urlscan.io logo urlscan.io
SecurityTrails logo

3tght76h.com Open in urlscan Pro
78.46.92.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=67...
Effective URL: https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l...
Submission: On October 31 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 13 domains to perform 21 HTTP transactions. The main IP is 78.46.92.254, located in and belongs to . The main domain is 3tght76h.com.
TLS certificate: Issued by R10 on September 11th 2024. Valid for: 3 months.
This is the only time 3tght76h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    99.198.108.198 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
click.sjsuhhd.xyz
1    162.55.4.52 (Mammelzen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.4.55.162.clients.your-server.de
v27.bvo8.com
6    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS, GB)
gribeorlneka.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
1    104.18.22.222 (None, )

ASN- ()
jonoorgaip.net
1    139.45.195.8 (None, )

ASN- ()
my.rtmark.net
1    104.18.23.222 (None, )

ASN- ()
jonoorgaip.net
4    78.46.92.254 (None, )

ASN- ()
gl0a7loeki02do.com
3tght76h.com
2    2606:4700::6811:f9cb (None, )

ASN- ()
unpkg.com
3    2a00:1450:4001:812::2004 (None, )

ASN- ()
www.google.com
1    2a00:1450:4001:82b::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2a00:1450:4001:827::2003 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
6 gribeorlneka.net
gribeorlneka.net — Cisco Umbrella Rank: 164687
16 KB
3 google.com
www.google.com
968 B
3 3tght76h.com
3tght76h.com
62 KB
3 sjsuhhd.xyz
click.sjsuhhd.xyz
5 KB
2 unpkg.com
unpkg.com
24 KB
2 jonoorgaip.net
jonoorgaip.net
2 KB
1 gstatic.com
www.gstatic.com
215 KB
1 googletagmanager.com
www.googletagmanager.com
70 KB
1 gl0a7loeki02do.com
gl0a7loeki02do.com
636 B
1 rtmark.net
my.rtmark.net
491 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 44392
9 KB
1 bvo8.com
v27.bvo8.com
625 B
0 datatechone.com Failed
datatechone.com Failed
21 13
Domain Requested by
6 gribeorlneka.net 1 redirects cdntechone.com
gribeorlneka.net
3 www.google.com 3tght76h.com
www.gstatic.com
3 3tght76h.com 3tght76h.com
3 click.sjsuhhd.xyz
2 unpkg.com 1 redirects 3tght76h.com
2 jonoorgaip.net 1 redirects gribeorlneka.net
1 www.gstatic.com www.google.com
1 www.googletagmanager.com 3tght76h.com
1 gl0a7loeki02do.com 1 redirects
1 my.rtmark.net gribeorlneka.net
1 cdntechone.com click.sjsuhhd.xyz
1 v27.bvo8.com 1 redirects
0 datatechone.com Failed cdntechone.com
21 13

This site contains no links.

Subject Issuer Validity Valid
click.sjsuhhd.xyz
E6		 2024-10-15 -
2025-01-13		 3 months crt.sh
cdntechone.com
WE1		 2024-10-16 -
2025-01-14		 3 months crt.sh
gribeorlneka.net
R10		 2024-09-26 -
2024-12-25		 3 months crt.sh
jonoorgaip.net
WE1		 2024-10-15 -
2025-01-13		 3 months crt.sh
rtmark.net
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
3tght76h.com
R10		 2024-09-11 -
2024-12-10		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Frame ID: 7DB251BA88747F308332EF33BEB822E8
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=plmhbdnah4xt
Frame ID: 71C4D5F415518C1CA8201F100660B3AA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Frame ID: BFBCDD7F8174FB746643DB6EB03BF70D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirect

Page URL History Show full URLs

  1. http://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobi... HTTP 307
    https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobi... Page URL
  2. https://v27.bvo8.com/go.php?ad=w8y1vvk08urbnwvonfk5&sid=M7431725767920189480&pub=5855&pid=5855-e4... HTTP 302
    https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536 HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=58... Page URL
  3. http://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-sm... HTTP 307
    https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-sm... Page URL
  4. https://jonoorgaip.net/?z=7252353&syncedCookie=true&rhd=false HTTP 302
    https://gl0a7loeki02do.com/news.php?key=r5loszc4fijz0j7mabh9&SUBID=875644760281584212&cost=0.000480&zon... HTTP 302
    https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2nt... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

