| 9xbuddy.in/build/291f13891176f90733ca.png | 188.114.97.1 | 200 OK | 2.5 kB |
URL GET HTTP/39xbuddy.in/build/291f13891176f90733ca.png IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typePNG image data, 217 x 55, 8-bit colormap, non-interlaced Hashf19a76e1de03a1ecb9c45dcfb96bce41 2156ba7ed189b2f22b87e87eb9ffcaa7ebb4db0c 55340830b75351b2ad4154871c488f34c0b66c8cef18719f3f7a8f9dc190cd58
GET /build/291f13891176f90733ca.png HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: image/png
content-length: 2501
last-modified: Sun, 06 Nov 2022 06:05:05 GMT
etag: "63674e91-9c5"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CyZ9F7sFYdMb3mpLcWzXUpsXfEWAp1cIWZM0S3%2FIkjdIG%2FhRx63leBnz0Rd3JegyQiuzRpyTHM7b%2FadNOQE6LuHTRqmDmwphRF7s0fNblpT%2FOG5osEn7pQHHieHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876194e6cd72b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.97.1 | 302 Found | 0 B |
URL GET HTTP/39xbuddy.in/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 03:31:23 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2F3IeOlqBwcrZfiOal8p584EDUYMVYykqPQsx0N4rrvSCec1zCimk1vKiwz2Gl0gcqPWSbUVCVgxUvHUnBcPKEfDYVMP9CbgX6iJ9QsRuDto0OOLRrlA5E3Lrh%2By"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876194e85e06b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/cdn-cgi/challenge-platform/h/g/jsd/r/876194e4c9afb50b | 188.114.97.1 | 200 OK | 0 B |
URL POST HTTP/39xbuddy.in/cdn-cgi/challenge-platform/h/g/jsd/r/876194e4c9afb50b IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/g/jsd/r/876194e4c9afb50b HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12284
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=mE7lXhxLMNvTg7spXLwXyYPexJx1bxhLx35LKXy_9iA-1713411083-1.0.1.1-D_GW05IqK2DOEpTZMsgZiuaEPkP8O9Hlqpr7VDIyXEa23JHppfPTrknKG.0nyk1dWJp9D1Kp91cXsBOxkaKBmQ; path=/; expires=Fri, 18-Apr-25 03:31:23 GMT; domain=.9xbuddy.in; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzUox82%2F4zrv7S8eRZvUDl655o3JqThu0V7a9K%2B7D%2By2lpR9evVJlc6o7aGYxsP3B9CSNCH9mcxgiof3j86XXFk9yGupxofQynOIoVI%2FNL1LA4kpPTXbEwALTePx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e95e6ab523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js | 188.114.97.1 | 200 OK | 9.0 kB |
URL GET HTTP/39xbuddy.in/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (7739), with no line terminators Hash73e3f521b98fc1dcf41552029ac595c0 742ef9efeb01aba0dca02c98a3f5fb61d9e8cba7 065429e5df2a4b68a98a7e0e3e0b7dc8f6ae234abf23615ae37898e88e206303
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIh8HaW3aQeN7QyX7LipMl86dMeXvg8vydapOVuyP2QIuBhbtMvwck43pPx3A5PeIRqGxWQxw8AnvO6sUCXFTs5lAUX%2B1npXhVY05x43Qskqsjq8slKTgbg6ID0o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e87e0fb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/icons/favicon-16x16.png | 188.114.97.1 | 200 OK | 680 B |
URL GET HTTP/39xbuddy.in/icons/favicon-16x16.png IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashf310dc4b30e94e078aa3d8ce14a93a7d f6b2f0419a8bb65aafd4c185079584494439cf4a 5261947833061f72396f2e0f6b27598ae37585d8de6da4bed8df9f683181aaab
GET /icons/favicon-16x16.png HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: image/png
content-length: 680
last-modified: Sun, 06 Nov 2022 06:05:05 GMT
etag: "63674e91-2a8"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3j56zF%2BRS60y0n1Ex2q2rhO4%2BqqTzY3Ra1L7eO7quaonpqoanCQ4Plh%2BNQZAIB8%2BLkqj6Absiyz00WmB7sO2l1XQZaRDMrxjuNb5H%2BpglTUeei17VvXl9sWErlL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876194e8fe4db523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| video-cdn3.gelbooru.com//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm | 108.181.143.71 | | 145 B |
URL GET video-cdn3.gelbooru.com//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm IP108.181.143.71:0
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
File typeHTML document, ASCII text, with CRLF line terminators Hashbfe2c1d1b36c62666ce9ba537d324bd4 4d52a7c6d2909a506a4e81559eb24e8af077c741 5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8
