urlscan.io logo urlscan.io
SecurityTrails logo

x5.rf.gd Open in urlscan Pro
185.27.134.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://x5.rf.gd/
Effective URL: http://x5.rf.gd/?i=1
Submission: On March 18 via manual from FR — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 185.27.134.116, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is x5.rf.gd.
This is the only time x5.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 185.27.134.116 34119 (WILDCARD-...)
3 2408:8738:540... 4837 (CHINA169-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
15 5
6    185.27.134.116 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
x5.rf.gd
3    2408:8738:5400:4::f4 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
lf6-cdn-tos.bytecdntp.com
1    2606:4700::6811:a1a (United States)

ASN13335 (CLOUDFLARENET, US)
instant.page
4    2606:4700:e6::ac40:c00c (United States)

ASN13335 (CLOUDFLARENET, US)
img.shields.io
1    2606:4700:3032::6815:3f26 (United States)

ASN13335 (CLOUDFLARENET, US)
v1.hitokoto.cn
Apex Domain
Subdomains		 Transfer
6 rf.gd
x5.rf.gd
582 KB
4 shields.io
img.shields.io — Cisco Umbrella Rank: 39610
3 KB
3 bytecdntp.com
lf6-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 213765
93 KB
1 hitokoto.cn
v1.hitokoto.cn — Cisco Umbrella Rank: 293652
1 KB
1 instant.page
instant.page — Cisco Umbrella Rank: 15840
1 KB
15 5
Domain Requested by
6 x5.rf.gd x5.rf.gd
4 img.shields.io x5.rf.gd
3 lf6-cdn-tos.bytecdntp.com x5.rf.gd
lf6-cdn-tos.bytecdntp.com
1 v1.hitokoto.cn x5.rf.gd
1 instant.page x5.rf.gd
15 5

This site contains links to these domains. Also see Links.

Domain
vxo.fr
astro.vx9.eu
heure-exacte.eu
radios.vx9.eu
xsot.cn
www.apache.org
github.com
Subject Issuer Validity Valid
*.bytecdntp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-29 -
2023-07-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-08		 a year crt.sh

This page contains 1 frames:

Primary Page: http://x5.rf.gd/?i=1
Frame ID: 29320DC623852CBAD6C98D6EE634F1F7
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

X5 URL

Page URL History Show full URLs

  1. http://x5.rf.gd/ Page URL
  2. http://x5.rf.gd/?i=1 Page URL

Page Statistics

15
Requests

53 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

680 kB
Transfer

1367 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://x5.rf.gd/ Page URL
  2. http://x5.rf.gd/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://instant.page/1.2.2 HTTP 307
  • https://instant.page/1.2.2

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
x5.rf.gd/ 		819 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
http://x5.rf.gd/
Protocol
HTTP/1.1
Server
185.27.134.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac7dc4db8a71affc70a483c642f544bf54022755faf114e445e34d0999e9fac4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 Mar 2023 16:37:05 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
aes.js
x5.rf.gd/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://x5.rf.gd/aes.js
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/
Protocol
HTTP/1.1
Server
185.27.134.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sat, 18 Mar 2023 16:37:05 GMT
Last-Modified
Sat, 08 Aug 2015 08:10:59 GMT
Server
nginx
ETag
"55c5b993-79e6"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31206
Primary Request /
x5.rf.gd/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://x5.rf.gd/?i=1
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/
Protocol
HTTP/1.1
Server
185.27.134.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
f29352baafd955eb92cd28350fdd7e26a97c89314112951b0c0cf8ddb84ff57c

Request headers

Referer
http://x5.rf.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Mar 2023 16:37:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
mdui.min.css
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/css/ 		290 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/css/mdui.min.css
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2408:8738:5400:4::f4 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
eaa9819cab8ca5ab79abcec375d06a3c2a30e607d3fec7835fb30c0aa705db78

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 12:23:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
age
188042
x-link-via
suihun03:443;jnmp12:443;
x-cache-status
HIT from KS-CLOUD-JN-MP-12-09, HIT from KS-CLOUD-SUIH-UN-03-27
server-timing
inner; dur=66
content-length
30946
last-modified
Wed, 19 Jan 2022 13:20:18 GMT
server
nginx
etag
W/"61e81012-48851"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
015ed1bb5d21da6814685fec86d1fcb8f114b3d66653547dfeedae3d7248919d07a62f6a27028123dc6abb880ce395cd1491b216a94839a8e56f7bc0978ac23f1acd3aacfcb0257367bad01de3c73d8b029284090a189d50a1b277acd06d9abc817c38bc725ab730b6043e7e29c1d93330
x-response-cinfo
2001:ac8:21:e::14
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
74e91e7807c4e5a3d7219a81417ad78e
expires
Sat, 15 Apr 2023 12:23:07 GMT
all.css
x5.rf.gd/assets/css/ 		493 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://x5.rf.gd/assets/css/all.css
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
HTTP/1.1
Server
185.27.134.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a4d87f71b4f857b4fbd7e4e0dd3b0ef4e11db8868522935c5c7957ebf143fbdc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/?i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sat, 18 Mar 2023 16:37:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2023 04:46:05 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection
keep-alive
Expires
Mon, 17 Apr 2023 16:37:06 GMT
mdui.min.js
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/js/mdui.min.js
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2408:8738:5400:4::f4 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
73340dcb7ca0b5535ec89293d82af0573cc305af557e4b0069de05eb2da869de

