hxlfd.top Open in urlscan Pro
2606:4700:3031::6815:5d3d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3Uc60I1?EtB=jgpkCVr87f
Effective URL:
https://hxlfd.top/S73bHR8/
Submission: On October 16 via manual (October 16th 2024, 11:41:45 am UTC) from GB — Scanned from GB

Summary HTTP 28 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::6815:5d3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is hxlfd.top.
TLS certificate: Issued by WE1 on October 13th 2024. Valid for: 3 months.

This is the only time hxlfd.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Hermes (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700:303... 2606:4700:3031::6815:5d3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	172.67.205.249 172.67.205.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:5d3d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hxlfd.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.67.205.249 (United States)

ASN13335 (CLOUDFLARENET, US)

hxlfd.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	hxlfd.top 1 redirects hxlfd.top	343 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7196	403 B
28	2

	Domain	Requested by
29	hxlfd.top	1 redirects hxlfd.top
1	bit.ly	1 redirects
28	2

This site contains links to these domains. Also see Links.

Domain
www.evri.com
international.evri.com
evricareer.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
hxlfd.top WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hxlfd.top/S73bHR8/
Frame ID: CCAC3152E393C3184EBD10E173A617A7
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parcel Tracking UK | Track My Parcel | Evri

Page URL History Show full URLs

https://bit.ly/3Uc60I1?EtB=jgpkCVr87f HTTP 301
https://hxlfd.top/S73bHR8 HTTP 301
https://hxlfd.top/S73bHR8/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

28
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

342 kB
Transfer

1047 kB
Size

1
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.evri.com/

Search URL Search Domain Scan URL

URL: https://www.evri.com/business

Search URL Search Domain Scan URL

URL: https://www.evri.com/

Search URL Search Domain Scan URL

URL: https://www.evri.com/send

Search URL Search Domain Scan URL

URL: https://www.evri.com/customer/bulk-upload

Search URL Search Domain Scan URL

URL: https://www.evri.com/customer/quick-send

Search URL Search Domain Scan URL

URL: https://international.evri.com/

Search URL Search Domain Scan URL

URL: https://www.evri.com/send/how-to-wrap-a-parcel

Search URL Search Domain Scan URL

URL: https://www.evri.com/send/how-to-send-a-parcel

Search URL Search Domain Scan URL

URL: https://www.evri.com/send/what-i-can-and-cannot-send

Search URL Search Domain Scan URL

URL: https://www.evri.com/send/parcel-size-and-weight-guide

Search URL Search Domain Scan URL

URL: https://www.evri.com/track-a-parcel

Search URL Search Domain Scan URL

URL: https://www.evri.com/return-a-parcel

Search URL Search Domain Scan URL

URL: https://www.evri.com/return-a-parcel/how-to-return-a-parcel

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/our-prices

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/mobile-app

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/international-courier-services

