqloads.com
watertorens.nl
0.23731742529828637.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.27935881407114893.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.4190098378574525.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.7512770732151266.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.8470547498688672.uxz9dx6b1i5ytiosibgulr4nvk7k.com
0.8939431691479447.uxz9dx6b1i5ytiosibgulr4nvk7k.com
172.67.172.200
185.103.156.50
0225aba294c0324fc7963ab7478c48c67dc8479a219283fddfad9a6e84a98d59
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
4d0f4ddad036a68ac458465bc4a6df09321bf705fbad67b09998653c3eeea1dc
7018174ddd22cb041c77f11c9c40ab71e68e72b7802fcac0be54c29a07e9284a
e10153832343ac970445a6579bbc3b396a5feb0dc82ac521faf4e739a47d3c9a