urlscan.io logo urlscan.io
SecurityTrails logo

geboy96.com Open in urlscan Pro
89.213.211.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://geboy96.com/Tele.html
Effective URL: https://geboy96.com/Tele.html
Submission Tags: @ecarlesi possiblethreat phishing opendir Search All
Submission: On January 02 via api from IT — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 13 HTTP transactions. The main IP is 89.213.211.222, located in United Kingdom and belongs to ArenHost Hadi Santosa, ID. The main domain is geboy96.com.
TLS certificate: Issued by R10 on January 2nd 2025. Valid for: 3 months.
This is the only time geboy96.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 89.213.211.222 214882 (ArenHost ...)
1 104.21.235.69 13335 (CLOUDFLAR...)
1 2001:67c:4e8:... 62041 (Telegram ...)
1 139.45.197.118 9002 (RETN-AS R...)
1 188.114.97.3 13335 (CLOUDFLAR...)
3 139.45.197.107 9002 (RETN-AS R...)
1 172.67.193.52 13335 (CLOUDFLAR...)
2 139.45.195.252 9002 (RETN-AS R...)
1 139.45.197.168 9002 (RETN-AS R...)
13 9
2    89.213.211.222 (United Kingdom)

ASN214882 (ArenHost Hadi Santosa, ID)
geboy96.com
1    104.21.235.69 (None, )

ASN13335 (CLOUDFLARENET, US)
iili.io
1    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (Telegram Telegram Messenger Inc, VG)
telegram.org
1    139.45.197.118 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
niphaumeenses.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
3    139.45.197.107 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
sticmulune.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
2    139.45.195.252 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
fleraprt.com
1    139.45.197.168 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
byzoruator.com
Apex Domain
Subdomains		 Transfer
3 sticmulune.com
sticmulune.com
6 KB
2 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 19931
900 B
2 geboy96.com
geboy96.com
10 KB
1 byzoruator.com
byzoruator.com — Cisco Umbrella Rank: 129023
3 KB
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 21154
9 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
958 B
1 niphaumeenses.net
niphaumeenses.net
39 KB
1 telegram.org
telegram.org — Cisco Umbrella Rank: 10608
22 KB
1 iili.io
iili.io — Cisco Umbrella Rank: 48603
24 KB
13 9
Domain Requested by
3 sticmulune.com niphaumeenses.net
2 fleraprt.com tzegilo.com
2 geboy96.com
1 byzoruator.com
1 tzegilo.com niphaumeenses.net
1 my.rtmark.net niphaumeenses.net
1 niphaumeenses.net geboy96.com
1 telegram.org geboy96.com
1 iili.io geboy96.com
13 9

This site contains no links.

Subject Issuer Validity Valid
*.geboy96.com
R10		 2025-01-02 -
2025-04-02		 3 months crt.sh
iili.io
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2024-08-10 -
2025-09-11		 a year crt.sh
niphaumeenses.net
R11		 2024-12-28 -
2025-03-28		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
sticmulune.com
R11		 2024-11-12 -
2025-02-10		 3 months crt.sh
tzegilo.com
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-12-11 -
2026-01-11		 a year crt.sh
byzoruator.com
R10		 2024-12-31 -
2025-03-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://geboy96.com/Tele.html
Frame ID: 5EFB7843C60D2E62AB91410077B19FC7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NUYUL DANA

Page URL History Show full URLs

  1. http://geboy96.com/Tele.html HTTP 307
    https://geboy96.com/Tele.html Page URL

Page Statistics

13
Requests

100 %
HTTPS

11 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

114 kB
Transfer

291 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geboy96.com/Tele.html HTTP 307
    https://geboy96.com/Tele.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Tele.html
geboy96.com/
Redirect Chain
  • http://geboy96.com/Tele.html
  • https://geboy96.com/Tele.html
36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geboy96.com/Tele.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.213.211.222 , United Kingdom, ASN214882 (ArenHost Hadi Santosa, ID),
Reverse DNS
Software
/
Resource Hash
952d98820a4db81318374eaa9af79a3313a5246babff5edad2faabbe9833c8eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
9239
content-type
text/html
date
Thu, 02 Jan 2025 22:25:24 GMT
last-modified
Thu, 02 Jan 2025 09:29:29 GMT
vary
Accept-Encoding