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/evri-video

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/courier-service

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/next-day-parcel-delivery

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/weekend-delivery

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/alexa

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/google-assistant

Search URL Search Domain Scan URL

URL: https://www.evri.com/our-services/integrations

Search URL Search Domain Scan URL

URL: https://www.evri.com/parcelshops

Search URL Search Domain Scan URL

URL: https://www.evri.com/parcelshops/lockers

Search URL Search Domain Scan URL

URL: https://www.evri.com/parcelshops/print-in-parcelshop

Search URL Search Domain Scan URL

URL: https://www.evri.com/find-a-parcelshop

Search URL Search Domain Scan URL

URL: https://www.evri.com/help-and-support/help-centre/

Search URL Search Domain Scan URL

URL: https://www.evri.com/faqs

Search URL Search Domain Scan URL

URL: https://www.evri.com/complaints-procedure

Search URL Search Domain Scan URL

URL: https://www.evri.com/guides

Search URL Search Domain Scan URL

URL: https://www.evri.com/basket

Search URL Search Domain Scan URL

URL: https://www.evri.com/help-and-support/help-centre

Search URL Search Domain Scan URL

URL: https://www.evri.com/about-us

Search URL Search Domain Scan URL

URL: https://www.evri.com/news

Search URL Search Domain Scan URL

URL: https://www.evri.com/press

Search URL Search Domain Scan URL

URL: https://www.evri.com/coronavirus-response

Search URL Search Domain Scan URL

URL: https://www.evri.com/cyber-security

Search URL Search Domain Scan URL

URL: https://www.evri.com/environment-social-and-governance

Search URL Search Domain Scan URL

URL: https://www.evri.com/annual-reports

Search URL Search Domain Scan URL

URL: https://evricareer.com/Careers/2022%20Multipage%20Microsite-1995/Careers

Search URL Search Domain Scan URL

URL: https://www.evri.com/terms-and-conditions

Search URL Search Domain Scan URL

URL: https://www.evri.com/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.evri.com/terms-of-use

Search URL Search Domain Scan URL

URL: https://www.evri.com/modern-slavery

Search URL Search Domain Scan URL

URL: https://www.evri.com/accessibility-statement

Search URL Search Domain Scan URL

URL: https://www.evri.com/additional-policies

Search URL Search Domain Scan URL

URL: https://www.facebook.com/evridelivery

Search URL Search Domain Scan URL

URL: https://www.instagram.com/evridelivery/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/evridelivery

