newxyu444.d2dire.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newxyu444.d2dire.top/
Submission: On May 30 via api (May 30th 2024, 4:18:57 am UTC) from US — Scanned from NL

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newxyu444.d2dire.top.
TLS certificate: Issued by E1 on May 23rd 2024. Valid for: 3 months.

This is the only time newxyu444.d2dire.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	184.185.139.145 184.185.139.145	22773 (ASN-CXA-A...) (ASN-CXA-ALL-CCI-22773-RDC)
12	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.206.209.50 23.206.209.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	104.18.42.197 104.18.42.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	8

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

newxyu444.d2dire.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.185.139.145 (Fairfax, United States)

ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US)
PTR: web8.aba2net.com

www.gexesports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

newxyu444.d2dire.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.209.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-50.deploy.static.akamaitechnologies.com

cs.liiift.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.42.197 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

domain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.domain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	d2dire.top newxyu444.d2dire.top	643 KB
2	domain.com 1 redirects domain.com — Cisco Umbrella Rank: 43304 www.domain.com — Cisco Umbrella Rank: 274168	2 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	liiift.io cs.liiift.io — Cisco Umbrella Rank: 287492	1 MB
1	gexesports.com www.gexesports.com	157 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
0	forstuff.site Failed test.forstuff.site Failed
21	7

	Domain	Requested by
15	newxyu444.d2dire.top	newxyu444.d2dire.top
1	www.domain.com
1	domain.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	cs.liiift.io
1	www.gexesports.com
1	fonts.googleapis.com	newxyu444.d2dire.top
0	test.forstuff.site Failed	newxyu444.d2dire.top
21	8

This site contains links to these domains. Also see Links.

Domain
cs.money
aimlab.gg

Subject Issuer	Validity	Valid
d2dire.top E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
gexesports.com R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
wildcard.microsites.redbull.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-18` - `2025-03-18`	a year	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://newxyu444.d2dire.top/
Frame ID: 45458E2D678E699E86E28AB4C7705AE6
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tournament League

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

21
Requests

90 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

1985 kB
Transfer

2321 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cs.money/

Search URL Search Domain Scan URL

URL: https://aimlab.gg/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://domain.com/favicon.ico HTTP 301
https://www.domain.com/favicon.ico

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newxyu444.d2dire.top/ 1 KB
1 KB 205ms
137ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newxyu444.d2dire.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae452ab9ba327aff247b29f46d3dda41b71418d6b08a8bdc6b011c41cde11910

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 88bbec338f489c04-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 May 2024 04:18:52 GMT
last-modified: Sun, 21 May 2023 17:55:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77o7AlEkX1Q9g11Vbf7oEyMg%2BZbkPbqd0CqNRhP28zJ5%2FRDmu%2FS4VKpft81hwV9JbEL57O%2FH7MWZf6BvAD%2BUJPZyPd0WXj6uwdSHeWAVGSOCRPMhatt5RfKaS1qbgwZ%2FTU4nwc49oabVfVbfGyVG9yQy0A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-powered-by: Express

GET
H2 200 main.bef581fe.js Show response
newxyu444.d2dire.top/static/js/ 459 KB
136 KB 370ms
368ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newxyu444.d2dire.top/static/js/main.bef581fe.js
Requested by: Host: newxyu444.d2dire.top
URL: https://newxyu444.d2dire.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 65bd1ea0370e5846d9544800021ac97507677a5cf5cfb92779003ae59bc99c41

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 May 2023 14:21:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"72bab-1883eafe428"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAPn0HFg20Lm8FrDlIEaBFIRPue3EMs2KdpccIxHGlksjuQ2CgP0AfK3SnhEs8v2XXJdkDxkIux6mJRxYyFeLkYjjRXVdmqd9GFfkCxsmk%2Bq61z2spfPfzL79d31uKyEuEzvnbqxcYGjwAzTzVCBPn%2F%2B2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88bbec348fd39c04-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.d385c185.css
newxyu444.d2dire.top/static/css/ 1 KB
868 B 127ms
127ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newxyu444.d2dire.top/static/css/main.d385c185.css
Requested by: Host: newxyu444.d2dire.top
URL: https://newxyu444.d2dire.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3a8359c55d0dd8a0a48920e3349c33df671945f520b71265913f463618ea7594

