urlscan.io logo urlscan.io
SecurityTrails logo

plxmvztnrkgwqy.wiki Open in urlscan Pro
5.187.6.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://plxmvztnrkgwqy.wiki/
Effective URL: https://plxmvztnrkgwqy.wiki/
Submission: On December 11 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 5.187.6.214, located in Frankfurt am Main, Germany and belongs to FORNEX-AS Fornex Hosting S.L., ES. The main domain is plxmvztnrkgwqy.wiki.
TLS certificate: Issued by E6 on December 3rd 2024. Valid for: 3 months.
This is the only time plxmvztnrkgwqy.wiki was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 5.187.6.214 44051 (FORNEX-AS...)
1 46.4.208.173 24940 (HETZNER-A...)
2 172.217.222.136 15169 (GOOGLE)
3 7 87.250.251.119 13238 (YANDEX YA...)
1 87.250.250.119 13238 (YANDEX YA...)
28 6
20    5.187.6.214 (Frankfurt am Main, Germany)

ASN44051 (FORNEX-AS Fornex Hosting S.L., ES)
PTR: dsde616-5.fornex.org
plxmvztnrkgwqy.wiki
1    46.4.208.173 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.173.208.4.46.clients.your-server.de
gsimvqfghc.com
2    172.217.222.136 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f136.1e100.net
www.youtube.com
7    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
1    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
20 plxmvztnrkgwqy.wiki
plxmvztnrkgwqy.wiki
2 MB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
4 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
55 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
1 gsimvqfghc.com
gsimvqfghc.com — Cisco Umbrella Rank: 387869
8 KB
28 5
Domain Requested by
20 plxmvztnrkgwqy.wiki plxmvztnrkgwqy.wiki
6 mc.yandex.com 2 redirects plxmvztnrkgwqy.wiki
mc.yandex.ru
2 mc.yandex.ru 1 redirects plxmvztnrkgwqy.wiki
2 www.youtube.com plxmvztnrkgwqy.wiki
www.youtube.com
1 gsimvqfghc.com plxmvztnrkgwqy.wiki
28 5

This site contains no links.

Subject Issuer Validity Valid
plxmvztnrkgwqy.wiki
E6		 2024-12-03 -
2025-03-03		 3 months crt.sh
zyjbvnxiig.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://plxmvztnrkgwqy.wiki/
Frame ID: C9124E933DA9A4F201C276B3CD790AB1
Requests: 29 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B9A53EFC4FE547B28CBF85E11784085A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новости :: Торонто :: Atlas News

Page URL History Show full URLs

  1. http://plxmvztnrkgwqy.wiki/ HTTP 307
    https://plxmvztnrkgwqy.wiki/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