Redirect headers

Location
https://geboy96.com/Tele.html
Non-Authoritative-Reason
HttpsUpgrades
2WwxUdu.th.png
iili.io/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/2WwxUdu.th.png
Requested by
Host: geboy96.com
URL: https://geboy96.com/Tele.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f4f7e159425683c3a28dbe314d67fb059c290bb341cf041abd51af06ad633b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txKaZrMe7lmTYJWGmNVlg%2FzQ6EuQpDB3t3geAEjGaw7ZIDSSqn6KZVMQ83LXuXuZ9DAmxWUs8FZqQspRUHQkDbfcKo6r9FLOAFPOhAKvCwb0TscnlLQYq%2FRJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=52641&min_rtt=52587&rtt_var=8403&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4206&recv_bytes=4438&delivery_rate=359&cwnd=12000&unsent_bytes=0&cid=9a49940c163094bd&ts=329&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 22:25:24 GMT
content-type
image/png
last-modified
Thu, 12 Dec 2024 22:52:09 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fbe2a2f495bdc98-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
23746
server
cloudflare
telegram-web-app.js
telegram.org/js/ 		106 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-web-app.js
Requested by
Host: geboy96.com
URL: https://geboy96.com/Tele.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"6739f222-1a916"
expires
Mon, 06 Jan 2025 22:25:24 GMT
date
Thu, 02 Jan 2025 22:25:24 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 13:39:46 GMT
server
nginx/1.18.0
vignette.min.js
niphaumeenses.net/ 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://niphaumeenses.net/vignette.min.js
Requested by
Host: geboy96.com
URL: https://geboy96.com/Tele.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a7902e4d3a79a19bbb73982abb0c2fad96815ca745ff25a93d5a36ac3eceead1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

strict-transport-security
max-age=1
cache-control
max-age=86400
timing-allow-origin
*
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
date
Thu, 02 Jan 2025 22:25:24 GMT
content-type
application/javascript
server
nginx
gid.js
my.rtmark.net/ 		65 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: niphaumeenses.net
URL: https://niphaumeenses.net/vignette.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487e61a208ddfe44b42241365ab13f64692e596fca6eef3372d5c093783dc6c8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDjl8SAVIDqUMKUSTmxHJuyVfFYUEbqL4VLQmuzWOOP2UldsgGCo32CBprlY3EUVl7LDemRC1p3vv7cAAvpLaOLD6vIT3B5%2BKZCMsbUMZSZJQq8K07DlncXSEYg28Ffe"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43195&min_rtt=42313&rtt_var=9655&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4361&delivery_rate=13777&cwnd=12000&unsent_bytes=0&cid=199cbc156e7ee0e9&ts=96&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 22:25:24 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8fbe2a3128ea6511-LHR
access-control-allow-origin
https://geboy96.com
server
cloudflare
favicon.ico
geboy96.com/ 		708 B
790 B 		Other
General
Check archive.org
Download Go to
Full URL
https://geboy96.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.213.211.222 , United Kingdom, ASN214882 (ArenHost Hadi Santosa, ID),
Reverse DNS
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/Tele.html

