URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Submission: On September 30 via manual from EE — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 172.67.190.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is s6.c-bot.cyou.
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.
This is the only time s6.c-bot.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.67.190.156 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
21 5
Apex Domain
Subdomains
Transfer
8 c-bot.cyou
s6.c-bot.cyou
9 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
105 KB
4 gstatic.com
fonts.gstatic.com
58 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
951 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 851
30 KB
21 5
Domain Requested by
8 s6.c-bot.cyou s6.c-bot.cyou
6 cdnjs.cloudflare.com s6.c-bot.cyou
cdnjs.cloudflare.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com s6.c-bot.cyou
1 code.jquery.com s6.c-bot.cyou
21 5

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
c-bot.cyou
WE1
2024-09-15 -
2024-12-14
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Frame ID: B243E9B2FD455FB6D04BB017068A9761
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

TG: get_checkyou_bot | c-bot.cyou

Page URL History Show full URLs

  1. https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV Page URL
  2. https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

21
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

203 kB
Transfer

473 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV Page URL
  2. https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
vidfile_new.php
s6.c-bot.cyou/
1 KB
1 KB
Document
General
Full URL
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe84a8264417587a24fe0671657d445b0b228c11c458a8754cdd6d9bd5134a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cb09ac2f91d2c76-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 01:57:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh
0; url=/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UjqA8CzFwCDETx6sLS31O68zCeU2o3YeILX3YDdZjfOuSyjulbz7KaWz%2Bo1Ko%2BnlCyynKtKgEXlmDFEASw4MLVprDm4OkgI%2Bv5vPN3spXv7Y4jvfE38YuBL2%2Fcg5cect"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000
speculation
s6.c-bot.cyou/cdn-cgi/
128 B
533 B
Other
General
Full URL
https://s6.c-bot.cyou/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://s6.c-bot.cyou
Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRn0pJfkZ9DGiRbr0rjjtUQ0Ly%2BHnej9Kdj0VM%2BVCiUVWzGDlYUu8Lf4%2F0jerYS4qpXoqxQRSQ61hiwlF1JO43yxqxiCs7GwP4C4n6e18eWDGgqbKCGVidPpEC%2FKnsvb"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb09ac399862c76-FRA
access-control-allow-origin
https://s6.c-bot.cyou
content-length
128
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
4 KB
951 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700|Radley
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aabd259d71b7de1d1b962f7ab66b0518ec54431bbe5b9086edf6b5d970912baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 01:57:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 01:57:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-9226"
age
854578
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRWyJgl%2B2Sf3TA3jdAeWZkUAi%2Feqwp9HA0hbIkO%2B%2B6O6%2BtzA%2FqVGYTJxuF1uVLG7BrKlZwfd8nWqDQmNCa6aFpnd4ltRJThOKUoETjgxHaSAV2F91eXg8ZFDto68MnAzDgc2WTo31MbpaaulH5OQtfTf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 01:57:51 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb09ac3cfb3d2d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5884
server
cloudflare
style1.css
s6.c-bot.cyou/
6 KB
2 KB
Stylesheet
General
Full URL
https://s6.c-bot.cyou/style1.css
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977f3226390fc7477c409adab0d86b1fbd182cdb7fb7f1dc9ad407c838444a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"666b8182-180f"
age
21624
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GJrjM7GoFWvGTbJmoPi9FnAYoBo%2Bq98gky8g2C5LUkeRaiYAN6b6MzmJkCg4XXWGjMHRRjG%2FLXaQ97y8pmsZKUhxxg1XrJonOSgjUIy7ICBoe%2B3rQN25xOYeF6ettCl"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb09ac399872c76-FRA
expires
Mon, 30 Sep 2024 07:57:27 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css
last-modified
Thu, 13 Jun 2024 23:32:18 GMT
vary
Accept-Encoding
server
cloudflare
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e58-31fb"
age
208165
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5z%2BhtHvKLZxz6xfa2oCBGznVRUTvRS%2BW5bum4BgCeChX4tzHvJWzp8FOT3izYyRAZcznEkeN9UWOviggrgjoO5i5LcmcE9GIGHU2kw9kg0mJJU0QZJaGaELyrbQNVUrXq9AGKsl31PGiUFNkYKniok%2Bn"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 01:57:51 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb09ac3cfb6d2d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2695
server
cloudflare
LYjDdGzinEIjCN1NpwNF.woff2
fonts.gstatic.com/s/radley/v22/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/radley/v22/LYjDdGzinEIjCN1NpwNF.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700|Radley
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://s6.c-bot.cyou
Referer
https://fonts.googleapis.com/