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/evridelivery

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3Uc60I1?EtB=jgpkCVr87f HTTP 301
https://hxlfd.top/S73bHR8 HTTP 301
https://hxlfd.top/S73bHR8/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hxlfd.top/S73bHR8/ Redirect Chain https://bit.ly/3Uc60I1?EtB=jgpkCVr87f https://hxlfd.top/S73bHR8 https://hxlfd.top/S73bHR8/	2 KB 1 KB	127ms 126ms	Document text/html	2606:4700:3031::6815:5d3d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:5d3d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7a0856b9c0579f765cfca8fcc2a736069b2593a92d6ced125df2d21ebc46292` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status DYNAMIC cf-ray 8d37c7f308d188a3-LHR content-encoding zstd content-type text/html; charset=utf-8 date Wed, 16 Oct 2024 11:41:39 GMT last-modified Wed, 29 May 2024 07:50:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uZKW1ap7vl6pwgERiRFU6T4XIRN%2B4glh78A8TWLeNSe8VQvsXRB%2Faf9vcoA%2FQ%2FEpmDHkY1kzAl8JILvsDh%2BMigpFEOZPuzm%2B2QTuu6JsOYnM8LIMRFYjJkLjNAaxHQ4BfUGGhV0cMs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d37c7f1bf1688a3-LHR content-type text/html; charset=utf-8 date Wed, 16 Oct 2024 11:41:39 GMT location /S73bHR8/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzCAxFKA6a1f8Y5LclDcuWoEI%2BTxw6MfHRvCFFQxQttYK2O0nzNVsyX%2Fk5wQbCqd3QsbQKnOh%2FYeC7eMOcHnIDwukEHtTnYA1WDcRsk95%2FX25Y7UR%2BcZG4EqduYFpElOAZoHDTkJ9Wo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept
GET H3	200	speculation hxlfd.top/cdn-cgi/	128 B 567 B	90ms 90ms	Other application/speculationrules+json	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer https://hxlfd.top/S73bHR8/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qG%2Fpi39BEM96w%2BY7zX%2BTrnTtOUNoq3iy7nflRLCrch8vAPhJfAReo3mLe4yQVDz7bLrQNPu2o8vpRF5i%2BIbGBAbDuFLZ9TvlRmMC7FRXQdBV6idNiIibkAc2Oxc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7f428a79520-LHR access-control-allow-origin https://hxlfd.top alt-svc h3=":443"; ma=86400 content-length 128 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:39 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	index-aa8897f3.js Show response hxlfd.top/S73bHR8/assets/	493 KB 147 KB	50ms 49ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9c36895238ee0aba804e6e0cdf9d3194471d7312d1b8304cadf36df86c57a1b1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer https://hxlfd.top/S73bHR8/ Response headers content-encoding gzip cf-cache-status HIT etag W/"7b257-18fc3540ac0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbiKNIqRt25a5KVcDPsfkZpxx1gsm%2BojFNNVGBeiDKAbA0km421e7Bs91GvfqtSgG9XhOHeKSyroYr2W61XNwEZMEie6YlgUULRmSZoOQSCsb3wTDRzv92xCLug%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:39 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:16 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f428ab9520-LHR access-control-allow-origin * server cloudflare
GET H3	200	f6170fbbPkNpN.css hxlfd.top/S73bHR8/assets/	952 B 971 B	202ms 202ms	Stylesheet text/css	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/f6170fbbPkNpN.css Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hxlfd.top/S73bHR8/ Response headers content-encoding zstd cf-cache-status HIT etag W/"3b8-18fc353fb20" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYw9pebvddYLJzVpmsmo3kTdyay1HsD0mXQ1UF%2BjpepirlmRUodko%2FpzEWSh%2Fr0kGJwZulgliTtOzODtsFAO4lvIWxvivc4%2BMqwSaPh1%2FdCN5hcuT%2BQG11GBZ7I%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:39 GMT content-type text/css; charset=utf-8 last-modified Wed, 29 May 2024 07:50:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f428b29520-LHR access-control-allow-origin * server cloudflare
GET H3	200	c368c685ppTpH.js Show response hxlfd.top/S73bHR8/assets/	5 KB 2 KB	54ms 53ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/c368c685ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2f424d3db32b37fad65204d59c667db965b937ff6b91f9b62bf1be24f1faf3e7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"127f-18fc3540ac0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EI%2Bfbm%2F7RY1lSP%2BLyZPf12SMIAC2TsPPGGvXslxpXKPWy9U%2FOHWstBdO4zvj%2Bt82GLBMK45rAn5UpErINwCGuZ%2BWbUK601v%2F57Chv%2B1KcCxz%2BlSERCtlNZXoFI%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:16 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f5bb099520-LHR access-control-allow-origin * server cloudflare