93 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2459 kB
Transfer

2692 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://plxmvztnrkgwqy.wiki/ HTTP 307
    https://plxmvztnrkgwqy.wiki/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10591.f93GddpiLnnF_tMfmLaRO7fwsBDWxH6NAZAqbxoY7k42sYuhq2VtJbiBsEHwvOpq.rCa9JKNIqmLAbslIORHVnVB1YCI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10591.rcy4B5JQONXbdSjuG8XEC7EigNZLXCvj_RBTXL7jI3rOP9VPRG8tIhbT-h8Jhew0AtZTp3aLE2or8bQdT99x1NspVAyOySE9Bc5P78chNhrqW-txgUBB-cF8gHpBG-BBCLWLFS5FJR9et-wYhZxEIYn5OmRS5K1TZz4ZHquiJumwzaMU_mvGGEoeI1K_Qyk_207j31QKMC5oZfsNU7xZRsEiMZCsb00qBxr3NQ5UJ-Q%2C.nK0XmytTz86jnh1lpRXpq_HsNfg%2C
Request Chain 26
  • https://mc.yandex.com/watch/27047638?wmode=7&page-url=https%3A%2F%2Fplxmvztnrkgwqy.wiki%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A284884871068%3Ahid%3A772521641%3Az%3A-480%3Ai%3A20241211010959%3Aet%3A1733908199%3Ac%3A1%3Arn%3A529213942%3Arqn%3A1%3Au%3A1733908199243011165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A899%3Ads%3A0%2C231%2C230%2C3%2C23%2C0%2C%2C400%2C7%2C%2C%2C%2C890%3Aco%3A0%3Acpf%3A1%3Ans%3A1733908197523%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733908200%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%3A%3A%20%D0%A2%D0%BE%D1%80%D0%BE%D0%BD%D1%82%D0%BE%20%3A%3A%20Atlas%20News&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178752)ti(1) HTTP 302
  • https://mc.yandex.com/watch/27047638/1?wmode=7&page-url=https%3A%2F%2Fplxmvztnrkgwqy.wiki%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A284884871068%3Ahid%3A772521641%3Az%3A-480%3Ai%3A20241211010959%3Aet%3A1733908199%3Ac%3A1%3Arn%3A529213942%3Arqn%3A1%3Au%3A1733908199243011165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A899%3Ads%3A0%2C231%2C230%2C3%2C23%2C0%2C%2C400%2C7%2C%2C%2C%2C890%3Aco%3A0%3Acpf%3A1%3Ans%3A1733908197523%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733908200%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%3A%3A%20%D0%A2%D0%BE%D1%80%D0%BE%D0%BD%D1%82%D0%BE%20%3A%3A%20Atlas%20News&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
plxmvztnrkgwqy.wiki/
Redirect Chain
  • http://plxmvztnrkgwqy.wiki/
  • https://plxmvztnrkgwqy.wiki/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
8ad62e5c1d4bdf54a65eeb8921e58ccb8bbd7bff97331269ea3794e444072c5e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.gstatic.com https://yastatic.net https://www.youtube.com https://s.ytimg.com https://platform.instagram.com https://www.instagram.com https://platform.twitter.com https://cdn.syndication.twimg.com https://mc.yandex.ru https://top-fwz1.mail.ru https://js.sentry-cdn.com https://browser.sentry-cdn.com https://qaz.plxmvztnrkgwqy.wiki https://push.plxmvztnrkgwqy.wiki https://www.googletagmanager.com https://*.yandex.com https://bdiebbbiciebd.com https://gsimvqfghc.com https://8jk35km0r3.com https://subscribe.rift-quantum.com; style-src 'self' 'unsafe-inline' data: https://fonts.googleapis.com https://platform.twitter.com ; img-src 'self' data: https://* http://* ; font-src 'self' data: https://fonts.gstatic.com ; frame-src 'self' data: https://yastatic.net https://www.youtube.com https://www.instagram.com/ https://platform.twitter.com https://*.yandex.com; connect-src 'self' data: https://yastatic.net https://mc.yandex.ru https://mc.webvisor.com https://mc.webvisor.org https://fcm.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://push.newsdaily.biz https://top-fwz1.mail.ru https://o4505939965509632.ingest.sentry.io https://push.plxmvztnrkgwqy.wiki https://biposerfl.shop https://*.google-analytics.com https://*.yandex.com https://bdiebbbiciebd.com https://gsimvqfghc.com https://8jk35km0r3.com https://subscribe.rift-quantum.com; worker-src 'self' data: https://fcm.googleapis.com https://push.newsdaily.biz https://push.plxmvztnrkgwqy.wiki ;
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-WOW64
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.gstatic.com https://yastatic.net https://www.youtube.com https://s.ytimg.com https://platform.instagram.com https://www.instagram.com https://platform.twitter.com https://cdn.syndication.twimg.com https://mc.yandex.ru https://top-fwz1.mail.ru https://js.sentry-cdn.com https://browser.sentry-cdn.com https://qaz.plxmvztnrkgwqy.wiki https://push.plxmvztnrkgwqy.wiki https://www.googletagmanager.com https://*.yandex.com https://bdiebbbiciebd.com https://gsimvqfghc.com https://8jk35km0r3.com https://subscribe.rift-quantum.com; style-src 'self' 'unsafe-inline' data: https://fonts.googleapis.com https://platform.twitter.com ; img-src 'self' data: https://* http://* ; font-src 'self' data: https://fonts.gstatic.com ; frame-src 'self' data: https://yastatic.net https://www.youtube.com https://www.instagram.com/ https://platform.twitter.com https://*.yandex.com; connect-src 'self' data: https://yastatic.net https://mc.yandex.ru https://mc.webvisor.com https://mc.webvisor.org https://fcm.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://push.newsdaily.biz https://top-fwz1.mail.ru https://o4505939965509632.ingest.sentry.io https://push.plxmvztnrkgwqy.wiki https://biposerfl.shop https://*.google-analytics.com https://*.yandex.com https://bdiebbbiciebd.com https://gsimvqfghc.com https://8jk35km0r3.com https://subscribe.rift-quantum.com; worker-src 'self' data: https://fcm.googleapis.com https://push.newsdaily.biz https://push.plxmvztnrkgwqy.wiki ;
content-type
text/html; charset=utf-8
date
Wed, 11 Dec 2024 09:09:57 GMT
server
nginx
strict-transport-security
max-age=31536000;
vary
Accept-Encoding