GET //images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm HTTP/1.1
Host: video-cdn3.gelbooru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 18 Apr 2024 03:31:24 GMT
content-type: text/html
content-length: 145
location: https://gelbooru.com/hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm
expires: Thu, 18 Apr 2024 03:31:23 GMT
cache-control: no-cache
strict-transport-security: max-age=3600;
X-Firefox-Spdy: h2
|
|
| whizzerlollard.top/rHH727qVeN4r6/7972 | 23.109.170.228 | 200 OK | 20 B |
URL GET HTTP/1.1whizzerlollard.top/rHH727qVeN4r6/7972 IP23.109.170.228:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subjectwhizzerlollard.top Fingerprint0C:44:F6:9E:A8:B1:C5:48:09:B4:21:E4:60:BE:87:6B:89:1A:36:5F ValidityTue, 26 Mar 2024 07:03:24 GMT - Mon, 24 Jun 2024 07:03:23 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rHH727qVeN4r6/7972 HTTP/1.1
Host: whizzerlollard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 03:31:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9xbuddy.in
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 19-Apr-2024 03:31:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 19-Apr-2024 03:31:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| gelbooru.com/hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm | 104.21.234.102 | | 26 B |
URL GET gelbooru.com/hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm IP104.21.234.102:0
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subjectgelbooru.com Fingerprint56:9E:F6:71:D4:0D:54:99:85:72:15:78:61:20:A3:EE:BC:24:93:1F ValiditySat, 30 Mar 2024 06:43:38 GMT - Fri, 28 Jun 2024 06:43:37 GMT
File typegzip compressed data, from Unix Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /hotlink.php?hash=//images/b5/87/b5870c1562e1d11b9f7ce69665ac9c12.webm HTTP/1.1
Host: gelbooru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9xbuddy.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 03:31:25 GMT
content-type: text/html; charset=UTF-8
location: index.php?page=post&s=view&id=9918463
set-cookie: PHPSESSID=7e2e63505aecc3f5d3df22cf901bace629b53a13d114bbf60edf1a506e92f8680662ae91b69f75df6052435e3ffb25cd8135c0bb476f513b2c25d49ae9a6368b; expires=Fri, 18-Apr-2025 03:31:25 GMT; Max-Age=31536000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0nnX7fHp%2FneD2G6sASBZe%2FAGKGmfj%2B1DkAyDLBv6xGCfUXswREOz5UhSt4dIBUV04o3PXbAICYeAmCyKsN%2BVJX09i6YLVEhJ1ws8pVDbwTeq9EoaUjgZT8XfDX5wi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876194f13b2c35da-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| whizzerlollard.top/1clkn/9537 | 23.109.170.228 | 200 OK | 26 B |
URL GET HTTP/1.1whizzerlollard.top/1clkn/9537 IP23.109.170.228:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subjectwhizzerlollard.top Fingerprint0C:44:F6:9E:A8:B1:C5:48:09:B4:21:E4:60:BE:87:6B:89:1A:36:5F ValidityTue, 26 Mar 2024 07:03:24 GMT - Mon, 24 Jun 2024 07:03:23 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/9537 HTTP/1.1
Host: whizzerlollard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 03:31:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ab1.9xbud.com/token | 188.114.97.1 | 200 OK | 6.8 kB |
IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
Hash3a3f3b2355ec18a839dc04f244a84bef 0da3a6bec77f33d42dd040993f0e587acf3f7343 b94d63294722015d3e7a59e8ad2db7189d0e66fb4ca7e9585101af1b478bd370
OPTIONS /token HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Referer: https://9xbuddy.in/
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 03:31:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yXdMOJWNdUrcZNeykIyYqHCmC7%2FX0l9yhcOC0eBMy6clf7UvIiudaQa7qw6WGjjoCQ%2FyI60z79LlShwNxkq8chU8mVmIyWFUTfVdnn%2FPG%2BNkVNfKhwHfSPmSHTNFuS8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194eb2950b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 9xbuddy.in/build/70.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/39xbuddy.in/build/70.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (23834), with no line terminators Hasha5df48809858975b8647793535e2f75e b86697eda22d3d97d02092fd16470ee61ff5b5fe d83eba8e1787fd738c44d63e007742de66a68c97a513aefbbb21b8ba3c6e6026