Response headers

age
115875
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 28 Sep 2025 17:46:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 17:46:36 GMT
last-modified
Thu, 24 Aug 2023 21:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26056
x-xss-protection
0
server
sffe
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700|Radley
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://s6.c-bot.cyou
Referer
https://fonts.googleapis.com/

Response headers

age
372383
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 18:31:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 18:31:28 GMT
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32796
x-xss-protection
0
server
sffe
Primary Request vidfile_new.php
s6.c-bot.cyou/
3 KB
2 KB
Document
General
Full URL
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0cf89fd9911026017acf8e184bf068d71ebd1a467b8008bb1765f199392d12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cb09ac449cc2c76-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 01:57:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWGhihDBxDxpSAc0YrNL%2F9d719oGbqItYJ%2FWhcej4B462gwEyD9UA1qbhVQeWRNoLjVcdsQw4DQ3NW9afw9nV7i%2Bl2rfaQohx7fIGILP75sTXg28d8S%2B4NvqnsgRFe70"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000
favicon.ico
s6.c-bot.cyou/
3 KB
3 KB
Other
General
Full URL
https://s6.c-bot.cyou/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"666b8182-cbe"
age
6877
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80IjYXctJvM1xkr29ei9MVTcK1j8Px%2Bw8yKw5cvPk10Fd6%2B46aeOohrb8dNrjaMLM1qOCLBkmvLMh8TO5DSx2YCqBNAd4co3T1CdWsUpL7zaasXgJIxX18GvjV4tdcfx"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb09ac439c92c76-FRA
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
image/x-icon
last-modified
Thu, 13 Jun 2024 23:32:18 GMT
vary
Accept-Encoding
server
cloudflare
speculation
s6.c-bot.cyou/cdn-cgi/
128 B
534 B
Other
General
Full URL
https://s6.c-bot.cyou/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://s6.c-bot.cyou
Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O2eH14Saq7fCU6vKUQVyHIaTASLbWvsY%2BndCG3n239wfJHnxb3Eeir%2Fd96Ny%2Fks23QSAFphLq6lL08%2FEdZJKMVmj9ITnSOk34fEPnhXLu1uSkpx%2FPoxoz7cmDBbm8poE"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb09ac72b342c76-FRA
access-control-allow-origin
https://s6.c-bot.cyou
content-length
128
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
4 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700|Radley
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aabd259d71b7de1d1b962f7ab66b0518ec54431bbe5b9086edf6b5d970912baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 01:57:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 01:57:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
0
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-9226"
age
854578
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRWyJgl%2B2Sf3TA3jdAeWZkUAi%2Feqwp9HA0hbIkO%2B%2B6O6%2BtzA%2FqVGYTJxuF1uVLG7BrKlZwfd8nWqDQmNCa6aFpnd4ltRJThOKUoETjgxHaSAV2F91eXg8ZFDto68MnAzDgc2WTo31MbpaaulH5OQtfTf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 01:57:51 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb09ac3cfb3d2d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5884
server
cloudflare
style1.css
s6.c-bot.cyou/
6 KB
0
Stylesheet
General
Full URL
https://s6.c-bot.cyou/style1.css
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977f3226390fc7477c409adab0d86b1fbd182cdb7fb7f1dc9ad407c838444a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"666b8182-180f"
age
21624
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GJrjM7GoFWvGTbJmoPi9FnAYoBo%2Bq98gky8g2C5LUkeRaiYAN6b6MzmJkCg4XXWGjMHRRjG%2FLXaQ97y8pmsZKUhxxg1XrJonOSgjUIy7ICBoe%2B3rQN25xOYeF6ettCl"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb09ac399872c76-FRA
expires
Mon, 30 Sep 2024 07:57:27 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css
last-modified
Thu, 13 Jun 2024 23:32:18 GMT
vary
Accept-Encoding
server
cloudflare
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/
12 KB
0
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e58-31fb"
age
208165
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5z%2BhtHvKLZxz6xfa2oCBGznVRUTvRS%2BW5bum4BgCeChX4tzHvJWzp8FOT3izYyRAZcznEkeN9UWOviggrgjoO5i5LcmcE9GIGHU2kw9kg0mJJU0QZJaGaELyrbQNVUrXq9AGKsl31PGiUFNkYKniok%2Bn"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 01:57:51 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb09ac3cfb6d2d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2695
server
cloudflare
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d84"
age
2818202
x-cache
HIT, HIT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
9, 139699
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21981-LGA, cache-fra-etou8220108-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1727661472.930473,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30879
server
nginx
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/
67 KB
19 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: s6.c-bot.cyou
URL: https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e58-10a9d"
age
853496
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7bVsv6ry%2FCk00dOx1GFQcWRlt1Ei8%2BQEmM4mywYKuoayPT1S1AFd30KKtnHVta2gfBwqwnwO1lqxSbP4YXo4VwvYcMNlNQ%2BM%2B22lIswGxyBH6W3u66axFiY9MiOZUdt0cfPxQZ6Fn8KlolG9O7XK5Wm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 01:57:51 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb09ac72cc0d2d2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
19249
server
cloudflare
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/
32 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700|Radley
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