Redirect headers

Location
https://plxmvztnrkgwqy.wiki/
Non-Authoritative-Reason
HttpsUpgrades
style.css
plxmvztnrkgwqy.wiki/templates/bbc/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/templates/bbc/css/style.css?12.10.2
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
579347e0e0b86077b2c8b28a8ecd68d0ff30094ce145ca3c2d1073951fd4bea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
etag
W/"67585301-5c2f"
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
text/css
last-modified
Tue, 10 Dec 2024 14:41:05 GMT
server
nginx
vary
Accept-Encoding
jquery-1.8.3.min.js
plxmvztnrkgwqy.wiki/templates/bbc/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/templates/bbc/js/jquery-1.8.3.min.js
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
etag
W/"67585301-16dc5"
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
application/javascript
last-modified
Tue, 10 Dec 2024 14:41:05 GMT
server
nginx
vary
Accept-Encoding
load.raw.js
plxmvztnrkgwqy.wiki/templates/bbc/js/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/templates/bbc/js/load.raw.js?09.07
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
14c2ac841d3b03be3079c394aa99a15834731a937c21bc892defe6caec5ff188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
etag
W/"67585301-5f1a"
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
application/javascript
last-modified
Tue, 10 Dec 2024 14:41:05 GMT
server
nginx
vary
Accept-Encoding
573eaf8e6e06bf6b2daefde61da9066e15f7b92f.js
gsimvqfghc.com/v2/185606/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsimvqfghc.com/v2/185606/573eaf8e6e06bf6b2daefde61da9066e15f7b92f.js
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.4.208.173 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.173.208.4.46.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d4f741494fa7d31152971cfb1258f2b3cdbb83853ca67292e2cd2a135fe39093

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

access-control-allow-headers
*
cache-control
max-age=315360000
access-control-expose-headers
*
content-encoding
gzip
etag
W/"6758b846-7275"
access-control-allow-methods
GET
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
application/javascript
last-modified
Tue, 10 Dec 2024 21:53:10 GMT
server
nginx/1.18.0
vary
Accept-Encoding
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f136.1e100.net
Software
ESF /
Resource Hash
b245c66746e5fb91edabaa961bafd7fded553c1c4eec232c6c7e49883ee619bd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Wed, 11 Dec 2024 09:09:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
watch.js
mc.yandex.ru/metrika/ 		153 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
6d5c75279c80c9829a98894b094dd97fe778341184894855358b55d7527756a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"674f133a-d85d"
expires
Wed, 11 Dec 2024 10:09:58 GMT
access-control-allow-origin
*
content-length
55389
date
Wed, 11 Dec 2024 09:09:58 GMT
last-modified
Tue, 03 Dec 2024 14:18:34 GMT
content-type
application/javascript
Roboto-Bold.woff2
plxmvztnrkgwqy.wiki/templates/bbc/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/templates/bbc/fonts/Roboto-Bold.woff2?v=2.137
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/templates/bbc/css/style.css?12.10.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://plxmvztnrkgwqy.wiki
Referer
https://plxmvztnrkgwqy.wiki/templates/bbc/css/style.css?12.10.2