GET /build/70.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Cookie: cf_clearance=mE7lXhxLMNvTg7spXLwXyYPexJx1bxhLx35LKXy_9iA-1713411083-1.0.1.1-D_GW05IqK2DOEpTZMsgZiuaEPkP8O9Hlqpr7VDIyXEa23JHppfPTrknKG.0nyk1dWJp9D1Kp91cXsBOxkaKBmQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-5d1a"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0S%2B3n8DZiLsiL5Mr8fLFuF4kebsbz%2Fc4IpJNk2MHgE1KQDdeXIURNLbQw3f4pZrKM%2BRHmpvL4e6Ja3hX5D6n%2BBWkrCmTe0Mm3DsVKwNK4P3sUv53Syq7LEDtd2J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e9ae94b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/main.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 335 kB |
URL GET HTTP/39xbuddy.in/build/main.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
Size335 kB (335349 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /build/main.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-51df5"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WbHnXZwMGIPIFioagRAzYMybPmd5sZPQa4goTKXx%2FtgmgWVO6TsgPMjAvQjNcfamB3BBOFvH9q1aJswBzqPrjjbZI5PN9w%2F9QJJm31csH4xl1kZSWdWtFoEwit9M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e6cd73b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/icons/apple-touch-icon.png | 188.114.97.1 | 200 OK | 5.3 kB |
URL GET HTTP/39xbuddy.in/icons/apple-touch-icon.png IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash2a1f354702de7eb8d63c8f10d2d0beaf 5f42ee8dc3c78184fba322c0288776c86841f25d 447d4a8b2ef5e876f4bf0145893d9f300dd62a3a49ebbc04a49282a6e4c5475a
GET /icons/apple-touch-icon.png HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: image/png
content-length: 5323
last-modified: Sun, 06 Nov 2022 06:05:05 GMT
etag: "63674e91-14cb"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vg4VPmDs0y1sH%2F8LGrwMwrGsQsD88AyH98LFaOKZFfxeiM80QwsPGYofY95WRdpVaBP3PIi3OGLu1qvTo%2FEeipjfKY7SuLUjIP4eVVsXao5URjAK51g%2BgRzJhimp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876194e8fe4cb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/24.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 2.7 kB |
URL GET HTTP/39xbuddy.in/build/24.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2762), with no line terminators Hashed061eed2ad4ea9d81ab902dfe53eaa6 e467cd4d5fe4fc4b9be8fdd05c634ba1616d454f 1c1bb8ac8cc7b75c66cbfde1e639131975976ab8a718f04456ed187d4b446b1e
GET /build/24.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Cookie: cf_clearance=mE7lXhxLMNvTg7spXLwXyYPexJx1bxhLx35LKXy_9iA-1713411083-1.0.1.1-D_GW05IqK2DOEpTZMsgZiuaEPkP8O9Hlqpr7VDIyXEa23JHppfPTrknKG.0nyk1dWJp9D1Kp91cXsBOxkaKBmQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-aa8"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9C4u8L1uzdvaw6HZlUyJGz9%2Bn%2F38bsFLldCAt8LG%2BvJorfnLu49TC2OzAMwwVwQ%2FV9F2BQclQs%2BpNhxxo0vG%2FF6akpAxTzMG9Od9fsKOnhFGxkusFrPiZ7C5nxw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e9ae90b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ab1.9xbud.com/extract | 188.114.97.1 | 200 OK | 5.5 kB |
IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (5704), with no line terminators Hash796f5729ec29556a9176c25fc87073a7 60cc7d6681dd4a586f66c369fc499e3f6e661e40 fdca56f0a9f5df6587bbfc715b41e2a2839157c52720bf1c70c257ea04b106ae
POST /extract HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: xmlhttprequest
x-auth-token: nq+aqZWYqmecomxuZGJrZWyZZWybZ2lrZWeXamqZYXeafWmfrbJlcLiGioaKk356h3mtrpKmm5isk6dvlmdmal9n
x-requested-domain: 9xbuddy.in
x-access-token: bJZlapZhaGlfYWtpnKetoadrY2dwqZKjmpKsk6CfllxUfpaToaRjZWliZGFlaGhRdpeok5nUr2CfaWJnYWlnbQ==
Content-Length: 325