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4be-1873dbe48ab"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vpl3YQ7Bf8jG33SVKwKuuOXsEnDG5sP%2BT6zFh6lG4PNvIhvfYR7Xbl%2FDP9opPE%2BBAZaObatUkaySTiXmDgFo6U3DnwSqBs67epBcvPCKjYgiyYMIdIdK4wk4t6lYvRay12p4MM6z5MJT9CPuVdmIGQr2GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88bbec348fd29c04-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,400;1,700&display=swap

Requested by

Host: newxyu444.d2dire.top
URL: https://newxyu444.d2dire.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b7c3890b20ad111bd4407b5f17bcaad8e5480b137e2cdcfdc043166d032b620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 May 2024 04:18:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 May 2024 04:18:52 GMT

GET main.85397719.js
test.forstuff.site/static/js/ 0
0

GET
H/1.1 200
OK ncs-academy.png
www.gexesports.com/wp-content/uploads/2019/03/ 157 KB
157 KB 449ms
112ms Image
image/png 184.185.139.145
ASN-CXA-ALL-CCI-2...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gexesports.com/wp-content/uploads/2019/03/ncs-academy.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.185.139.145 Fairfax, United States, ASN22773 (ASN-CXA-ALL-CCI-22773-RDC, US),
Reverse DNS: web8.aba2net.com
Software: Apache/2.4.18 /
Resource Hash: 6af4cd4ae63a0f6f0606fcb399110ab293315ff8f10b20e1783ff9f519b54dbe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 04:18:53 GMT
Last-Modified: Sun, 31 Mar 2019 15:40:42 GMT
Server: Apache/2.4.18
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 160639

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e82cbbc1b7b9d13864405e4cd31497b8189057606c0046bae5fa1d9bbfea8bc5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c367d950f94a7be81da7f071bc63c72bd0629e384145f6c52b2c1452bb3c51ac

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 disc.1631106f37f37385efa7.png
newxyu444.d2dire.top/static/media/ 21 KB
21 KB 195ms
195ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/disc.1631106f37f37385efa7.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9cc65924ef7c8cad46db2415a0fe0b8f7333e95c500fa2dee1c4c5f15689559c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"5215-1873dbe552f"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bN6h%2F%2B2VDC7TEdGm7UFDSwGsBQv2M2Wmh8sBw3cQ07v4CnYt8Fj71x24I7iFDFuf4jOLQjoCtlWmt%2FOx4c6tRRasSRrefcOAJFYOuZbyq1JVp2gmOaUgKwJVJr3XgaiqhGdP5T4Kgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c5771d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21013

GET
H3 200 support.7ee94fa42e7c64c8bba9.png
newxyu444.d2dire.top/static/media/ 25 KB
26 KB 196ms
194ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/support.7ee94fa42e7c64c8bba9.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8a337ed2a0f29f33a666ac141b18746f639a055ee8ad727c1ed242bb5bddb257

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"65ee-1873dbe5657"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9dk9F1RMnqTzioSUNRky9odE0sI%2BnivS%2FHf0D63WyceagYYtggSie1eVckPjxhsi%2F%2BnZ4nRkVQnIiZK%2FbBNJoXRxiJIAeDJVZ6yV4YmqyIost19C9Z8Bwq%2Fv1I8TYcVw%2FY8V%2BoTWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c5971d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26094

GET
H3 200 fpl.0f3231b83b0954c95021.png
newxyu444.d2dire.top/static/media/ 20 KB
20 KB 178ms
175ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/fpl.0f3231b83b0954c95021.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5d8fc58403ad5feae206617bab429693019314824df27d141c41ba54fd2ba984

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4fac-1873dbe562b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7eC9Ch20NTNoI6H58OeqP0Y8UjnyjMcRvfSfCauuXxNjaSesp6SPvZf7eCwvjBPA8JfkT7TNSZYxbeCiqPo2Z8y3Lk9rNW1XE1Q7htMnBlQ1jvSXX7IFlS%2FT3ZGXUTLqnrz7Y6IqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c5a71d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20396

GET
H3 200 prize.2f77f2f8665d0c2a76b4.png
newxyu444.d2dire.top/static/media/ 22 KB
23 KB 214ms
212ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/prize.2f77f2f8665d0c2a76b4.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 87282a6e8fba8daef21d28e510bbf4808b17891f0ee5c0b625b7504136e9d917