Response headers

strict-transport-security
max-age=31536000;
etag
"67585301-fce4"
accept-ranges
bytes
content-length
64740
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
application/octet-stream
last-modified
Tue, 10 Dec 2024 14:41:05 GMT
server
nginx
qaz.html
plxmvztnrkgwqy.wiki/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/qaz.html?fc=1
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/templates/bbc/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
d4d0a516ae5208e25e777c7827fa9ebf76d46a179998690cf09e94f10fea7ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://plxmvztnrkgwqy.wiki/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
server
nginx
www-widgetapi.js
www.youtube.com/s/player/3bb1f723/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3bb1f723/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f136.1e100.net
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

content-encoding
br
age
517158
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 09:30:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 09:30:40 GMT
last-modified
Thu, 05 Dec 2024 05:16:39 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
340756_wide.1733835857.png
plxmvztnrkgwqy.wiki/images/n/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340756_wide.1733835857.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
d726d07addc8d33429012f34201745af83426d76c61165272cd13ecbb6e43e1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67583c51-26502"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
156930
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 13:04:17 GMT
server
nginx
340755_wide.1733835461.png
plxmvztnrkgwqy.wiki/images/n/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340755_wide.1733835461.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
22a5db744121453d4310f28af45599790b1db96f9f427a594ba0125eb8ad44f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67583ac6-24568"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
148840
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:57:42 GMT
server
nginx
340754_wide.1733833266.png
plxmvztnrkgwqy.wiki/images/n/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340754_wide.1733833266.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
158d33897217104b656fc06fe5c77d8ed8dfcbffddeb1f3d4058d19b63433d17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67583233-311b1"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
201137
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:21:07 GMT
server
nginx
340753_wide.1733833184.png
plxmvztnrkgwqy.wiki/images/n/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340753_wide.1733833184.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
0268d206184aea56712c4214a932ffa696b3efb503173005b4dfa953adbae3db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"675831e1-3c757"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
247639
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:19:45 GMT
server
nginx
340752_wide.1733833077.png
plxmvztnrkgwqy.wiki/images/n/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340752_wide.1733833077.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
7d96708c250f6f29d7b2e3aecb8eba33f959649e9812a45f9d2e18d0398a7da8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67583175-2ee83"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
192131
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:17:57 GMT
server
nginx
340751_wide.1733832947.png
plxmvztnrkgwqy.wiki/images/n/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340751_wide.1733832947.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
556de764cfbcf3193ce3188854c1a1c6cfa816dcfe958153a37ffed45fff8f19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"675830f4-24439"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
148537
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:15:48 GMT
server
nginx
340750_wide.1733832645.png
plxmvztnrkgwqy.wiki/images/n/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340750_wide.1733832645.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
c9d0d17d37ccd154cd0fa13a59a67263189090efbd4768180fc1199d38a2c9cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67582fc6-33161"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
209249
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:10:46 GMT
server
nginx
340749_wide.1733832082.png
plxmvztnrkgwqy.wiki/images/n/ 		234 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340749_wide.1733832082.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
2e625f1fe488b0714521abfea0c2e73848532f20ef262a9a24dee2e4ec8c45e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67582d92-3a948"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
239944
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:01:22 GMT
server
nginx
340748_wide.1733832013.png
plxmvztnrkgwqy.wiki/images/n/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340748_wide.1733832013.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
00a65f1d45d7d5000f65bf2f3200dfa69539486cbce8c60d88ef84620a2fd196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67582d4e-1dad2"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
121554
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 12:00:14 GMT
server
nginx
340747_wide.1733831948.png
plxmvztnrkgwqy.wiki/images/n/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340747_wide.1733831948.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
fd5a6f07c8e331bac2fec84ef896ebcff8214d5b1b9db10d52e720ca627bddf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67582d0d-20e2c"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
134700
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 11:59:09 GMT
server
nginx
340746_wide.1733831883.png
plxmvztnrkgwqy.wiki/images/n/ 		245 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340746_wide.1733831883.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
cc13d0b59f7f0fa5c51150296988b6292cd8c9648da5984acb1512f6318929ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67582ccb-3d357"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
250711
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 11:58:03 GMT
server
nginx
340745_wide.1733831740.png
plxmvztnrkgwqy.wiki/images/n/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plxmvztnrkgwqy.wiki/images/n/340745_wide.1733831740.png
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
2a964910ce9637c496c418ed1d6c2fa7a27e430b0f1e51173a2cce09e84ac915