21
Requests

90 %
HTTPS

42 %
IPv6

13
Domains

13
Subdomains

11
IPs

3
Countries

402 kB
Transfer

919 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636 HTTP 307
    https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636 Page URL
  2. https://v27.bvo8.com/go.php?ad=w8y1vvk08urbnwvonfk5&sid=M7431725767920189480&pub=5855&pid=5855-e4c21e44-5a1f0476&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=GB+WiFi&a=0 HTTP 302
    https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536 HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 Page URL
  3. http://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 HTTP 307
    https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 Page URL
  4. https://jonoorgaip.net/?z=7252353&syncedCookie=true&rhd=false HTTP 302
    https://gl0a7loeki02do.com/news.php?key=r5loszc4fijz0j7mabh9&SUBID=875644760281584212&cost=0.000480&zoneid=7252353&browser=chrome&browserversion=130&device=desktop&isp=british%20telecommunications%20plc&country=GB&os=linux&osversion=unspecified_linux&carrier=?&language=en HTTP 302
    https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636 HTTP 307
  • https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636
Request Chain 3
  • https://v27.bvo8.com/go.php?ad=w8y1vvk08urbnwvonfk5&sid=M7431725767920189480&pub=5855&pid=5855-e4c21e44-5a1f0476&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=GB+WiFi&a=0 HTTP 302
  • https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536 HTTP 302
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Request Chain 5
  • http://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 HTTP 307
  • https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Request Chain 12
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@1.7.7/dist/axios.min.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
click.sjsuhhd.xyz/
Redirect Chain
  • http://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-377...
  • https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-37...
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.198 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
f8224c4516f2bb19dd3c781cf95a62aaffc994b4319739ce801fd185d2ae11c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 00:11:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

Location
https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
click.sjsuhhd.xyz/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://click.sjsuhhd.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.198 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=86400
etag
"64d60f4e-47e"
expires
Fri, 01 Nov 2024 00:11:35 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
date
Thu, 31 Oct 2024 00:11:35 GMT
content-type
image/x-icon
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
favicon.ico
click.sjsuhhd.xyz/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://click.sjsuhhd.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.198 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636

Response headers

cache-control
max-age=86400
etag
"64d60f4e-47e"
expires
Fri, 01 Nov 2024 00:11:35 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
date
Thu, 31 Oct 2024 00:11:35 GMT
content-type
image/x-icon
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
r.html
cdntechone.com/
Redirect Chain
  • https://v27.bvo8.com/go.php?ad=w8y1vvk08urbnwvonfk5&sid=M7431725767920189480&pub=5855&pid=5855-e4c21e44-5a1f0476&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=GB+WiFi&a=0
  • https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855...
20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Requested by
Host: click.sjsuhhd.xyz
URL: https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f8b540ccf7bfb15d7c172f7b1c08124a65059ecf81430298b2075a8b733a63

Request headers

Referer
https://click.sjsuhhd.xyz/?utm_medium=7f0fdf48f740e6d3d2e1a8934cd7456f6e0c789f&utm_campaign=122%20mobile%20mainstream&1=672177239a75ec00013d0636&2=3_3_5655314-3775522587-3930541253&3=3_3_5655314-3775522587-3930541253&cid=672177239a75ec00013d0636#0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8daf6dc72b0b4885-LHR
content-encoding
br
content-type
text/html
date
Thu, 31 Oct 2024 00:11:37 GMT
last-modified
Thu, 11 Jul 2024 10:23:50 GMT
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvOApEmi%2FFdD9dWnfMzyWNkFdHDUNDWDF27eaHtfhl%2BRXjXtsPb6XcuY3HAIrCdztVX%2FOeILKD8vLu4Oy%2BcvClsfuwqSpqqXR1q0pEokjGh9bH4et45%2F0wkKuQdGxoSpIRKoz7qOdyzUpnRUUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=4622&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2523&delivery_rate=1390593&cwnd=254&unsent_bytes=0&cid=496902e42410b311&ts=91&x=0"

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Thu, 31 Oct 2024 00:11:37 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://cdntechone.com>; rel="dns-prefetch preconnect"
location
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
add
datatechone.com/log/ 		0
0
link
gribeorlneka.net/
Redirect Chain
  • http://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
  • https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
29 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
964d256b461aed215765ffd863f16dcfcd9680abde8c4ddb264d65a35d492f56
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 31 Oct 2024 00:11:38 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
f9729762279d3c61384c5c0d3e042bda