GET H3	200	51d3a67appTpH.js Show response hxlfd.top/S73bHR8/assets/	52 KB 17 KB	54ms 54ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/51d3a67appTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13ddaae54ed5314198cad80a74502a84cad44a48b06ac4e5c6bf5aee01e4bcc1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"d01f-18fc35402f0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7TlColP%2BSbeMKwWJBuaFoV82Ptp7H4wJskHzo8Fi7rlenxv9lDlQGPVF3p804PkmufQR2cuY7yYRtrHp4bJLJNBEF5DCUqxjkEth42U4nr%2BldlDFXKzW9Xj4Z4%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f5bb0d9520-LHR access-control-allow-origin * server cloudflare
GET H3	200	favicon.ico hxlfd.top/	4 KB 1 KB	58ms 58ms	Other image/vnd.microsoft.icon	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ffb81e3b15f8ac3722236fb7793dc196c9e7ad850904d98b9c874aa61d9aab84` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hxlfd.top/S73bHR8/ Response headers content-encoding zstd cf-cache-status HIT etag W/"10be-18fc353e3b0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GIViG1kBt1TTnsgtJzLyxi2gumGfrFcRqZRXZ%2BRtQwupWbNXx5Fg2HlHcg32RIKt%2FiqUiA7p%2F3G1ALYwfF00ft5vQ1hpDLyG%2BskQ8v1wdIPUHiu2RIORM88iSg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type image/vnd.microsoft.icon last-modified Wed, 29 May 2024 07:50:06 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f63bc09520-LHR access-control-allow-origin * server cloudflare
GET H3	200	c512e087ppTpH.js Show response hxlfd.top/S73bHR8/assets/	34 KB 11 KB	52ms 51ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/c512e087ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9c05f242aba2b6b88bb4812fdc45a4f5c6df0a4c0c7d39e848d665e4ca28bf9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"8951-18fc3540ac0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlEfAuInKSVAGSoOl3Mr5B5BPsBcdVVwkNAr6sMis0ljxI8vsLeTsixKZ6Y%2FsvPiWvCrThCmmFQFLf8IyQsw6NlrAbuSu%2F3eCiUSamUdJbt3jFW0WgUJ35MoQvw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:16 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c039520-LHR access-control-allow-origin * server cloudflare
GET H3	200	09bf01f8ppTpH.js Show response hxlfd.top/S73bHR8/assets/	2 KB 1 KB	71ms 71ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/09bf01f8ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4fc342da1eb5671f9afd2160ea0742ff6bb50633daddd6ff1872c3a7b007e348` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"8d0-18fc353fb20" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piU2RySTPkPbn29D%2FlpXWys%2FbNLb%2BH8fGrnb3mVt%2Fn0Rije1TrxED9HS8y1fwEoE2H0XAQoaILJK%2BAMzJlr4WyE9inShw99pzTEZ1Ys4TuUeTOcCta5YTUiF1kk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:12 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c069520-LHR access-control-allow-origin * server cloudflare
GET H3	200	1e0ac1c4ppTpH.js Show response hxlfd.top/S73bHR8/assets/	3 KB 2 KB	52ms 52ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/1e0ac1c4ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `90baaf97bc456179b4c5c13c51c8a5595a5452a40cd553b8f1c77048d499e652` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"a86-18fc353fb20" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VO5ArE720kc3%2FNNoQFf2M7DPrkxkNnpAhWlOsEmt2KouGEVojXw7tdSpvn%2BGlVVdhdViCl%2B%2Fi%2BlgUcla8FXkoDI25IgY9umHPBpThxgIcfav8UPrdH2lRiR6z2g%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:12 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c079520-LHR access-control-allow-origin * server cloudflare
GET H3	200	1e9862acppTpH.js Show response hxlfd.top/S73bHR8/assets/	145 KB 35 KB	72ms 72ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/1e9862acppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `81b3508641b7e05ef7df31ff2e3f046ca6b4dd8144a0ad2c44406acaf1a45d50` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"24477-18fc35402f0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUqo2so2TL1gmeT511slzxoYqq28%2FdLQ8TvRfAgGA5lJ1t4IMi%2FVr2YH3cDCr6%2BWgXtjmaHd6BkS5Xg%2F%2F8PGc33srRApaVUrLsEeMfWyxweN2jK2dktJ4%2FwIcpI%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c109520-LHR access-control-allow-origin * server cloudflare
GET H3	200	c27b6911ppTpH.js Show response hxlfd.top/S73bHR8/assets/	2 KB 1 KB	81ms 81ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/c27b6911ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c15984c69b8d929513d2581de50759e2db170f7d632f60255bdde91ce1fc271` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"722-18fc35402f0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogm0fcY20YUKclNjdilZl3dx4hO%2F%2FMmUToLBQbD2hFjdZeJzenvswxp9CVCdrCc1%2B0QE1OmDsWuuUIlhtdLnePfD4su%2BsD4CAyMnFQiXbUQ4%2F61MHM8zsyDA9oA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c129520-LHR access-control-allow-origin * server cloudflare