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

cache-control
max-age=604800, public, must-revalidate
etag
"67582c3d-345e3"
expires
Wed, 18 Dec 2024 09:09:58 GMT
accept-ranges
bytes
content-length
214499
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 11:55:41 GMT
server
nginx
Lato-Bold.woff2
plxmvztnrkgwqy.wiki/templates/bbc/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/templates/bbc/fonts/Lato-Bold.woff2
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/templates/bbc/css/style.css?12.10.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
955b192f965e71041f9b4cad14250d47337d0627c856d5e0ce5b04453428741d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://plxmvztnrkgwqy.wiki
Referer
https://plxmvztnrkgwqy.wiki/templates/bbc/css/style.css?12.10.2

Response headers

strict-transport-security
max-age=31536000;
etag
"67585301-c42c"
accept-ranges
bytes
content-length
50220
date
Wed, 11 Dec 2024 09:09:58 GMT
content-type
application/octet-stream
last-modified
Tue, 10 Dec 2024 14:41:05 GMT
server
nginx
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10591.f93GddpiLnnF_tMfmLaRO7fwsBDWxH6NAZAqbxoY7k42sYuhq2VtJbiBsEHwvOpq.rCa9JKNIqmLAbslIORHVnVB1YCI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10591.rcy4B5JQONXbdSjuG8XEC7EigNZLXCvj_RBTXL7jI3rOP9VPRG8tIhbT-h8Jhew0AtZTp3aLE2or8bQdT99x1NspVAyOySE9Bc5P78chNhrqW-txgUBB-cF8gHpBG-BBCLWLFS5FJR...
43 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10591.rcy4B5JQONXbdSjuG8XEC7EigNZLXCvj_RBTXL7jI3rOP9VPRG8tIhbT-h8Jhew0AtZTp3aLE2or8bQdT99x1NspVAyOySE9Bc5P78chNhrqW-txgUBB-cF8gHpBG-BBCLWLFS5FJR9et-wYhZxEIYn5OmRS5K1TZz4ZHquiJumwzaMU_mvGGEoeI1K_Qyk_207j31QKMC5oZfsNU7xZRsEiMZCsb00qBxr3NQ5UJ-Q%2C.nK0XmytTz86jnh1lpRXpq_HsNfg%2C
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Wed, 11 Dec 2024 09:09:59 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10591.rcy4B5JQONXbdSjuG8XEC7EigNZLXCvj_RBTXL7jI3rOP9VPRG8tIhbT-h8Jhew0AtZTp3aLE2or8bQdT99x1NspVAyOySE9Bc5P78chNhrqW-txgUBB-cF8gHpBG-BBCLWLFS5FJR9et-wYhZxEIYn5OmRS5K1TZz4ZHquiJumwzaMU_mvGGEoeI1K_Qyk_207j31QKMC5oZfsNU7xZRsEiMZCsb00qBxr3NQ5UJ-Q%2C.nK0XmytTz86jnh1lpRXpq_HsNfg%2C
x-xss-protection
1; mode=block
date
Wed, 11 Dec 2024 09:09:59 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: plxmvztnrkgwqy.wiki
URL: https://plxmvztnrkgwqy.wiki/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"674f133a-2b"
expires
Wed, 11 Dec 2024 10:09:59 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 11 Dec 2024 09:09:59 GMT
content-type
image/gif
last-modified
Tue, 03 Dec 2024 14:18:34 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame B9A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plxmvztnrkgwqy.wiki/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1473
content-type
text/html
date
Wed, 11 Dec 2024 09:09:59 GMT
etag
"674f133a-5c1"
expires
Wed, 11 Dec 2024 10:09:59 GMT
last-modified