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"59f2-1873dbe55ff"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0wSi%2F17%2BmX4Y%2BmWt74MEYNWw8kDgtM3LphleH6HdzomseqpB4y0awhdfAavqkQMmgmTXiJmk92FBz9TcWgEP3Cbq9JSlVWgcBmXJOUWy%2Fwq0oxxiLrwhPCyA3iY6rN0JMfsi%2FyFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c5c71d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23026

GET
H3 200 csgo.0c4ef4b48051c094c5d7d08b9692b247.svg
newxyu444.d2dire.top/static/media/ 7 KB
3 KB 145ms
142ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/csgo.0c4ef4b48051c094c5d7d08b9692b247.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 387ccd2d0a5e2eee0d99f7967e7fc059bd8a9fed15690b5ab440c9589cf836c1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1a03-1873dbe4847"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuW35IVxKhGzFIBmHRvundSJfJ1Mk2QvkdFnoZZ3Ppff9fyb5piuVNq06R2NvCFMoQmvOsR58U2fD9xzeoe78vYJ8L71QIu8DTmBT2eOK9JSPwVlSsmc8oE8KQveuoCbgFi0uMPSPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88bbec377c5e71d9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 csgo.14aad5bac92275edbad6.jpg
newxyu444.d2dire.top/static/media/ 102 KB
102 KB 253ms
251ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/csgo.14aad5bac92275edbad6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e5ca5ed164e72a6e3eb9d0c9108c61c6d5c5780cf0807003921198574b62d613

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"19680-1873dbe54fb"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8a3GFNx7pDYr0TtNpydMKLK2UzTMJvJ5UywLIGMdas311UukvrgcQR9nl5uOdpmEr6QbcGvoOrnAEUt1VfH7UO30bfD3bY06H%2B%2BbMvvb5M0MGLnflqzMUwRGaCy3p%2FqPcus7UtA0IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c6071d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 104064

GET
H3 200 rust.b54698298fd531a91c313964b382ab4a.svg
newxyu444.d2dire.top/static/media/ 1 KB
989 B 135ms
133ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/rust.b54698298fd531a91c313964b382ab4a.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 89c780dd0c1104df77bdf52ff33ee549b0741b992a3575f2b63e04e9634293e8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"500-1873dbe5623"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iWYdM3pW0WqVRziqQiGS%2Bn9Ek70elPM0GZxaLR3ek5Mk%2FvpKh53gXDAJcqcwISIq0dK1XY1mosSitRFmp%2FXg%2FXUc0eBvtVH5L73QWdQMmqq5BV4SdAfhhKjz7wrkWK59UD6n1l6kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88bbec377c6171d9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rust.12ad7d05bdc5f5867c9e.jpg
newxyu444.d2dire.top/static/media/ 152 KB
152 KB 281ms
278ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/rust.12ad7d05bdc5f5867c9e.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b3d5af29328a71185b9f3a961059dac7ae5caf199e6ce46ec1a751252f48288c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"25eed-1873dbe48ab"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UolO8y3080J4xEMv5hfVU4Pu89xPXpua%2BOdzy7nal8dy%2FHf0vUwk20k54XBdXhgWY2lXMC7UOWoivXut%2B0mxg%2FeHH47LXPtLxXpWkCIFP%2Fgu%2FoaYrRKrIKM9lM0eXeI8AWXTzhCFYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c6271d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 155373

GET
H3 200 dota.b526e8642834ec25a814b27eef619f04.svg
newxyu444.d2dire.top/static/media/ 3 KB
2 KB 153ms
151ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/dota.b526e8642834ec25a814b27eef619f04.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a77efb974316ef7e809c67d3d74b480a8bc83174a5f3edf2c31d56d58540ebd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"a47-1873dbe558f"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFAbGWYcxMLGEGuMl8nBgWhhUmGr1ojkHIH848kvWvE2N6TOrsjYb4RqnSNTtFzx3DqayVr2iBWGyt1WIVx2tSVwyiKWbV%2Ba%2FpDelT%2BBlTu0Q4Xm2pB1rS5lHzWvZRVrs9q1xBaeog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88bbec377c6471d9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dota.6bd99ab484679ede59a9.jpg
newxyu444.d2dire.top/static/media/ 65 KB
66 KB 263ms
261ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/dota.6bd99ab484679ede59a9.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 14c49ae05943206201179d05f44dcbb75a319159eae37bf9def3daff2900c4d8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"10564-1873dbe555b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haA6LBV9CryyzPieFlHBzjMa3q2daPSN0qHOeOM9Hf6mc3%2FXzbIuLd3bmhjRRldUXAmyKcGNXVN%2FfiKq9Y7R%2BglHFszf8QxKgvv85f%2Fhr5pAcV19iI2dyI08L0o%2B5mWOQ1g63Kn5nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c6571d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 66916