GET H3	200	eac69f25PkNpN.css hxlfd.top/S73bHR8/assets/	33 KB 6 KB	54ms 53ms	Stylesheet text/css	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/eac69f25PkNpN.css Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eac69f254880a47ff4b5b97c0c0f1cdea047027cf6425f1c6c0ea354b227865e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hxlfd.top/S73bHR8/ Response headers content-encoding gzip cf-cache-status HIT etag W/"85c5-18fc353fb20" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWGpk9qjfJdK0n2TWpVJL1AV4L6KDnpenAnr4pUmb4IhBCmWMklhPG9cuk3%2FqMIbM60hnpBvOwHep9u0N6ZU0HlvY0MIHkWBjb7X6Fz01G27WkVaLHhliVbRWcs%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type text/css; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:12 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c179520-LHR access-control-allow-origin * server cloudflare
GET H3	200	6767f929ppTpH.js Show response hxlfd.top/S73bHR8/assets/	6 KB 3 KB	54ms 53ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/6767f929ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `83817483b9893b3cc390e6fd0f1e2bdc91f056527ec0155701d98c76218b66d3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1888-18fc35402f0" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJVZv39KPHGL0bozJovW6P%2FciZ28Un3vuL28mr3iQ1d%2Bcch4pkXXPmF4%2FTZy6WU%2BT9hhqO%2F0zbWrYjV%2F3moocz%2FncStHlqbdvxCHvA945kk7E0C6oGU8Pbpxeuc%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c189520-LHR access-control-allow-origin * server cloudflare
GET H3	200	1a8e61eaPkNpN.css hxlfd.top/S73bHR8/assets/	365 B 720 B	80ms 80ms	Stylesheet text/css	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/1a8e61eaPkNpN.css Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1a8e61ea89950a1b6b31c1340933ed7e099a0dddcb253df6148f8269827278eb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hxlfd.top/S73bHR8/ Response headers content-encoding zstd cf-cache-status HIT etag W/"16d-18fc353fb20" age 1083 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yk8oz%2BuOYWyc6qiutjHduM37DLhXcYtKjvZxTha2u5JaUed%2BgsDdnhi005MC9c1j9kvUM5jRGt4%2BXKwTLrHB0HE1yhvIqmjbgh%2B5zfIgeRgyjnKpkXzo47K%2FKAU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type text/css; charset=utf-8 last-modified Wed, 29 May 2024 07:50:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f65c199520-LHR access-control-allow-origin * server cloudflare
POST H3	200	MC40NzM1ODE1ODY1MjA3OTE5Ng== Show response hxlfd.top/api/	848 B 1 KB	221ms 219ms	XHR application/json	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/api/MC40NzM1ODE1ODY1MjA3OTE5Ng== Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4841d12dc56662651e9a7f3e3dd588feb48ba195e906511c30deee7b2198a48a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/encrypt Referer https://hxlfd.top/S73bHR8/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC etag W/"350-/eWbbHPO++CuJYj0zDtvsX1okIs" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnUXXERgLaP8x%2FSccI%2FWjYsN808mpVfq5kUxamOFdx9SRDRsWxGJxo1U2AS3Ey2fNXCfIf1FiVs2XCVmCz%2B1qpyK8yf0z1W4OB7SUMJ04fMFWE79qY2T0Bv31YQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7f72d9c9520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/json; charset=utf-8 server cloudflare
GET H3	200	8d1cb312ppTpH.js Show response hxlfd.top/S73bHR8/assets/	111 KB 33 KB	53ms 52ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3df35df81c4fb84e56cb2559a520b360e38b7ff38dc1c0e315582d414c7d7579` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1bb6c-18fc35402f0" age 1082 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pf9eFMU2NvI0JqeqvEoCm7FPXm%2BjM1zRE75z5pEAjoUAeygbi%2BC4qL2fNoYTjKwoAyK0%2BJR66XnXyPXnMt1MeumDcB4qiL3PWEhcvn0F7%2BBXJxPenJA%2BSzXv%2BZU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f89fa29520-LHR access-control-allow-origin * server cloudflare
GET H3	200	/ Show response hxlfd.top/socket.io/	118 B 549 B	127ms 126ms	XHR text/plain	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/socket.io/?EIO=4&transport=polling&t=PAL8ZUk Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e13fe1a8c3aca75bb71aa3ce36aab89e947ecffa18b5e51fd22bef44672f0945` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://hxlfd.top/S73bHR8/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scyJpTu5INupIsNcG%2BslISHShoISocoN9mKq94J6IZmqp0q1O4tncmqVyUAh4fFv7qioCyI%2Btx6ouVHxuiFXo7oFCdGnmX5c%2F3UdRFroKYmH%2BOJ%2FbSexRzIGxPk%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7f9287a9520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type text/plain; charset=UTF-8 server cloudflare