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:24 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPUlPMcQMbsfxyyBH76tpzdStIjK4vX9PYExWUoxL%2FYR1rcz%2BxpdJJwRWwOu7Uv%2FTagZdlo4XOH3Gi0tucuQOaGOTYrwmNUJXtpiZuiomf01Gi50gYcsflAPyx1pG%2F3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194ecdd82b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| whizzerlollard.top/nQNFvR4pfdjHeE/40618 | 23.109.170.228 | 200 OK | 6 B |
URL GET HTTP/1.1whizzerlollard.top/nQNFvR4pfdjHeE/40618 IP23.109.170.228:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subjectwhizzerlollard.top Fingerprint0C:44:F6:9E:A8:B1:C5:48:09:B4:21:E4:60:BE:87:6B:89:1A:36:5F ValidityTue, 26 Mar 2024 07:03:24 GMT - Mon, 24 Jun 2024 07:03:23 GMT
File typeASCII text, with no line terminators Hash4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /nQNFvR4pfdjHeE/40618 HTTP/1.1
Host: whizzerlollard.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 03:31:25 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://9xbuddy.in
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| 9xbuddy.in/build/main.e71f3471065439141487.css | 188.114.97.1 | 200 OK | 34 kB |
URL GET HTTP/39xbuddy.in/build/main.e71f3471065439141487.css IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeASCII text, with very long lines (33647) Hash0f5c61890f014772a3dcc7652caef97a a15caaa3f981da78f53c8bfe4d9b694b5eb5e4f6 fce7eae43f856f06c4981570e813855262a6a90c6bff85ed3b96cf21c47d3c23
GET /build/main.e71f3471065439141487.css HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: text/css
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-83af"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1kHJLDSIxrijQHoocsjxXFfiF3BBoVaQnseaWhyBZTki%2FPywaF1LgsONDw9tAJoafAWhwLH1jqawenePC0b9OGCGP%2BD0S220jy%2FHv7S5pvjXwpTkhj8ng%2BAAWBx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e6cd71b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/19.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/39xbuddy.in/build/19.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (20973), with no line terminators Hash0d89fe65f87cddedad6a912166e53208 a4e8cffd08639b4f3f5b3d86f303dbe6c89548b6 f43c153d7b7585febe16926ed2a6cd72dc6382cadad91d2f187c9a6f5af938c8
GET /build/19.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Cookie: cf_clearance=mE7lXhxLMNvTg7spXLwXyYPexJx1bxhLx35LKXy_9iA-1713411083-1.0.1.1-D_GW05IqK2DOEpTZMsgZiuaEPkP8O9Hlqpr7VDIyXEa23JHppfPTrknKG.0nyk1dWJp9D1Kp91cXsBOxkaKBmQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-51ed"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BC%2F3ECokTcylDbIZKinpczgQmUtl7JOTLy2NoY0FBM5TlGFajKfhq%2F7kMNy9TsOYYhvy4XwDK6R2MIAZ3rmfbvQwh8AnxrHbjdYe0XcIvtLJogGk%2F7L%2FiNskS9K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e9ae8cb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ab1.9xbud.com/extract | 188.114.97.1 | 200 OK | 0 B |
IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subject9xbud.com FingerprintFB:EA:0D:88:59:40:5B:40:BF:67:3D:22:86:13:05:34:4F:E6:99:FE ValidityTue, 27 Feb 2024 17:44:28 GMT - Mon, 27 May 2024 17:44:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /extract HTTP/1.1
Host: ab1.9xbud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Referer: https://9xbuddy.in/
Origin: https://9xbuddy.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 03:31:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.28
access-control-allow-origin: https://9xbuddy.in
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1728000
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GS2JC5qSvNp3Nqyf0GYLdSBvxtSAmg8uWtPvehYs1DSuLp2wJDAGNtAGCvfapWaRHC9pbUPZ1qa%2B2d%2B1HxXpSEf9eAiPWRg%2BAT2YnjGnoBD4RRebRb%2BPbJofAIamqO14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194ec69d1b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ | 188.114.97.1 | 200 OK | 20 kB |
URL User Request GET HTTP/29xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeHTML document, ASCII text, with very long lines (12635) Hash745c2bbcf649bcd3cffa7a4618399247 c8cffffef72ba0dc7a7500e4c783435b5c3ebf7e 907b441d3881e6a1e75421c4ffa3abd91eed388487d1fe6af1f53622464ffc9e
