urlscan.io logo urlscan.io
SecurityTrails logo

nlnbfitfn0hycmdw.xyz Open in urlscan Pro
172.67.156.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://nlnbfitfn0hycmdw.xyz/
Submission: On December 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 172.67.156.77, located in United States and belongs to CLOUDFLARENET, US. The main domain is nlnbfitfn0hycmdw.xyz.
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.
This is the only time nlnbfitfn0hycmdw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 172.67.156.77 13335 (CLOUDFLAR...)
1 4.192.73.43 8075 (MICROSOFT...)
2 192.151.192.2 40065 (CNSERVERS)
1 172.67.146.206 13335 (CLOUDFLAR...)
10 4
Domain Requested by
7 nlnbfitfn0hycmdw.xyz 1 redirects nlnbfitfn0hycmdw.xyz
2 kq6lo.prdex79jvltts6vx.xyz nlnbfitfn0hycmdw.xyz
1 uthli8sqkn20l4rt.xyz nlnbfitfn0hycmdw.xyz
1 hmrh52eh9nz2k8.top nlnbfitfn0hycmdw.xyz
10 4

This site contains no links.

Subject Issuer Validity Valid
nlnbfitfn0hycmdw.xyz
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh
52medhmvvqp51p.top
E5		 2024-12-14 -
2025-03-14		 3 months crt.sh
*.prdex79jvltts6vx.xyz
E5		 2024-12-25 -
2025-03-25		 3 months crt.sh
uthli8sqkn20l4rt.xyz
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nlnbfitfn0hycmdw.xyz/
Frame ID: 1F2CB4D05C7A7353E05C6A28646A62D2
Requests: 6 HTTP requests in this frame

Frame: https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 4000E8DB394A3B38244EC39A887B45A0
Requests: 2 HTTP requests in this frame

Frame: https://uthli8sqkn20l4rt.xyz/
Frame ID: 90E477EAC09CC011BE8F81EDDCFAE9E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

38 kB
Transfer

74 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nlnbfitfn0hycmdw.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nlnbfitfn0hycmdw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a43e7303d50820cb524a49d96d7f9bd0c98ce1b473a52446d4cb8e531641c371

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f7aab9d7d0cd264-FRA
content-encoding
zstd
content-type
text/html
date
Wed, 25 Dec 2024 17:49:54 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hO4vH1VswRfmRLZp0B5Fxqv9%2B%2FBCVRKhMIhx4mRpAqjimu3lJIkIVeLOmiZqE7WmzaqI9SHG0%2Fsubkh7LlYGuomG6AP190YLeqv%2FK8tVQm1CTW4BbavTaftdoGP%2BIUbaXu6lhd%2BTZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8695&min_rtt=8058&rtt_var=2205&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4199&recv_bytes=4492&delivery_rate=786&cwnd=12000&unsent_bytes=0&cid=fa8bdae3a246815e&ts=374&x=1" cfExtPri cfHdrFlush;dur=0
crypto-js.min.js
nlnbfitfn0hycmdw.xyz/static/cdn/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nlnbfitfn0hycmdw.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: nlnbfitfn0hycmdw.xyz
URL: https://nlnbfitfn0hycmdw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlnbfitfn0hycmdw.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-b9d8"
age
5733
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruF0cpqLOI3zowcbkQQBp0MPBYlJV2HzVq%2B7iUYhjYaRA0MBwx1DoH1wAVy8QsXk7BiqB6tl%2BZJ80w3cdaSClKGpyGDVVS5M8%2FRXXiGRoqFwxDcfbdelPTm3Otz8Ea1k65tGMjdUeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9085&min_rtt=8058&rtt_var=2432&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6058&recv_bytes=5159&delivery_rate=155456&cwnd=12000&unsent_bytes=0&cid=fa8bdae3a246815e&ts=400&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 17:49:54 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f7aab9fd9bfd264-FRA
server
cloudflare
iframe.js
nlnbfitfn0hycmdw.xyz/static/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nlnbfitfn0hycmdw.xyz/static/js/iframe.js?t=202409101529
Requested by
Host: nlnbfitfn0hycmdw.xyz
URL: https://nlnbfitfn0hycmdw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166d01f8aeab337307b72d120ee2c44e1d30de85aaeb722f26b56c6fc5621a19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlnbfitfn0hycmdw.xyz/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-2b62"
age
5732
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwM4KVUwiX8MmkChUpTL3Kh97NnRSdg6O2gDpG4dwT1uwjD%2B5OFwuMC16FtIJMJbHy9LLutxyA%2FgLkqnluLwnxFs72gKofKollJwW8h%2BfQeZIQTl4F7RPrAAqN6jLtyL%2Bzq0KnHSQA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9085&min_rtt=8058&rtt_var=2432&sent=27&recv=13&lost=0&retrans=0&sent_bytes=18058&recv_bytes=5159&delivery_rate=155456&cwnd=12000&unsent_bytes=0&cid=fa8bdae3a246815e&ts=401&x=1", cfExtPri, cfHdrFlush;dur=6
date
Wed, 25 Dec 2024 17:49:54 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f7aab9fd9c4d264-FRA
server
cloudflare
/
hmrh52eh9nz2k8.top/ 		227 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: nlnbfitfn0hycmdw.xyz
URL: https://nlnbfitfn0hycmdw.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
1365da94ff5e15ad18e0eba698d568983c12f2825bed3d60cd52ca1774f26c63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlnbfitfn0hycmdw.xyz/