Redirect headers

Location
https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Non-Authoritative-Reason
HttpsUpgrades
sftouch
jonoorgaip.net/ 		43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jonoorgaip.net/sftouch?userId=04810612ec7548cae58b324e293ba66d&z=7252353&p_rid=40dc3511-501f-4e0b-b723-f249a0029607&p_src=sf&branchId=0&rb=Bvo8X3sNMGqdxbvXOuH3EX7NFE-ieN927NLqz6Jj6QervnwYbWloOcBHvO2QAt10XCzciTP36cFENiDMmG44Lq2uAZDI-APCooashSWKeZduvOIlQCPMto1hkVgSIVwro-5jQsMhFcFW0iVrU6XjwFvQdOTV7PBvIQguBxPRAsw-JK5NGA6HxVxoaqZ-DfHXwI5_yWDWzwXXX7lUxMe7U59zAa3iDiJJZxsbP6fdSz8m3ugp1TsUTJDc2QbnIQCyEI_KVJ5nYg5FMr3iMhdsNp2QC2QdUrVOIg3TJBJ0bEe_9jOoIJQrJ_DLUmPksxjfJrdG_NoU192JYNyl4Q6fRAwPUSkB4MDp&w_img=1
Requested by
Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gribeorlneka.net/

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 00:11:39 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
ade4cbea651a19874df764858acec83e
cf-ray
8daf6dd10eedbee4-LHR
access-control-allow-origin
*
content-length
43
server
cloudflare
add
gribeorlneka.net/log/ 		12 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gribeorlneka.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40dc3511-501f-4e0b-b723-f249a0029607
Requested by
Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://gribeorlneka.net
content-length
12
date
Thu, 31 Oct 2024 00:11:39 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=04810612ec7548cae58b324e293ba66d&z=7252353&p_rid=40dc3511-501f-4e0b-b723-f249a0029607&p_src=sf
Requested by
Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gribeorlneka.net/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Thu, 31 Oct 2024 00:11:39 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
add
gribeorlneka.net/async_log/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gribeorlneka.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40dc3511-501f-4e0b-b723-f249a0029607
Requested by
Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://gribeorlneka.net
content-length
0
date
Thu, 31 Oct 2024 00:11:39 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
gribeorlneka.net/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gribeorlneka.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Thu, 31 Oct 2024 00:11:39 GMT
pragma
public
server
nginx
Primary Request /
3tght76h.com/1/
Redirect Chain
  • https://jonoorgaip.net/?z=7252353&syncedCookie=true&rhd=false
  • https://gl0a7loeki02do.com/news.php?key=r5loszc4fijz0j7mabh9&SUBID=875644760281584212&cost=0.000480&zoneid=7252353&browser=chrome&browserversion=130&device=desktop&isp=british%20telecommunications%...
  • https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
78.46.92.254 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
d0a17fd2701bb4c0baa8a37c32bbf9623e724b7892b3e0cf85711af30149d861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gribeorlneka.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 31 Oct 2024 00:11:41 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 31 Oct 2024 00:11:40 GMT
Location
https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
favicon.ico
gribeorlneka.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://gribeorlneka.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gribeorlneka.net/afu.php?zoneid=7252353&var=7252353&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Thu, 31 Oct 2024 00:11:39 GMT
pragma
public
server
nginx
axios.min.js
unpkg.com/axios@1.7.7/dist/
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@1.7.7/dist/axios.min.js
53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@1.7.7/dist/axios.min.js
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Protocol
H2
Server
2606:4700::6811:f9cb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b2b26071bb59f466683356df11b5392614cf6966586917990c65d48af0dcb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://3tght76h.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"d383-UevtiR1Ub6VyiQ12MPIw3BrQgvI"
age
787109
x-content-type-options
nosniff
date
Thu, 31 Oct 2024 00:11:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JARFZ4ZNC0EJ17MJFH3QVC25-lhr
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8daf6de1fe1f634d-LHR
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/axios@1.7.7/dist/axios.min.js
content-encoding
br
cf-cache-status
HIT
age
573
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8daf6de17db2634d-LHR
access-control-allow-origin
*
date
Thu, 31 Oct 2024 00:11:41 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBFY28EAK9DB4QEY9FFGRN0C-lhr
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://3tght76h.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 00:11:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 31 Oct 2024 00:11:41 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		194 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-547JG5H
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae77ff2491d968eee1fd9b429190af1887603bb542266194f1373cf4a26ccbeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://3tght76h.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 31 Oct 2024 00:11:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 00:11:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71217
x-xss-protection
0
server
Google Tag Manager
bg.png
3tght76h.com/1/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3tght76h.com/1/bg.png
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
78.46.92.254 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"6554c665-efb2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61362
Date
Thu, 31 Oct 2024 00:11:42 GMT
Content-Type
image/png
Last-Modified
Wed, 15 Nov 2023 13:23:49 GMT
Server
nginx/1.22.0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		546 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://3tght76h.com
Referer
https://3tght76h.com/