GET H3	200	69a2b0a1ppTpH.js Show response hxlfd.top/S73bHR8/assets/	114 KB 36 KB	56ms 55ms	Script application/javascript	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/69a2b0a1ppTpH.js Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0691bd1be51719da9260ad047d7c07a1cc9e951af9fc7ae6e56d173b8084e263` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"1c6cb-18fc35402f0" age 1082 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fikR8ev8OEUAQGcWzN5RbUF%2F6aM6%2FfKnlhhp7ztxmGBYbEL%2FByk4SfIj9AIEafWzdh3c95KBKK5KnYh%2Ffulo34eWULa40D2rpW063B%2BKvkok0YzN%2BL4RWsuz6mY%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 29 May 2024 07:50:14 GMT cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f9388b9520-LHR access-control-allow-origin * server cloudflare
GET H3	200	f4397cedPkNpN.css hxlfd.top/S73bHR8/assets/	400 B 767 B	50ms 50ms	Stylesheet text/css	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/f4397cedPkNpN.css Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hxlfd.top/S73bHR8/ Response headers content-encoding zstd cf-cache-status HIT etag W/"190-18fc353fb20" age 1082 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TC0yMuRrhJ7xr%2Fg%2FhbUvWcDeajvj3puPUv2DYWz%2FYAzyBigV0yr%2Bypmuirahu6mBSdIOR1ZrwBf9n0Wr%2FMaxXox1bgRu6EV60AstGvFR2I31YuSWG2SpyupVcB8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type text/css; charset=utf-8 last-modified Wed, 29 May 2024 07:50:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7f9388d9520-LHR access-control-allow-origin * server cloudflare
GET H3	200	067b6627PkNpN.woff2 hxlfd.top/S73bHR8/assets/	19 KB 20 KB	59ms 58ms	Font font/woff2	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/067b6627PkNpN.woff2 Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/eac69f25PkNpN.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `067b66273ba2a156d2f6ca5529e4aeb9949408e47e06bd2d38e2093edc3bbab1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer https://hxlfd.top/S73bHR8/assets/eac69f25PkNpN.css Response headers cf-cache-status HIT etag W/"4d74-18fc353fb20" age 1081 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nb%2BqpqT%2Bid3uZx3rD0kHxkhqyUEczPgCaOCJhFm1DC9CPM7tAnY94lL48TCBawfXjnnKQKdBLhfO7azTU5WK%2BIh2zpgcSFo1QJyvbIfvZhCP6Ni2Yg%2Ba%2FeMUSXI%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type font/woff2 last-modified Wed, 29 May 2024 07:50:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7fa5a3a9520-LHR accept-ranges bytes access-control-allow-origin * content-length 19828 server cloudflare
GET H3	200	5805b5c7PkNpN.woff2 hxlfd.top/S73bHR8/assets/	19 KB 20 KB	60ms 60ms	Font font/woff2	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/S73bHR8/assets/5805b5c7PkNpN.woff2 Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/eac69f25PkNpN.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5805b5c786e9d2a4ef962597ae6f2ad133b015b182ab5ff0747e1ae373a20c26` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hxlfd.top Referer https://hxlfd.top/S73bHR8/assets/eac69f25PkNpN.css Response headers cf-cache-status HIT etag W/"4cd0-18fc353fb20" age 1081 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PsRsH%2BZ58%2BXcHipH91LhbqCkViG%2Fyw7jggQyFHNFS0mWm6OxO2mu72qYilVStsIUmCCXmjcNAUVlP73Q%2FJXO94gD%2FmYbgCHbR2jnJPbHoYzcnzQN%2F8KoEK1Etuc%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type font/woff2 last-modified Wed, 29 May 2024 07:50:12 GMT vary Accept-Encoding cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d37c7fa5a3d9520-LHR accept-ranges bytes access-control-allow-origin * content-length 19664 server cloudflare
POST H3	200	/ Show response hxlfd.top/socket.io/	2 B 426 B	137ms 135ms	XHR text/html	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/socket.io/?EIO=4&transport=polling&t=PAL8ZXq&sid=VDx-m3K3srHVlSsQApil Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer https://hxlfd.top/S73bHR8/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Content-type text/plain;charset=UTF-8 Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOdC8FfZnfbsmiCOPLLMcxBj4gUr6g5VH3BZly39WNnHhIYWQ86uPhidbe7wcoBxUnzHJEa%2FhMATF08cEhe3uNflFIWJoq3Mb7crSOoWkjUehHbo%2Fj150PxR0nE%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7fa6a609520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:40 GMT content-type text/html server cloudflare