GET
H3 200 tf.e58a4ecd59c3ef568cee2fa25fa5a440.svg
newxyu444.d2dire.top/static/media/ 2 KB
1 KB 149ms
148ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/tf.e58a4ecd59c3ef568cee2fa25fa5a440.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b1a9c59aceedeada5b27b59f188a22bce6685a9a6533474cc3df5ea157b95c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"7b9-1873dbe56c3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ha94%2BtjXf1o7L3Ig%2FQS6UfPf8wiPeMF48QH6RDndsID6c6txnShs3Epcyftglud%2BbJFyCaepZ%2FJ%2BAK8PhR1KX6Ld%2Fc%2Bya2%2BuVRbKphEdMy8yGfD%2BMl7YrIxNqO2z%2Br0QT8aTUM9HiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88bbec377c6671d9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tf.63ac9c0e82d0d5083135.jpg
newxyu444.d2dire.top/static/media/ 87 KB
88 KB 253ms
252ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newxyu444.d2dire.top/static/media/tf.63ac9c0e82d0d5083135.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 56876f3904cf55f6134393f54636e78b340a84040e6f509539142e08510f8bfd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://newxyu444.d2dire.top/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 16:54:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"15c78-1873dbe5683"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf2uZxjCpdwnC%2Be%2BlU696zfRHzHFR4lcTK%2FGJXsWv8APtleh%2FARjP1h4hfiGMmMio09Ho0%2FW%2Fs3usZbXyPzhl2nD5quXxvRRLOmSK1lMgJe6LOYwueZMmX8hXMthEfMi5pJaTL3uig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88bbec377c6771d9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 89208

GET
H/1.1 206
Partial Content FO-2AW2ZBN9X1112.mp4
cs.liiift.io/v1/RBMN/pd/2/AW/2Z/BN/9X/11/12/ 1 MB
1 MB 139ms
45ms Media
video/mp4 23.206.209.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.liiift.io/v1/RBMN/pd/2/AW/2Z/BN/9X/11/12/FO-2AW2ZBN9X1112.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.209.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-209-50.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 42522e929b187fb4bed6143cd010a3909444bbcedfacf9cd59901319dd8dfe56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://newxyu444.d2dire.top/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 04:18:52 GMT
Content-Range: bytes 0-1175550/1175551
Connection: keep-alive
Akamai-Mon-Iucid-Del: 624135
Content-Length: 1175551
Last-Modified: Tue, 29 Mar 2022 11:58:26 GMT
Server: AkamaiNetStorage
ETag: "1901c83765206cff827a0683d5b1a836:1648555107.594575"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 28 Aug 2024 04:18:52 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 100ms
30ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://newxyu444.d2dire.top
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 164260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 06:41:12 GMT

GET
H2

200

favicon.ico
www.domain.com/
Redirect Chain

https://domain.com/favicon.ico
https://www.domain.com/favicon.ico

981 B
1 KB

42ms
31ms

Other
image/vnd.microsoft.icon

104.18.42.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.domain.com/favicon.ico
Protocol: H2
Server: 104.18.42.197 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dff57471ddc686971562a3f9dbaf35c8d15e4349189310262a56e8b792d5c72

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://newxyu444.d2dire.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 30 May 2024 04:18:52 GMT
x-amz-version-id: ptXtXFssXwgayHgUKjRbyFGgGG13lCSm
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: ATY3FFFBT26EDAR2
x-amz-cf-pop: SFO5-P2
x-amz-server-side-encryption: AES256
age: 600798
x-cache: Hit from cloudfront
x-amz-id-2: UKoFIvtimVPTqqF1l4Q2xrbNU3LcXUpAmuiD8yYq6BDs2Gc810msOJlGiRicugKSEwn+35LLRzc=
last-modified: Thu, 11 Apr 2024 11:18:23 GMT
server: cloudflare
etag: W/"58422713d385b71f226c29e67d67aba2"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=31557600, immutable
x-amz-meta-cf-origin: coldstone-bucket
cf-ray: 88bbec39290f1968-FRA
x-amz-cf-id: 0Vc8N1i96icNo_hIEdD_CpXSe_FUpqRYoZ3nfGLQXUq8T1L9BkYnLw==