Tue, 03 Dec 2024 14:18:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/27047638/
Redirect Chain
  • https://mc.yandex.com/watch/27047638?wmode=7&page-url=https%3A%2F%2Fplxmvztnrkgwqy.wiki%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/27047638/1?wmode=7&page-url=https%3A%2F%2Fplxmvztnrkgwqy.wiki%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-...
615 B
847 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/27047638/1?wmode=7&page-url=https%3A%2F%2Fplxmvztnrkgwqy.wiki%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A284884871068%3Ahid%3A772521641%3Az%3A-480%3Ai%3A20241211010959%3Aet%3A1733908199%3Ac%3A1%3Arn%3A529213942%3Arqn%3A1%3Au%3A1733908199243011165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A899%3Ads%3A0%2C231%2C230%2C3%2C23%2C0%2C%2C400%2C7%2C%2C%2C%2C890%3Aco%3A0%3Acpf%3A1%3Ans%3A1733908197523%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733908200%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%3A%3A%20%D0%A2%D0%BE%D1%80%D0%BE%D0%BD%D1%82%D0%BE%20%3A%3A%20Atlas%20News&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b1e50b8927f93adf70df9f2cd978a1575aee0e5e481b278446b4af3abad80db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Wed, 11-Dec-2024 09:10:00 GMT
access-control-allow-origin
https://plxmvztnrkgwqy.wiki
content-length
615
x-xss-protection
1; mode=block
date
Wed, 11 Dec 2024 09:10:00 GMT
content-type
application/json; charset=utf-8
last-modified
Wed, 11-Dec-2024 09:10:00 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/27047638/1?wmode=7&page-url=https%3A%2F%2Fplxmvztnrkgwqy.wiki%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A284884871068%3Ahid%3A772521641%3Az%3A-480%3Ai%3A20241211010959%3Aet%3A1733908199%3Ac%3A1%3Arn%3A529213942%3Arqn%3A1%3Au%3A1733908199243011165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A899%3Ads%3A0%2C231%2C230%2C3%2C23%2C0%2C%2C400%2C7%2C%2C%2C%2C890%3Aco%3A0%3Acpf%3A1%3Ans%3A1733908197523%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733908200%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%3A%3A%20%D0%A2%D0%BE%D1%80%D0%BE%D0%BD%D1%82%D0%BE%20%3A%3A%20Atlas%20News&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Wed, 11-Dec-2024 09:10:00 GMT
access-control-allow-origin
https://plxmvztnrkgwqy.wiki
date
Wed, 11 Dec 2024 09:10:00 GMT
x-xss-protection
1; mode=block
last-modified
Wed, 11-Dec-2024 09:10:00 GMT
favicon-32x32.png
plxmvztnrkgwqy.wiki/templates/bbc/img/ 		610 B
763 B 		Other
General
Check archive.org
Download Go to
Full URL
https://plxmvztnrkgwqy.wiki/templates/bbc/img/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.6.214 Frankfurt am Main, Germany, ASN44051 (FORNEX-AS Fornex Hosting S.L., ES),
Reverse DNS
dsde616-5.fornex.org
Software
nginx /
Resource Hash
ec9dc3b24d9e339072345afdf0779d13ee9301b4bdf017edd209ce8b109ff0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://plxmvztnrkgwqy.wiki/