GET H3	200	/ Show response hxlfd.top/socket.io/	32 B 455 B	228ms 228ms	XHR text/plain	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/socket.io/?EIO=4&transport=polling&t=PAL8ZXs&sid=VDx-m3K3srHVlSsQApil Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `15b531eb918fe15abecf77f360d819877862c09741c12b670a909a4213d9b26c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://hxlfd.top/S73bHR8/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLBN6mClNX%2FCcA%2BpNFlLY5iX%2BNSOVOcRCrp180E%2FafqG%2B3SRVqpB1qy2cLnq%2BFw4q2nwZq8zbFiWHBr0jdTkudPINMRbTXwhEpeDozQoMZiwlxvXukLDQ1N9N3Y%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7fa6a649520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 32 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:41 GMT content-type text/plain; charset=UTF-8 server cloudflare
GET H3	200	/ Show response hxlfd.top/socket.io/	59 B 499 B	140ms 140ms	XHR text/plain	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/socket.io/?EIO=4&transport=polling&t=PAL8ZbW&sid=VDx-m3K3srHVlSsQApil Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1661f39c19f7c7d18b87d4ffeebbf2c44a9a2fb4a7128cc2df598cbfd614674e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://hxlfd.top/S73bHR8/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2F0rCt7OyoXUUacABPtqx1pgcD1zrM6KL7pOeCBSWGj4lP9%2FLD1NSss6NLSZxFpawWYP8C5kRmBfS87lfQRwas8gWbxlQwsUJZs9ZbCF0Fpla3YaDvEk%2FPSwbFI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7fbec919520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:41 GMT content-type text/plain; charset=UTF-8 server cloudflare
POST H3	200	/ Show response hxlfd.top/socket.io/	2 B 425 B	147ms 146ms	XHR text/html	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/socket.io/?EIO=4&transport=polling&t=PAL8ZbY&sid=VDx-m3K3srHVlSsQApil Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer https://hxlfd.top/S73bHR8/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Content-type text/plain;charset=UTF-8 Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0vUsFCPw081QcVPORGqr%2Fp8PcpXB9j5JhS7Zn5vnxMuj%2F2tF64LQJ8Y3aVCqEglKNkN6p9LHnUfjiO1hbdxYSSTICFPNra4atixLDgv7G1d8045IGCcOhu2QBs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7fbec959520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:41 GMT content-type text/html server cloudflare
GET H3	200	/ Show response hxlfd.top/socket.io/	159 B 584 B	123ms 123ms	XHR application/octet-stream	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/socket.io/?EIO=4&transport=polling&t=PAL8Zdn&sid=VDx-m3K3srHVlSsQApil Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/8d1cb312ppTpH.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a5a9ab3e4f45da95cfc143c1ea23a371bb37c5b841b7f1cc78558ee41334ab6b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept / Referer https://hxlfd.top/S73bHR8/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ve9inoG%2FNe4ZuRYYissTyoWhT47idxNlPfQ1rwP6p4aJE1wcNEamMlhOiXgRVQCyfBGMF2dN2yrKW%2FFp2wWwaYtwaJy1k2FGwfyihUv0GyTGTyW8PxJxg3uNNg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c7fccdee9520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:41 GMT content-type text/plain; charset=UTF-8 server cloudflare
POST H3	200	MC44ODA2Mzg2NjUzODI0MDQz Show response hxlfd.top/api/	36 B 491 B	139ms 137ms	XHR application/json	172.67.205.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hxlfd.top/api/MC44ODA2Mzg2NjUzODI0MDQz Requested by Host: hxlfd.top URL: https://hxlfd.top/S73bHR8/assets/index-aa8897f3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.205.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4eea1641be7094501ea20c7badd2dc05fd8f55e65fb47c8323843ee1a00bf9cb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/encrypt Referer https://hxlfd.top/S73bHR8/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag W/"24-EsHzV8QwGQaEeP/NzHAlh7lfRFg" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2Fy11zcH%2FiGN4k7yDfGcFCOYbRNF2RvjE1XqeZ9CeuAcOMDKYC%2FHKccqil%2Bi6%2BGiGDHSYt0FBnXFQQBLmZp7Tu%2B%2FDDtMlWVPaa5rRsh8njCxaDaqG63rARXZDvY%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d37c80838409520-LHR access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 36 server-timing cfExtPri date Wed, 16 Oct 2024 11:41:43 GMT content-type application/json; charset=utf-8 server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Hermes (Transportation)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IMask boolean| __vite_is_modern_browser boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-21 04:37:10	Name: _bit Value: o9gbFD-f25eeacfd4aca4c2bb-006

