opdomains12.space Open in urlscan Pro
2606:4700:3037::6815:401d  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request click.php Show response opdomains12.space/	26 KB 9 KB	318ms 190ms	Document text/html	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06e42cf99fa93d66ae0b7a2839e54acb1515dd4f050724fd8bdbd469014fe2d7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e4a62021ab64402-EWR content-encoding zstd content-type text/html; charset=utf-8 date Mon, 18 Nov 2024 19:31:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpv5ac8g9aF3u9pe2p3%2B4%2BDUMeqqVDSigBTutIU8mBvkPQ18a9j8AM7d6rIbGujPZhprwCtr%2Ba0YlOb5gxAM0Tf1NxCi8blUhpEHR4ytG0nNh9J%2B7shdwWUxNCiyIRfjVpyH6khJeQDJIdIRUgm5hw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=13325&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4043&recv_bytes=2450&delivery_rate=444541&cwnd=255&unsent_bytes=0&cid=b553a6ef46d60049&ts=237&x=0"
GET H2	200	amazon.css opdomains12.space/landers/survey_gh/css/	5 KB 2 KB	463ms 460ms	Stylesheet text/css	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://opdomains12.space/landers/survey_gh/css/amazon.css Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd215ae852fb9c9f26efa4a5bc42997f1950e4792b90c016d4ce3928a7d41fbe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"6674850c-13d0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfx0UqkWbpuxfnulGl2D38jZ2hYQivjvQ96KHEZcWS%2BdYnMoK3Pm5eneFHEQ2WKESqr4TQit%2BsamqzE0p1%2FiuW%2FskzQCY%2Fr4FvlESb4UPS2xEQUhLY7gZ9Sseadeqr06jt9fA5XblXykuAzXqCeHvA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a62035c904402-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=11951&sent=20&recv=14&lost=0&retrans=0&sent_bytes=13233&recv_bytes=3242&delivery_rate=1462680&cwnd=255&unsent_bytes=0&cid=b553a6ef46d60049&ts=465&x=0" date Mon, 18 Nov 2024 19:31:48 GMT content-type text/css last-modified Thu, 20 Jun 2024 19:37:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	ps.js Show response zgtxl.nxt-psh.com/ps/	35 KB 14 KB	553ms 369ms	Script application/javascript	104.21.20.211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zgtxl.nxt-psh.com/ps/ps.js?id=VU13UYtRgUmlx9Xkgpa4mQ Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.20.211 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 151e3fb9f944e9b37c88dc50c56a6ca814cddb521b2cec8015273fcf8d0b40e9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/ Response headers cache-control max-age=0, no-cache, no-store, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status BYPASS accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucXQQFibeY8l%2FVqycHoML5ZSQdngAlZCVdzzWQp1LC9pN18IjZ43vwbMLk7X5PK6%2Foq23UPQiGWAMQUVYdgP6Or61Hjg1%2B9pf8uIy8Lgwilv4zxPokNfTNecaXTYHVdqIDkXLw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a62047bfa558f-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=116957&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4225&recv_bytes=4280&delivery_rate=28962&cwnd=12000&unsent_bytes=0&cid=4c2f149a86024017&ts=235&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 18 Nov 2024 19:31:48 GMT content-type application/javascript vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H2	200	spin3.png opdomains12.space/landers/survey_gh/images/	76 KB 76 KB	746ms 745ms	Image image/png	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://opdomains12.space/landers/survey_gh/images/spin3.png Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e77052e67337635d6b739de9dbc883e1cd2c44b781de1b5ee9a7fb51eec81d98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6674850c-12f4a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FTds2TxCm%2Bi6OOTmEI97i247rngtvBAizSWfXVzAxFO8tXcmtFazVvoXu7RshK%2BGk4IckxUg%2F1qzfHApY0jvS%2BmRsOVOu7kHpwajfs7DiPklrFM0fSDmF%2FidGlfVo%2FuS6C%2FdbaMdtQy95MyiIixTA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a62035c924402-EWR accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=10030&sent=94&recv=23&lost=0&retrans=0&sent_bytes=92567&recv_bytes=3242&delivery_rate=2310960&cwnd=255&unsent_bytes=0&cid=b553a6ef46d60049&ts=635&x=0" content-length 77642 date Mon, 18 Nov 2024 19:31:48 GMT content-type image/png last-modified Thu, 20 Jun 2024 19:37:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	ip7.png opdomains12.space/landers/survey_gh/images/	56 KB 57 KB	599ms 598ms	Image image/png	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://opdomains12.space/landers/survey_gh/images/ip7.png Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 859515bd032db0ca5e82784387c320814718a5f69132ba8b536ceabeaf0eecbf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6674850c-e115" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GqOkJYm%2FPQHUZi8apPxXl2O9lrmj9KhCtTvG9JuyYQ3Pzl4n7%2BR3QK2UN6N%2BoCKGTq7iVhMEwH573oZ5mZubTaYza9mdrMR2MZ%2BiebWsMZw3Ffis23kaxO6AAKSbvMQpYcofNmA9HeA5PUg%2FEQIemQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a62035c944402-EWR accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=10030&sent=44&recv=23&lost=0&retrans=0&sent_bytes=33957&recv_bytes=3242&delivery_rate=2310960&cwnd=255&unsent_bytes=0&cid=b553a6ef46d60049&ts=633&x=0" content-length 57621 date Mon, 18 Nov 2024 19:31:48 GMT content-type image/png last-modified Thu, 20 Jun 2024 19:37:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	gift.gif opdomains12.space/landers/survey_gh/images/	15 KB 16 KB	543ms 542ms	Image image/gif	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://opdomains12.space/landers/survey_gh/images/gift.gif Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4f1d8867d03d437694f1cac0c9df3a7f5006fb8df474023bfa1d78f88843ce8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6674850c-3cf6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbQls0VyAxfVYcaiYqAmFA1%2F2Eh4Df2qZRtttANLaTMqznyRI%2FZi477gxe%2F40DOPgFzI%2FB%2FkMBuu87bMTtz5EEciSEnOEh2%2B5FDG1tXVwh1UOdSufeMclHTovg60bj%2FAUqVcLzK7TVq1T8e5X9rM8Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a6203acf04402-EWR accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=11060&sent=28&recv=17&lost=0&retrans=0&sent_bytes=17582&recv_bytes=3242&delivery_rate=1462680&cwnd=255&unsent_bytes=0&cid=b553a6ef46d60049&ts=605&x=0" content-length 15606 date Mon, 18 Nov 2024 19:31:48 GMT content-type image/gif last-modified Thu, 20 Jun 2024 19:37:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	refresh.png opdomains12.space/landers/survey_gh/images/	2 KB 2 KB	475ms 474ms	Image image/png	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://opdomains12.space/landers/survey_gh/images/refresh.png Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0947ebbd1659de62310b214d9752e9625147e43ac1c271d2a9bb68e881221ff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6674850c-664" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kus6f5GT4pc2ngtLZkw9EGALFVrQFuI5pzJcBGr54yYbbn%2FdWuiQGm1NpaGU%2FvRaUXp5583xxd9P7%2BBIMh5RkNay1iRtb39eeJVEflUxn%2BnC5TbopFZa8Hni61Wba8jeNHPRX4RF5aRlyiwzrOQgpw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a6203acf34402-EWR accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=11619&sent=24&recv=15&lost=0&retrans=0&sent_bytes=15407&recv_bytes=3242&delivery_rate=1462680&cwnd=255&unsent_bytes=0&cid=b553a6ef46d60049&ts=514&x=0" content-length 1636 date Mon, 18 Nov 2024 19:31:48 GMT content-type image/png last-modified Thu, 20 Jun 2024 19:37:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	jquery.min.js Show response opdomains12.space/landers/survey_gh/js/	94 KB 35 KB	774ms 773ms	Script application/javascript	