Response headers

strict-transport-security
max-age=31536000;
etag
"67585301-262"
accept-ranges
bytes
content-length
610
date
Wed, 11 Dec 2024 09:10:00 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 14:41:05 GMT
server
nginx
truncated
/ 		554 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a22936b316f4b38ed4482fb564ae2d340006043e3edb29e2b33d06c9c873f80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| scrollSpace object| renderScheme object| scrollScheme object| renderOffset number| mediaWidth string| tplSize object| gridRowGenerator object| gridRow boolean| hasWebP function| loadInit function| corePost function| renderStart function| renderCore function| mW function| getGridRow function| makeIterable function| returnThis object| Render function| startScroll function| replaceLast string| THE_BEST string| ADVERTISING object| CATEGORIES object| DAYS boolean| SHOW_OVERLAY function| onClick object| template string| block object| elem object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| b object| jQuery18304098680179315952 function| lsFd35pLxPoL6613X object| i64c0d object| Ya object| yaCounter27047638 object| Hrg3fa15 object| tJoaDFtnRG object| OE7OcZwo2 object| aS40 object| RGMx object| hwxy14SNzEO

24 Cookies

Domain/Path Name / Value
.plxmvztnrkgwqy.wiki/ Name: RN2_0
Value: 675956e5ccc92-2d746cb594aaca03943ac2d8179daa58
plxmvztnrkgwqy.wiki/ Name: reset
Value: 0
.plxmvztnrkgwqy.wiki/ Name: rN_shift
Value: 0
.youtube.com/ Name: YSC
Value: uLGB64dzKSg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: z1MnLGYylPA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgGQ%3D%3D
.yandex.ru/ Name: i
Value: umlBTsBqNWIbpX7jWAZZ4qXQtBUoMLppSx/TsEnL79oZl19HKIsbhNLxLfxU07KJxCp+MTwDBvoO4JQxBWld8Aj26p8=
.yandex.ru/ Name: yandexuid
Value: 3446034261733908198
.yandex.ru/ Name: yashr
Value: 2481564481733908198
.plxmvztnrkgwqy.wiki/ Name: _ym_uid
Value: 1733908199243011165
.plxmvztnrkgwqy.wiki/ Name: _ym_d
Value: 1733908199
.plxmvztnrkgwqy.wiki/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1449732476fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1489116412fake
.yandex.com/ Name: yuidss
Value: 3446034261733908198
.yandex.com/ Name: yp
Value: 1733994599.yu.9235086621733908199
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.com/ Name: i
Value: XiLX1Q7YvEaMPKiQQYJxXwqy3M2fbAUXTiTmFjYn+YLXIkPZI58mI/5+1rFPz8YxaICSsmpOjVzGQlwvH+v9Ew0d+qo=
.yandex.com/ Name: yashr
Value: 4386985961733908199
mc.yandex.com/ Name: yabs-sid
Value: 931215791733908200
.yandex.com/ Name: yandexuid
Value: 3446034261733908198
.yandex.com/ Name: ymex
Value: 1736500199.oyu.9235086621733908199#2049268200.yrts.1733908200
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDoreW6Bg==