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 05:56:46 GMT
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
age
124823
x-link-via
suihun03:443;hfmp63:443;
x-cache-status
HIT from KS-CLOUD-HF-MP-63-12, HIT from KS-CLOUD-SUIH-UN-03-32
server-timing
inner; dur=20
content-length
17849
last-modified
Wed, 19 Jan 2022 13:20:17 GMT
server
nginx
etag
W/"61e81011-fcd6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
011029a7f7f22a18495e03e373f4e6302db39c12ec6dfff0fabeb22b2723f982757a7764d956735343beb7c8db4d431304f6aa84855904be35fd13e8e1ee8ff0688a861291c6e30f2ebd536d6df8a1fe38aace6ffa04b1b1bed8f741f3007b7c0d19aa9902b968000d66c08590a61ebf32
x-response-cinfo
2001:ac8:21:e::14
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
2609404ca77f3d3a417fdaa826dfe549
expires
Sun, 16 Apr 2023 05:56:46 GMT
1.2.2
instant.page/
Redirect Chain
  • http://instant.page/1.2.2
  • https://instant.page/1.2.2
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://instant.page/1.2.2
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Server
2606:4700::6811:a1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee6c0bc3e2509b75a0a4bbc930cc89d9dc3f7829e6024447e10293ba004de4a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 16:37:07 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7a9ee5ff8efcdcbb-LHR

Redirect headers

Location
https://instant.page/1.2.2
Non-Authoritative-Reason
HSTS
Access-Control-Allow-Origin
http://x5.rf.gd
Access-Control-Allow-Credentials
true
Cross-Origin-Resource-Policy
Cross-Origin
URLshorting.svg
img.shields.io/github/license/soxft/ 		679 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/github/license/soxft/URLshorting.svg?style=for-the-badge
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c00c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b59a803d72569eec12c1c939a82377a290dcddebec9a01bb5935ccd8cc470eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 16:37:10 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GVTSA237VWYEWBEADPS64HA2-lhr
last-modified
Sat, 18 Mar 2023 16:37:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV9C7LIcXjzs%2FYwVtf7Pfy88VcY%2BD3aO4XFJwmYuekkvEDlS8xEdk3v9XVFDOEwpD1NY6CIIgKi7bJ2XlB015hKIMAdwiYtwmgTtttv16iausG73P1SIA7buksuNXVwPCGzNbbSnLOA0trPgnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
cf-ray
7a9ee613c8e73866-LHR
expires
Sat, 18 Mar 2023 17:37:10 GMT
URLshorting.svg
img.shields.io/github/stars/soxft/ 		868 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/github/stars/soxft/URLshorting.svg?style=for-the-badge
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c00c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf1a7f30ace4f32acc8112080fd85606792e52909cc21c93061d810267fcf72

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 16:37:10 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GVTSA233DREXAVB6ZTH5TQFR-lhr
last-modified
Sat, 18 Mar 2023 16:37:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iXXA%2B2tx9T5NkXSDCNAMFfpgV%2Fan%2F5ZPN1CNGAjgD5tqyisYKRCZVVWfMqQRlzOERKrc0QHmsOIEcCa0Mw08i6N8Nv4gEw9N6Dwg1btOzbUGfm7KoPBLuN8LNrevd1oPOhkk2WadNDjFtdQ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=900
cf-ray
7a9ee613c8e93866-LHR
expires
Sat, 18 Mar 2023 16:52:10 GMT
URLshorting.svg
img.shields.io/github/forks/soxft/ 		865 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/github/forks/soxft/URLshorting.svg?style=for-the-badge
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c00c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175de13137d28ed415df8c3ac403846671e223845b26f73f6ec6fe2c1d318f39