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
708
pragma
no-cache
date
Thu, 02 Jan 2025 22:25:24 GMT
content-type
text/html
8733849
sticmulune.com/401/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sticmulune.com/401/8733849?oo=1&oaid=0801455b09f94702f060673af01a5f00&sw_version=v1.490.0&tgp=unknown
Requested by
Host: niphaumeenses.net
URL: https://niphaumeenses.net/vignette.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.107 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
0cc79792086d341c17ac63a8a94c12ac89601128ac13c5ebd39644308ebc9f34
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Thu, 02 Jan 2025 22:25:24 GMT
content-type
application/json
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
553e3ec7d256b0c5c4f80e23423a2cca
access-control-allow-origin
https://geboy96.com
server
nginx
stattag.js
tzegilo.com/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: niphaumeenses.net
URL: https://niphaumeenses.net/vignette.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"668fb2be-45d7"
age
6850
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBiPsb2VAbdi9joim4kG2pvSBtRofNQH1SlOKtjlDAaCgEYR7NM4iVJKwm7LNVpSOJcxVX%2BPqbSvz8mzBp3zn8VT3gicSh0tlPXdhsLkzOQZReWyS2vbxmvVLH3TfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42444&min_rtt=42366&rtt_var=15942&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4086&recv_bytes=4223&delivery_rate=78199&cwnd=12000&unsent_bytes=0&cid=00e2f7e82cf0d23f&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 02 Jan 2025 22:25:25 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 10:23:58 GMT
vary
Accept-Encoding
priority
u=3,i=?0
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fbe2a334a2acd95-LHR
server
cloudflare
add
fleraprt.com/log/ 		12 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fcbb9017-4f20-4b75-a832-79167459fa12
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.45.195.252 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx/1.25.5 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://geboy96.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://geboy96.com
Content-Length
12
Date
Thu, 02 Jan 2025 22:25:25 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.25.5
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
fleraprt.com/async_log/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fcbb9017-4f20-4b75-a832-79167459fa12
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.45.195.252 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://geboy96.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://geboy96.com
Content-Length
0
Date
Thu, 02 Jan 2025 22:25:25 GMT
Server
nginx/1.25.5
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
8733849
sticmulune.com/500/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sticmulune.com/500/8733849?excludes=&oaid=0801455b09f94702f060673af01a5f00&tgp=unknown&sdkp=1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=10&wy=10&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fgeboy96.com%2FTele.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&btz=Europe%2FLondon&bto=0&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=niphaumeenses.net
Requested by
Host: niphaumeenses.net
URL: https://niphaumeenses.net/vignette.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.107 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
c5e3578e1c48118029cd59ac8ef7743f3255f3ca716ea9a48ad5fcc9e63dc653
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://geboy96.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Thu, 02 Jan 2025 22:25:25 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
7035948c1389ee04e97217a4f7216ab0
access-control-allow-origin
https://geboy96.com
server
nginx
8733849
sticmulune.com/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sticmulune.com/500/8733849?excludes=&oaid=0801455b09f94702f060673af01a5f00&tgp=unknown&sdkp=1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=10&wy=10&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fgeboy96.com%2FTele.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&btz=Europe%2FLondon&bto=0&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=niphaumeenses.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.107 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://geboy96.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://geboy96.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 02 Jan 2025 22:25:25 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
0377052970676.png
byzoruator.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://byzoruator.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.168 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://geboy96.com/

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
etag
"606f118e-932"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
2354
date
Thu, 02 Jan 2025 22:25:25 GMT
content-type
image/png
last-modified
Thu, 08 Apr 2021 14:22:06 GMT
server
nginx
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pagespeed object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy object| zfgstorage object| plkhf4lhmk object| zfgformats object| webpushlogs function| show_8733849 object| syncCallbacks function| showRatePointInfo function| watchAd function| getRandomInterval function| showFloatingNotification function| resetLocalStorage function| startAutoAds function| stopAutoAds function| showWithdrawForm function| withdrawPoints function| showSuccessNotification function| updateDailyAdCount function| sendTelegramMessage function| showWithdrawHistory function| goBack boolean| __lwkemfd9q__

2 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 0801455b09f94702f060673af01a5f00
sticmulune.com/ Name: OAID
Value: 0801455b09f94702f060673af01a5f00

2 Console Messages

Source Level URL
Text
network error URL: https://geboy96.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://geboy96.com/Tele.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0020884280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.