1 Console Messages

Source Level URL
Text
other error URL: https://plxmvztnrkgwqy.wiki/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.gstatic.com https://yastatic.net https://www.youtube.com https://s.ytimg.com https://platform.instagram.com https://www.instagram.com https://platform.twitter.com https://cdn.syndication.twimg.com https://mc.yandex.ru https://top-fwz1.mail.ru https://js.sentry-cdn.com https://browser.sentry-cdn.com https://qaz.plxmvztnrkgwqy.wiki https://push.plxmvztnrkgwqy.wiki https://www.googletagmanager.com https://*.yandex.com https://bdiebbbiciebd.com https://gsimvqfghc.com https://8jk35km0r3.com https://subscribe.rift-quantum.com; style-src 'self' 'unsafe-inline' data: https://fonts.googleapis.com https://platform.twitter.com ; img-src 'self' data: https://* http://* ; font-src 'self' data: https://fonts.gstatic.com ; frame-src 'self' data: https://yastatic.net https://www.youtube.com https://www.instagram.com/ https://platform.twitter.com https://*.yandex.com; connect-src 'self' data: https://yastatic.net https://mc.yandex.ru https://mc.webvisor.com https://mc.webvisor.org https://fcm.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://push.newsdaily.biz https://top-fwz1.mail.ru https://o4505939965509632.ingest.sentry.io https://push.plxmvztnrkgwqy.wiki https://biposerfl.shop https://*.google-analytics.com https://*.yandex.com https://bdiebbbiciebd.com https://gsimvqfghc.com https://8jk35km0r3.com https://subscribe.rift-quantum.com; worker-src 'self' data: https://fcm.googleapis.com https://push.newsdaily.biz https://push.plxmvztnrkgwqy.wiki ;
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gsimvqfghc.com
mc.yandex.com
mc.yandex.ru
plxmvztnrkgwqy.wiki
www.youtube.com
172.217.222.136
46.4.208.173
5.187.6.214
87.250.250.119
87.250.251.119
00a65f1d45d7d5000f65bf2f3200dfa69539486cbce8c60d88ef84620a2fd196
0268d206184aea56712c4214a932ffa696b3efb503173005b4dfa953adbae3db
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
14c2ac841d3b03be3079c394aa99a15834731a937c21bc892defe6caec5ff188
158d33897217104b656fc06fe5c77d8ed8dfcbffddeb1f3d4058d19b63433d17
1a22936b316f4b38ed4482fb564ae2d340006043e3edb29e2b33d06c9c873f80
22a5db744121453d4310f28af45599790b1db96f9f427a594ba0125eb8ad44f0
2a964910ce9637c496c418ed1d6c2fa7a27e430b0f1e51173a2cce09e84ac915
2e625f1fe488b0714521abfea0c2e73848532f20ef262a9a24dee2e4ec8c45e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556de764cfbcf3193ce3188854c1a1c6cfa816dcfe958153a37ffed45fff8f19
579347e0e0b86077b2c8b28a8ecd68d0ff30094ce145ca3c2d1073951fd4bea6
6d5c75279c80c9829a98894b094dd97fe778341184894855358b55d7527756a4
7d96708c250f6f29d7b2e3aecb8eba33f959649e9812a45f9d2e18d0398a7da8
8ad62e5c1d4bdf54a65eeb8921e58ccb8bbd7bff97331269ea3794e444072c5e
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
955b192f965e71041f9b4cad14250d47337d0627c856d5e0ce5b04453428741d
b1e50b8927f93adf70df9f2cd978a1575aee0e5e481b278446b4af3abad80db9
b245c66746e5fb91edabaa961bafd7fded553c1c4eec232c6c7e49883ee619bd
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9d0d17d37ccd154cd0fa13a59a67263189090efbd4768180fc1199d38a2c9cd
cc13d0b59f7f0fa5c51150296988b6292cd8c9648da5984acb1512f6318929ca
d4d0a516ae5208e25e777c7827fa9ebf76d46a179998690cf09e94f10fea7ee0
d4f741494fa7d31152971cfb1258f2b3cdbb83853ca67292e2cd2a135fe39093
d726d07addc8d33429012f34201745af83426d76c61165272cd13ecbb6e43e1a
ec9dc3b24d9e339072345afdf0779d13ee9301b4bdf017edd209ce8b109ff0ca
fd5a6f07c8e331bac2fec84ef896ebcff8214d5b1b9db10d52e720ca627bddf2