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
hxlfd.top
172.67.205.249
2606:4700:3031::6815:5d3d
67.199.248.10
067b66273ba2a156d2f6ca5529e4aeb9949408e47e06bd2d38e2093edc3bbab1
0691bd1be51719da9260ad047d7c07a1cc9e951af9fc7ae6e56d173b8084e263
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13ddaae54ed5314198cad80a74502a84cad44a48b06ac4e5c6bf5aee01e4bcc1
15b531eb918fe15abecf77f360d819877862c09741c12b670a909a4213d9b26c
1661f39c19f7c7d18b87d4ffeebbf2c44a9a2fb4a7128cc2df598cbfd614674e
1a8e61ea89950a1b6b31c1340933ed7e099a0dddcb253df6148f8269827278eb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f424d3db32b37fad65204d59c667db965b937ff6b91f9b62bf1be24f1faf3e7
3c15984c69b8d929513d2581de50759e2db170f7d632f60255bdde91ce1fc271
3df35df81c4fb84e56cb2559a520b360e38b7ff38dc1c0e315582d414c7d7579
4841d12dc56662651e9a7f3e3dd588feb48ba195e906511c30deee7b2198a48a
4eea1641be7094501ea20c7badd2dc05fd8f55e65fb47c8323843ee1a00bf9cb
4fc342da1eb5671f9afd2160ea0742ff6bb50633daddd6ff1872c3a7b007e348
5805b5c786e9d2a4ef962597ae6f2ad133b015b182ab5ff0747e1ae373a20c26
81b3508641b7e05ef7df31ff2e3f046ca6b4dd8144a0ad2c44406acaf1a45d50
83817483b9893b3cc390e6fd0f1e2bdc91f056527ec0155701d98c76218b66d3
90baaf97bc456179b4c5c13c51c8a5595a5452a40cd553b8f1c77048d499e652
9c36895238ee0aba804e6e0cdf9d3194471d7312d1b8304cadf36df86c57a1b1
a5a9ab3e4f45da95cfc143c1ea23a371bb37c5b841b7f1cc78558ee41334ab6b
a9c05f242aba2b6b88bb4812fdc45a4f5c6df0a4c0c7d39e848d665e4ca28bf9
e13fe1a8c3aca75bb71aa3ce36aab89e947ecffa18b5e51fd22bef44672f0945
eac69f254880a47ff4b5b97c0c0f1cdea047027cf6425f1c6c0ea354b227865e
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911
f7a0856b9c0579f765cfca8fcc2a736069b2593a92d6ced125df2d21ebc46292
ffb81e3b15f8ac3722236fb7793dc196c9e7ad850904d98b9c874aa61d9aab84

hxlfd.top Open in urlscan Pro 2606:4700:3031::6815:5d3d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

342 kBTransfer

1047 kBSize

1 Cookies

54 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hxlfd.top Open in urlscan Pro
2606:4700:3031::6815:5d3d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

342 kB
Transfer

1047 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!