Response headers

content-encoding
gzip
age
19348
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 18:49:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 18:49:14 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220347
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 71C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=plmhbdnah4xt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dd7w2-eN2bCyx_qmfXGnyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3tght76h.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Dd7w2-eN2bCyx_qmfXGnyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 00:11:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.png
3tght76h.com/ 		555 B
373 B 		Other
General
Check archive.org
Download Go to
Full URL
https://3tght76h.com/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
78.46.92.254 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
fcd3de6501f5b4c3bb783db15ccdde5e0c8558a04234152dc3332156c8acba2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://3tght76h.com/1/?lpkey=17a330ac338d385c00&uclick=9la8j2ntwj&uclickhash=9la8j2ntwj-9la8j2ntwj-uo-pmbl-ojdz-gx9l-4poc-d5c38c

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Thu, 31 Oct 2024 00:11:44 GMT
Content-Type
text/html
Server
nginx/1.22.0
Connection
keep-alive
bframe
www.google.com/recaptcha/api2/ Frame BFBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZBNUhaJ0C0RRcJGKfZ1ntg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3tght76h.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZBNUhaJ0C0RRcJGKfZ1ntg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Oct 2024 00:11:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
datatechone.com
URL
https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=01eded33-950a-4071-b760-434a6f1d12ff

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onLazyPixel object| _nvksp5rgq function| nvksp5rgq object| __ds3dcv__

7 Cookies

Domain/Path Name / Value
v27.bvo8.com/ Name: uclick
Value: sc8pqne2
v27.bvo8.com/ Name: uclickhash
Value: sc8pqne2-sc8pqne2-2ti4-myoc-syj6-ghktbl-ghkt8n-60f609
gribeorlneka.net/ Name: OAID
Value: 04810612ec7548cae58b324e293ba66d
gribeorlneka.net/ Name: oaidts
Value: 1730333497
gribeorlneka.net/ Name: phpckd7252352
Value: true
gribeorlneka.net/ Name: captcha
Value: player
gribeorlneka.net/ Name: allcnt
Value: 1

4 Console Messages

Source Level URL
Text
rendering warning URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=5855-e4c21e44-5a1f0476&clid={ymid}&r=http%3A%2F%2Fgribeorlneka.net%2Flink%3Fz%3D7252352%26var%3D5855-e4c21e44-5a1f0476%26ymid%3D4e61asc8pqne2536%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090F1000C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://gribeorlneka.net/link?z=7252352&var=5855-e4c21e44-5a1f0476&ymid=4e61asc8pqne2536&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030F1000C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://gribeorlneka.net/afu.php?zoneid=7252353&var=7252353&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090F1000C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://3tght76h.com/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3tght76h.com
cdntechone.com
click.sjsuhhd.xyz
datatechone.com
gl0a7loeki02do.com
gribeorlneka.net
jonoorgaip.net
my.rtmark.net
unpkg.com
v27.bvo8.com
www.google.com
www.googletagmanager.com
www.gstatic.com
datatechone.com
104.18.22.222
104.18.23.222
139.45.195.8
139.45.196.64
162.55.4.52
2606:4700::6811:f9cb
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2008
2a06:98c1:3121::3
78.46.92.254
99.198.108.198
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
964d256b461aed215765ffd863f16dcfcd9680abde8c4ddb264d65a35d492f56
ae77ff2491d968eee1fd9b429190af1887603bb542266194f1373cf4a26ccbeb
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0
d0a17fd2701bb4c0baa8a37c32bbf9623e724b7892b3e0cf85711af30149d861
d5f8b540ccf7bfb15d7c172f7b1c08124a65059ecf81430298b2075a8b733a63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5b2b26071bb59f466683356df11b5392614cf6966586917990c65d48af0dcb9
f8224c4516f2bb19dd3c781cf95a62aaffc994b4319739ce801fd185d2ae11c3
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
fcd3de6501f5b4c3bb783db15ccdde5e0c8558a04234152dc3332156c8acba2e
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7