Response headers

Etag
"f22d62c9d331440121d8694d7c358dd6"
Age
15
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
e133a0b18549e348b341a848d43eb0f8
Date
Wed, 25 Dec 2024 17:49:55 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Wed, 25 Dec 2024 12:35:13 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE4[2],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE5[48],EA-HKG-GLOBAL1-CACHE23[45,TCP_MISS,47]
X-Amz-Request-Id
00000193FDD08B8B901BB2C96526B8F3
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
227
Server
openresty
main.js
nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 4000
Redirect Chain
  • https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Protocol
H3
Server
172.67.156.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af7d1441d48136f0128832063cc2e7b244d09ccbdb28b56812bd4212da5bf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCMyZEzdP%2FjqHHWB6GDuJGIyBj9M8i2rt6aKCRQswRIFvhsK%2FOjBdhNQkxXJfcOpX%2F%2FFDu8Ctnghn4egmUD%2FxRARatc%2BnAd2aPozaiKZ9C342IkN1ZPhuCP%2Bh2JQ7BaYAxZiz%2F%2BF8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f7aaba02a48d264-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7946&min_rtt=6445&rtt_var=1066&sent=42&recv=27&lost=0&retrans=0&sent_bytes=30095&recv_bytes=6553&delivery_rate=49883&cwnd=22800&unsent_bytes=0&cid=fa8bdae3a246815e&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 17:49:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTP6ah2sFt0J18T2FGea5oxBsqH4chZxdGE%2F3auYuM3WBTkZ%2FmsHSRA04I2NWqexOLOEipomdDqRNT65yWRVJgVKnIxx8xygCY4Y%2BH6JlniucEtuPs3VRInHkIZXhD4cNh8rN77pXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7aaba01a20d264-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=7884&min_rtt=6445&rtt_var=1257&sent=40&recv=26&lost=0&retrans=0&sent_bytes=29344&recv_bytes=6260&delivery_rate=795541&cwnd=22800&unsent_bytes=0&cid=fa8bdae3a246815e&ts=432&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 17:49:54 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
nlnbfitfn0hycmdw.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nlnbfitfn0hycmdw.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlnbfitfn0hycmdw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vMfler1oN976inJih2N3dpJEH5%2F8fMsRcvB%2F0JWCDQfWbWX1h6wlTRxhyNaSRGaTWDZvWnC%2BWLO2OG2mE7KMzqWHY24txfyG5HuIHyAVCAb%2BhcYES4gFtS3G06oBEsDRvEoIvCHaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7aaba01a21d264-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7629&min_rtt=6445&rtt_var=868&sent=55&recv=46&lost=0&retrans=0&sent_bytes=36487&recv_bytes=23891&delivery_rate=60526&cwnd=22800&unsent_bytes=0&cid=fa8bdae3a246815e&ts=793&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 17:49:54 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i
8f7aab9d7d0cd264
nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4000 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8f7aab9d7d0cd264
Requested by
Host: nlnbfitfn0hycmdw.xyz
URL: https://nlnbfitfn0hycmdw.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GtIzRS%2B2B3fQRdwe9w5ET%2BAd%2BQI%2BrmiAYEbWxI2FW3AjvXkkzYMOBCOApQwbMBLSddXgEN%2BY6B05fKnbKBO4qKbviQ32Acy5gayx0AMsxLRtdcEIcHtWy43fLQS79GDTwBiR2EjZDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7aaba07ad8d264-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7784&min_rtt=6445&rtt_var=742&sent=53&recv=45&lost=0&retrans=0&sent_bytes=35257&recv_bytes=23848&delivery_rate=455374&cwnd=22800&unsent_bytes=0&cid=fa8bdae3a246815e&ts=506&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Wed, 25 Dec 2024 17:49:54 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
request
kq6lo.prdex79jvltts6vx.xyz/fast-endecode/main/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kq6lo.prdex79jvltts6vx.xyz/fast-endecode/main/request
Requested by
Host: nlnbfitfn0hycmdw.xyz
URL: https://nlnbfitfn0hycmdw.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
192.151.192.2 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
1bff3ecc6469443f9bc38c0e218e8b7881f25e09fddaf063f80a4394301cad9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://nlnbfitfn0hycmdw.xyz/