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 16:37:10 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GVTSA236JWGN89FVAVM78BKC-lhr
last-modified
Sat, 18 Mar 2023 16:37:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pi7ODAEMyChjyoAyYD50z1c%2FMTW2kNS%2FK5zT7NLE%2FETW3NpgdyzNeQ0ImYr0p%2FEnheg1pVbwibFuwQM%2FC94Ga0ypHOQ6mHs%2FV06WvwmOuG0wha3mKrNZDp2Z9mXAJq64WUptXpHeuaGqn7%2FpTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=900
cf-ray
7a9ee613c8ef3866-LHR
expires
Sat, 18 Mar 2023 16:52:10 GMT
urlshorting
img.shields.io/github/last-commit/soxft/ 		706 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/github/last-commit/soxft/urlshorting?style=for-the-badge
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c00c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55833dd392cd26293382ada499bd04cd9523347825cb4a93e2a69956db70aa4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 16:37:10 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GVTSA234NEZG02F690ARG8ZN-lhr
last-modified
Sat, 18 Mar 2023 16:37:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udbpZ%2BBnZstJOWdMyH7pmevsvslobuW6DWWcMGxvbLwS5081iILAxXNrO6pZgSO2v5%2F0JrkPB%2BLhSAEst3yUxT1%2FekDRglj4YDnNPfZdUwCOKgETEtiw9cBarECurU%2Fzv8nDT%2B1XWL3gJxEaZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=120, s-maxage=120
cf-ray
7a9ee613c8ed3866-LHR
expires
Sat, 18 Mar 2023 16:39:10 GMT
/
v1.hitokoto.cn/ 		281 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v1.hitokoto.cn/
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2278cf3a0ed429238c47af3a3cea003c0e0db051053221b6e8e2a47447384bf3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 16:37:10 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
x-request-id
7ae59e54-d52a-4990-9713-f07cbaa31475
referrer-policy
no-referrer
last-modified
Sat, 18 Mar 2023 16:31:21 GMT
server
cloudflare
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6cnJ%2FkJMe4bIwSmaaFC3c38qJ1GEXtL4ixYyZUbdw0GSvvCrL5PGLUDB8T4PmbThFI52oG9bsknjtodcbTbJkjHs%2BxpLKpcdcsXAk2bLMcr72IZ0rDmB7szwOzeitSReDAZ4D4R0FSCSkK3lw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-expose-headers
X-Request-Id
cf-ray
7a9ee6165852dc7b-LHR
background.png
x5.rf.gd/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://x5.rf.gd/assets/img/background.png
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/?i=1
Protocol
HTTP/1.1
Server
185.27.134.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
cdc97101b7c2d847a92fa38f49b04aef6aef5a997c4f758c113150f0c280b1fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://x5.rf.gd/?i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sat, 18 Mar 2023 16:37:09 GMT
Last-Modified
Tue, 07 Mar 2023 04:46:07 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2310
Expires
Mon, 17 Apr 2023 16:37:09 GMT
MaterialIcons-Regular.woff2
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/icons/material-icons/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/icons/material-icons/MaterialIcons-Regular.woff2
Requested by
Host: lf6-cdn-tos.bytecdntp.com
URL: https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/css/mdui.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2408:8738:5400:4::f4 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/mdui/0.4.3/css/mdui.min.css
Origin
http://x5.rf.gd
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 00:57:21 GMT
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
age
229189
x-link-via
suihun03:443;lfmp01:443;
x-cache-status
HIT from KS-CLOUD-LF-MP-01-16, HIT from KS-CLOUD-SUIH-UN-03-22
server-timing
inner; dur=7
content-length
44300
last-modified
Wed, 19 Jan 2022 13:20:09 GMT
server
nginx
etag
"61e81009-ad0c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01094029c1cc3d3e6a4a7a461342ef079e75eb99cea9345db1030a589f23b5ff7b67fe20c7207e1cf5209445f3497d9f9f51e01aea03ea8957336c22146a84963c7f0eded0533e72cfaab0a2a2d5116c8b46495d9806b0f18534ce485f4ff78d48
x-response-cinfo
2001:ac8:21:e::14
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
c99cf932f27f39f05f299410b99bcf97
expires
Sat, 15 Apr 2023 00:57:21 GMT
fa-duotone-900.woff2
x5.rf.gd/assets/webfonts/ 		426 KB
427 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://x5.rf.gd/assets/webfonts/fa-duotone-900.woff2
Requested by
Host: x5.rf.gd
URL: http://x5.rf.gd/assets/css/all.css
Protocol
HTTP/1.1
Server
185.27.134.116 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
1a4eda5703ee44e65f9a380f20911f31acc5744710630c6047802d019abdc844

Request headers

Referer
http://x5.rf.gd/assets/css/all.css
Origin
http://x5.rf.gd
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sat, 18 Mar 2023 16:37:09 GMT
Last-Modified
Tue, 07 Mar 2023 04:46:11 GMT
Server
nginx
Content-Type
font/woff2
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
436564
Expires
Sat, 18 Mar 2023 16:37:09 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| mdui function| $ function| change function| submit object| BootDate function| ShowRunTime number| mduiElementId

2 Cookies

Domain/Path Name / Value
x5.rf.gd/ Name: __test
Value: 200ef583a4ed1eafc9e83b18ea191130
x5.rf.gd/ Name: PHPSESSID
Value: eeffa97984378fe7bb854867555bd366