GET /process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNk06CIisGzgbGbkI8oRskwgp5NISJ1TbXMwHGbPqteC4E3iRvV7XSIWaGyTdm%2FfunPvsZWczaXIxC2DPd%2F5PtnrLFZArvLZzFaFqCecanWaF6XFOsmQdKXUWm%2F8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e4c9afb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 9xbuddy.in/build/7.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 8.1 kB |
URL GET HTTP/39xbuddy.in/build/7.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (9333), with no line terminators Hash00dbcf8ed0e5d6faad888b89f39ad714 df4433be172e68f4922ad0d244518c207cbaf5b5 82d72b62be2c704daba13efba0b04be3be288a29df1f3e91e752276205a81d1a
GET /build/7.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-1fd3"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHqyKWif1erpmOKwzWtCiqsUckqHlLKlrBF%2BeBsCUGGHSBL6HFElZuX84z%2BuuqlqM%2FgDtdqFvEMHwgYmxLWQXX0bKbSKDkzDm2XuDXghaiW2%2FaOCd5yxlMmVuTcj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e85e05b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9xbuddy.in/build/81.e71f3471065439141487.js | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/39xbuddy.in/build/81.e71f3471065439141487.js IP188.114.97.1:443
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerGoogle Trust Services LLC Subject9xbuddy.in FingerprintB3:9A:48:87:86:69:E7:66:2A:3E:52:31:A4:8A:2E:A4:CB:75:68:32 ValidityTue, 02 Apr 2024 03:46:19 GMT - Mon, 01 Jul 2024 03:46:18 GMT
File typeJavaScript source, ASCII text, with very long lines (40761), with no line terminators Hash15843e552e3cac1e9e4e9dc191770811 9a132104b73e6f797e4aed760e6035c6ba3c0381 34cabbca08eb2f6adc90e858a0882a1b57d8066f3e37cb12d83d679065f50dd2
GET /build/81.e71f3471065439141487.js HTTP/1.1
Host: 9xbuddy.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/
Cookie: cf_clearance=mE7lXhxLMNvTg7spXLwXyYPexJx1bxhLx35LKXy_9iA-1713411083-1.0.1.1-D_GW05IqK2DOEpTZMsgZiuaEPkP8O9Hlqpr7VDIyXEa23JHppfPTrknKG.0nyk1dWJp9D1Kp91cXsBOxkaKBmQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 03:31:23 GMT
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 12:06:42 GMT
vary: Accept-Encoding
etag: W/"661923d2-9f39"
strict-transport-security: max-age=15768000; includeSubDomains
x-robots-tag: noindex, nofollow, nosnippet, noarchive
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYfBHjWxwtqxgvvqGQyfciQYsftia2uxnJArVpp5RjNhfRHJ6LKBxCJDFwdVJRZoq6ZQS45oEX6tcc4ukQpfDN3oWyNH%2B1ViEom4B8p06e179W8mkB%2BGBbL0vTiC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194e9be97b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gelbooru.com/index.php?page=post&s=view&id=9918463 | 0.0.0.0 | | 0 B |
URL GET gelbooru.com/index.php?page=post&s=view&id=9918463 IP0.0.0.0:0
Requested byhttps://9xbuddy.in/process?url=https://gelbooru.com/index.php?page=post&s=view&id=9918463&tags=kafka_(honkai:_star_rail)+/ CertificateIssuerLet's Encrypt Subjectgelbooru.com Fingerprint56:9E:F6:71:D4:0D:54:99:85:72:15:78:61:20:A3:EE:BC:24:93:1F ValiditySat, 30 Mar 2024 06:43:38 GMT - Fri, 28 Jun 2024 06:43:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?page=post&s=view&id=9918463 HTTP/1.1
Host: gelbooru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9xbuddy.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 03:31:25 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=7baeed3aca410064d3ac2afd5e70915a9ef1de468caa7352052ae08d8c1eaf66a61eec4dab4ef1a5446d623fa4d8a70224c6f6e4f726ba083fa40bb7b78ae4b8; expires=Fri, 18-Apr-2025 03:31:25 GMT; Max-Age=31536000; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfZQQMXy6sB%2BiWP1stFN%2Bk2mB28Jo6ut8xu18kQmZQguQT6V6Vwtnx4oCMyOqtvQJtbYfKTB0Mh56vyCEr%2FqnmuEdNuWQDE9FMBxli5CAxPL1P%2B%2F%2BWACDAI2jgMlUWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876194f32c9a35da-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|