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
cf-cache-status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTGaq7FexZPCbFj52VkQCfzJjNOXXKSolZ7IJpLTfV226d97JRSuR5T29UUsx5VIyGuCQQ8Tj8BnabyHZphSfYl43GLmGs7aANhN4dvyF6NLYblGu671eQmko0xK0OgJStRa3R%2F9s00%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f7aabb00aecdd36-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41136
server-timing
cfL4;desc="?proto=TCP&rtt=1083&min_rtt=1083&rtt_var=541&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=653&delivery_rate=0&cwnd=247&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Wed, 25 Dec 2024 17:49:57 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
kq6lo.prdex79jvltts6vx.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kq6lo.prdex79jvltts6vx.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
192.151.192.2 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nlnbfitfn0hycmdw.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-RAY
8f7aabaccfb509f4-HKG
Connection
keep-alive
Content-Length
0
Date
Wed, 25 Dec 2024 17:49:56 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7x%2FwkhTj%2BetwMcEey0QdcR3grRw%2Fm898GmJlagQa6CJxv%2FJ2u9%2BB034a4BistRQ0BCctOKl092eX%2BKvuqgNViOK0fapBJkPmuT%2Bc4K73NUj059iRKXiDUOCsWaeavRwCQ3u5O%2BKwuKA%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
server-timing
cfL4;desc="?proto=TCP&rtt=1079&min_rtt=1079&rtt_var=539&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=591&delivery_rate=0&cwnd=40&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
/
uthli8sqkn20l4rt.xyz/ Frame 90E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uthli8sqkn20l4rt.xyz/
Requested by
Host: nlnbfitfn0hycmdw.xyz
URL: https://nlnbfitfn0hycmdw.xyz/static/js/iframe.js?t=202409101529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nlnbfitfn0hycmdw.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f7aabb0ff83993f-FRA
content-encoding
zstd
content-type
text/html
date
Wed, 25 Dec 2024 17:49:57 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30tVixGg00GworBryMVcazPdubH4tnkVZd%2Bupyv6JFXXYIpNWov%2Fws1TGD83u21ZzVdtYX0CwMKS8cVIX7FTaSX53QHw0i%2BrH39dTyUUA6lMYfzTE6mgGZsrXzzYy4%2BXCCfT%2FxKYjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7084&min_rtt=6614&rtt_var=1329&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4186&recv_bytes=4503&delivery_rate=864&cwnd=12000&unsent_bytes=0&cid=a621a309d60fe5da&ts=392&x=1" cfExtPri cfHdrFlush;dur=0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CryptoJS function| getApiUrlSync object| publicKey function| getDomain function| handleEncrypt function| handleDecrypt function| fromCode boolean| connect number| resetNum object| urls number| urlIndex function| getconfigDown

2 Cookies

Domain/Path Name / Value
.nlnbfitfn0hycmdw.xyz/ Name: cf_clearance
Value: frjyyYMj6bjSsB90uxFQI1M1mslhzHLwIVdJfRkFs3Q-1735148994-1.2.1.1-RWL2oThI_pQ48FglYx3iGeN6fObF6xKEGUZtyoBLnFjickyIqO9YDP12c3iHaGOSHH0tXGkaUOT0e12qQ.EL7GhkT14Je.Uy1hPo4G1JWEqhHgdoc5aMLRctUOEqH5xKdJc8M2_vuPJg2Jeo8EfcaNsiy3TUj5foxt7HYeTJ84tLA79..mISDxMvUEzwv59jfS_kxym_z1D2KJxnPdh.NuEN31xeDJwpSrmJLvw_9FlhXoHds58wdGgnaTNsn32U8BsfFIlz3ZqPsWQv4aw1rj7mK3BgeUjg9Pw8Zlz8oym57CBO7ltBrxneVmHXkTrcdmftERF6_HHgmpmfrc26U78VdnhbvE.WkvZAO3PCiz_YWQPn.a9_N3VRzBuHBsZt
.uthli8sqkn20l4rt.xyz/ Name: cf_clearance
Value: ieCFrIaA6c6vLQAhSDshu6s7D6czA6dIRbQSU.kuAGc-1735148998-1.2.1.1-epwdEQwKI6VVlbl4ovdzV7kNacA.NE4bQDZ2oA3J9eY1pkovLg2Xw4mE6_a4VgjQiySM6nyK55Voq3h4fGmwy6EUTfvFXtdfCX6AJyuJjkECiCkd4TQqZJj7w74oZaazHsXPyhSyKjAgp_NnGjtV2aMCOcSbymyssMsHC.6DTaM2eRG7H0Wt_HmZsZHdFtnFULuKLMTps901vryYlRnqTDuv14hcgE2f7qwz9xx4h41mIii8R.WQI.o4kfVwrQw69jY2tgAipHBju6mjtJq0KHuInmNVQ4pU_1JWpTJk6nzFS5dcp2NqwujbeXZ.H5X8rpSefNBYLR4E4w2SWIggKLNRr.09IhQLvv7m7F5GlNwQCynLF8eqyGwl20hO7QXN