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://opdomains12.space/landers/survey_gh/js/jquery.min.js Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"6674850c-1787d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrwZdqttZ94zCiAxGTIH7ojshWr8lse49yLA9EgQ2lI8hK5ySIbv5aKhwQRGdTn%2B9CJ7zRRxFfOpVJzyk4vQk3VWuPdREMtZUq78WC%2FbYYwmYYIK%2BIlNsRQypfV57Xf4qzk0gYZsh323pLKMaMJpGQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a6203bd014402-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=9286&sent=156&recv=48&lost=0&retrans=0&sent_bytes=171328&recv_bytes=3242&delivery_rate=13298411&cwnd=330&unsent_bytes=0&cid=b553a6ef46d60049&ts=683&x=0" date Mon, 18 Nov 2024 19:31:48 GMT content-type application/javascript last-modified Thu, 20 Jun 2024 19:37:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	config.js Show response nxt-psh.com/ps/	364 B 1 KB	169ms 154ms	Script application/javascript	104.21.20.211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nxt-psh.com/ps/config.js?id=VU13UYtRgUmlx9Xkgpa4mQ Requested by Host: zgtxl.nxt-psh.com URL: https://zgtxl.nxt-psh.com/ps/ps.js?id=VU13UYtRgUmlx9Xkgpa4mQ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.20.211 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/ Response headers cache-control max-age=0, no-cache, no-store, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status BYPASS accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReTEoANe0znNJ4Dg%2BGLtN6GiCtw%2BRHmswZPpioZ7FwXVonMHkmnYn8ycV%2Fx11wDgU0PBGFmKZqoFZuW6FPagkgGcGKpoHfFksIpZv6cxeVMxMHSoyQcUYLiwUpkhig%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a6207cf70558f-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=183523&sent=27&recv=17&lost=0&retrans=0&sent_bytes=19102&recv_bytes=4960&delivery_rate=33878&cwnd=14400&unsent_bytes=0&cid=4c2f149a86024017&ts=760&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 18 Nov 2024 19:31:49 GMT content-type application/javascript vary Accept-Encoding server cloudflare priority u=3,i=?0
GET H3	404	spin_prize2.png opdomains12.space/landers/survey_gh/	555 B 555 B	219ms 218ms	Image text/html	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://opdomains12.space/landers/survey_gh/spin_prize2.png Requested by Host: opdomains12.space URL: https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81a99bb0a361ce314fc22bc85ae7cf060db01ba71b82c5c135fc32548e81954e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAPC3IP4Bl0c5XKAytJBjWFppemYpd%2BCWCtASiFBRZECGz3cmfvqH%2FdOntkq9D8yPwX3FDNMvxVwJvx1uWu38kR3Il7ep0c66rriZvSvFT1%2BDntzK9fiXHWyEXoJFwT1wGaZqg3a1MttP0%2FoUWhgHg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a6207b8ec4269-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=192377&sent=13&recv=12&lost=0&retrans=2&sent_bytes=4735&recv_bytes=4684&delivery_rate=59&cwnd=12000&unsent_bytes=0&cid=efd59fa467a1c21c&ts=855&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 18 Nov 2024 19:31:49 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=3,i
GET H3	200	firebase-app-compat.js Show response www.gstatic.com/firebasejs/10.3.1/	28 KB 9 KB	102ms 25ms	Script text/javascript	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js Requested by Host: zgtxl.nxt-psh.com URL: https://zgtxl.nxt-psh.com/ps/ps.js?id=VU13UYtRgUmlx9Xkgpa4mQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/ Response headers content-encoding gzip age 283227 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sat, 15 Nov 2025 12:51:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 12:51:22 GMT last-modified Thu, 31 Aug 2023 15:20:38 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 9308 x-xss-protection 0 server sffe