age
372383
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 18:31:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 18:31:28 GMT
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
32796
x-xss-protection
0
server
sffe
LYjDdGzinEIjCN1NpwNF.woff2
fonts.gstatic.com/s/radley/v22/
25 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/radley/v22/LYjDdGzinEIjCN1NpwNF.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700|Radley
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

age
115875
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 28 Sep 2025 17:46:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 17:46:36 GMT
last-modified
Thu, 24 Aug 2023 21:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26056
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://s6.c-bot.cyou
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
955747
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgmP%2FbtcpSzum1QvusH1683akVZgc79rXsVe0bb4HHC2pHlhVtcfomh2GCFwRaPUCI5BYsLOsU5x6Azp18xxfENvm8TRdxPTrqbN24wJKeQ09BaMm749q%2Bi%2BSysmccAeSYHFLoxnu5%2BxyXUytfeCS0Hq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 01:57:51 GMT
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cb09ac77ada3616-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
favicon.ico
s6.c-bot.cyou/
3 KB
0
Other
General
Full URL
https://s6.c-bot.cyou/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f028914c208ded8c3cdc8b8a0337264b3fc84f5d19e839315b73f15b22a60f2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://s6.c-bot.cyou/vidfile_new.php?file=33m6QyxLF1gvtx3pAG217SLxX6TNtSImQSPSs&Byd=70068&yR=OSgTpV

Response headers

cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"666b8182-cbe"
age
6877
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80IjYXctJvM1xkr29ei9MVTcK1j8Px%2Bw8yKw5cvPk10Fd6%2B46aeOohrb8dNrjaMLM1qOCLBkmvLMh8TO5DSx2YCqBNAd4co3T1CdWsUpL7zaasXgJIxX18GvjV4tdcfx"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb09ac439c92c76-FRA
date
Mon, 30 Sep 2024 01:57:51 GMT
content-type
image/x-icon
last-modified
Thu, 13 Jun 2024 23:32:18 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| selectText

1 Cookies

Domain/Path Name / Value
.c-bot.cyou/ Name: token2
Value: de5bcd0038b825ea02e7c9f7a28ea538

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000