Redirect headers

location: https://www.domain.com/favicon.ico
date: Thu, 30 May 2024 04:18:52 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 88bbec37f83c1968-FRA
vary: Accept-Encoding
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: test.forstuff.site
URL: https://test.forstuff.site/static/js/main.85397719.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkmy_app

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.domain.com/	1970-01-20 20:57:24	Name: __cf_bm Value: DAN8RzqzxgJE3RXu5sqdiV_yBVVpmC11CE06ABKMfeM-1717042732-1.0.1.1-Glclx_7N_5sOwd0YxJHaynpFoo.mcZMynT6TM2I4iiZJGgEl9adDsQVCQBfxm7ODCY6X.S120jIJixwwVcfXTg
			.domain.com/	1969-12-31 23:59:59	Name: _cfuvid Value: fnMopm2xIJ_ee2yDmlCDI2ko.MYI5Qp3hAlVTjHHF4A-1717042732949-0.0.1.1-604800000

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://test.forstuff.site/static/js/main.85397719.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://newxyu444.d2dire.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newxyu444.d2dire.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newxyu444.d2dire.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newxyu444.d2dire.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs.liiift.io
domain.com
fonts.googleapis.com
fonts.gstatic.com
newxyu444.d2dire.top
test.forstuff.site
www.domain.com
www.gexesports.com
test.forstuff.site
104.18.42.197
184.185.139.145
188.114.97.3
23.206.209.50
2a00:1450:4001:81d::200a
2a00:1450:4001:831::2003
2a06:98c1:3121::3
0b7c3890b20ad111bd4407b5f17bcaad8e5480b137e2cdcfdc043166d032b620
14c49ae05943206201179d05f44dcbb75a319159eae37bf9def3daff2900c4d8
387ccd2d0a5e2eee0d99f7967e7fc059bd8a9fed15690b5ab440c9589cf836c1
3a8359c55d0dd8a0a48920e3349c33df671945f520b71265913f463618ea7594
42522e929b187fb4bed6143cd010a3909444bbcedfacf9cd59901319dd8dfe56
4b1a9c59aceedeada5b27b59f188a22bce6685a9a6533474cc3df5ea157b95c3
4dff57471ddc686971562a3f9dbaf35c8d15e4349189310262a56e8b792d5c72
56876f3904cf55f6134393f54636e78b340a84040e6f509539142e08510f8bfd
5d8fc58403ad5feae206617bab429693019314824df27d141c41ba54fd2ba984
65bd1ea0370e5846d9544800021ac97507677a5cf5cfb92779003ae59bc99c41
6af4cd4ae63a0f6f0606fcb399110ab293315ff8f10b20e1783ff9f519b54dbe
87282a6e8fba8daef21d28e510bbf4808b17891f0ee5c0b625b7504136e9d917
89c780dd0c1104df77bdf52ff33ee549b0741b992a3575f2b63e04e9634293e8
8a337ed2a0f29f33a666ac141b18746f639a055ee8ad727c1ed242bb5bddb257
9a77efb974316ef7e809c67d3d74b480a8bc83174a5f3edf2c31d56d58540ebd
9cc65924ef7c8cad46db2415a0fe0b8f7333e95c500fa2dee1c4c5f15689559c
ae452ab9ba327aff247b29f46d3dda41b71418d6b08a8bdc6b011c41cde11910
b3d5af29328a71185b9f3a961059dac7ae5caf199e6ce46ec1a751252f48288c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c367d950f94a7be81da7f071bc63c72bd0629e384145f6c52b2c1452bb3c51ac
e5ca5ed164e72a6e3eb9d0c9108c61c6d5c5780cf0807003921198574b62d613
e82cbbc1b7b9d13864405e4cd31497b8189057606c0046bae5fa1d9bbfea8bc5

newxyu444.d2dire.top Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

43 %IPv6

7 Domains

8 Subdomains

8 IPs

4 Countries

1985 kBTransfer

2321 kBSize

2 Cookies

2 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

5 Console Messages

Indicators

newxyu444.d2dire.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

1985 kB
Transfer

2321 kB
Size

2
Cookies

21 HTTP transactions
2 data transactions