GET H3	200	firebase-messaging-compat.js Show response www.gstatic.com/firebasejs/10.3.1/	37 KB 10 KB	38ms 37ms	Script text/javascript	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js Requested by Host: zgtxl.nxt-psh.com URL: https://zgtxl.nxt-psh.com/ps/ps.js?id=VU13UYtRgUmlx9Xkgpa4mQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/ Response headers content-encoding gzip age 237854 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sun, 16 Nov 2025 01:27:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 16 Nov 2024 01:27:35 GMT last-modified Thu, 31 Aug 2023 15:20:50 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 9934 x-xss-protection 0 server sffe
GET H3	404	favicon.ico opdomains12.space/	555 B 807 B	42ms 42ms	Other text/html	2606:4700:3037::6815:401d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://opdomains12.space/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:401d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81a99bb0a361ce314fc22bc85ae7cf060db01ba71b82c5c135fc32548e81954e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://opdomains12.space/click.php?key=oqh2ka9qslhqfpf898et&visitor_id=882440552417595392&cost=0.000000&zoneid=4883601&campaignid=8821719&bannerid=22460537&user_activity=low&zone_type=%7Bzone_type%7D Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT age 39 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Yz7w3CdUcIfHEz8MU%2Bd%2Be9G1Olg5%2BQ1PbIbYWmip5MfHmahooCQPAySLvL3PNdglLHqGFJy1My6rla8PKXDVp5ofaQzmbsRAvUFJedPhOmOoVEQ9qtzvfYszEyk%2BMw5pOTOeg3lWc3glUDnqG4wIw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4a6209ec7d4269-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=171022&sent=19&recv=15&lost=0&retrans=2&sent_bytes=7420&recv_bytes=5791&delivery_rate=41089&cwnd=12000&unsent_bytes=0&cid=efd59fa467a1c21c&ts=1027&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 18 Nov 2024 19:31:49 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| a0_0x5612 function| startTimer function| $ function| jQuery function| hidemodal01 function| showmodal01 function| hidemodal02 function| setButtonHeight function| spin object| month object| mydate number| year number| day number| weekday number| count number| conMid object| con object| whCon object| dWheel object| button object| device object| first object| second function| autospin1 function| autospin2 function| countdown object| config object| firebase

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			opdomains12.space/	1970-01-21 01:07:24	Name: uclick Value: uqh9uqft
			opdomains12.space/	1970-01-21 01:07:24	Name: uclickhash Value: uqh9uqft-uqh9uqft-qeuq-0-qej6-2t7vwj-2t7vvr-cf6126
			zgtxl.nxt-psh.com/	1970-01-21 10:41:58	Name: __psu Value: 13183bef-49be-4b33-bcde-d4b0fd232ea9
			nxt-psh.com/	1970-01-21 10:41:58	Name: __psu Value: 18f0cb4f-4ddd-41bc-9a05-a59b527c12ac

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://opdomains12.space/landers/survey_gh/spin_prize2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://opdomains12.space/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nxt-psh.com
opdomains12.space
www.gstatic.com
zgtxl.nxt-psh.com
104.21.20.211
2606:4700:3037::6815:401d
2607:f8b0:4006:820::2003
06e42cf99fa93d66ae0b7a2839e54acb1515dd4f050724fd8bdbd469014fe2d7
151e3fb9f944e9b37c88dc50c56a6ca814cddb521b2cec8015273fcf8d0b40e9
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
81a99bb0a361ce314fc22bc85ae7cf060db01ba71b82c5c135fc32548e81954e
859515bd032db0ca5e82784387c320814718a5f69132ba8b536ceabeaf0eecbf
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047
b0947ebbd1659de62310b214d9752e9625147e43ac1c271d2a9bb68e881221ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bd215ae852fb9c9f26efa4a5bc42997f1950e4792b90c016d4ce3928a7d41fbe
c4f1d8867d03d437694f1cac0c9df3a7f5006fb8df474023bfa1d78f88843ce8
e77052e67337635d6b739de9dbc883e1cd2c44b781de1b5ee9a7fb51eec81d98