Submitted URL: https://12osrsjav7okxw.xyz/
Effective URL: https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz
Submission Tags: falconsandbox
Submission: On November 12 via api from US — Scanned from US

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3032::6815:2f5b, located in United States and belongs to CLOUDFLARENET, US. The main domain is n4gia9fn2xc3z.xyz.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.
This is the only time n4gia9fn2xc3z.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:303... 13335 (CLOUDFLAR...)
2 20.6.179.140 8075 (MICROSOFT...)
2 206.238.197.151 399077 (TERAEXCH)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
3 162.209.140.74 40065 (CNSERVERS)
1 2606:4700:303... ()
24 7
Domain Requested by
10 12osrsjav7okxw.xyz 1 redirects 12osrsjav7okxw.xyz
7 n4gia9fn2xc3z.xyz 1 redirects 12osrsjav7okxw.xyz
n4gia9fn2xc3z.xyz
3 znutu.tc4etuigq1tp2.xyz 12osrsjav7okxw.xyz
n4gia9fn2xc3z.xyz
2 znutu.zch3phrvosp9v.xyz n4gia9fn2xc3z.xyz
2 hmrh52eh9nz2k8.top 12osrsjav7okxw.xyz
n4gia9fn2xc3z.xyz
1 5ugvq2ynmibym.xyz n4gia9fn2xc3z.xyz
24 6

This site contains no links.

Subject Issuer Validity Valid
12osrsjav7okxw.xyz
WE1
2024-09-14 -
2024-12-13
3 months crt.sh
52medhmvvqp51p.top
E6
2024-09-17 -
2024-12-16
3 months crt.sh
*.tc4etuigq1tp2.xyz
E5
2024-11-12 -
2025-02-10
3 months crt.sh
n4gia9fn2xc3z.xyz
WE1
2024-11-05 -
2025-02-03
3 months crt.sh
*.zch3phrvosp9v.xyz
E6
2024-11-12 -
2025-02-10
3 months crt.sh
5ugvq2ynmibym.xyz
WE1
2024-11-05 -
2025-02-03
3 months crt.sh

This page contains 4 frames:

Primary Page: https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz
Frame ID: 7C919B7FB612F8AD8FB24F2942275080
Requests: 16 HTTP requests in this frame

Frame: https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 1AE7AD27F03792968FA349B39947C827
Requests: 2 HTTP requests in this frame

Frame: https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 098BD5EDC59A132297B791F2841AB410
Requests: 2 HTTP requests in this frame

Frame: https://5ugvq2ynmibym.xyz/?domain=12osrsjav7okxw.xyz
Frame ID: 7FB91745B865C1190707013F09956426
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://12osrsjav7okxw.xyz/ Page URL
  2. https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Page Statistics

24
Requests

88 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

119 kB
Transfer

260 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://12osrsjav7okxw.xyz/ Page URL
  2. https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 15
  • https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
12osrsjav7okxw.xyz/
2 KB
2 KB
Document
General
Full URL
https://12osrsjav7okxw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bda8e9732d47cd20f66dfbbed45138742ebfc0a9a05691c6c9b65a8801ab9f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e15c62a989f42f1-EWR
content-encoding
zstd
content-type
text/html
date
Tue, 12 Nov 2024 10:17:45 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvTbySf%2BW1eyrge%2F2xIylB4Wz%2BR8ReurBzg1pydM2OeTW%2F9MMuJEtvykHSN1qf22pknbAFn90%2FxCku9zdeZ4aSsyfz5fSpRkDdOdI8ZqGfZLqB7YOijybKZg2m3Ns6GK9%2B7q5DSy5oYybpeo9pTQChQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=3040&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4296&recv_bytes=5704&delivery_rate=1007&cwnd=12000&unsent_bytes=0&cid=d3e60a6584205e44&ts=492&x=1" cfExtPri cfHdrFlush;dur=0
common.js
12osrsjav7okxw.xyz/static/js/
8 KB
4 KB
Script
General
Full URL
https://12osrsjav7okxw.xyz/static/js/common.js?t=202409091529
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadb131196f7bf3c5702c6a43209470907e7638a486a0851700dc68b6acf5125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-1e7c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NFaPkWwIbba0i1L3LQvhL3NvA8dK1dKfwkT0mLSs9O7DIJ6O%2FrhnCTLSV2Qnj71dbzKLTluwCkR3Q%2FtJPZpYsc00MpCMkY6ytRvqQjkXkWzX%2FmyN62CtqzrdmNlnSWyeak2CvNv7gND0OV0%2B6%2BHUWXg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c62daa5342f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3038&sent=18&recv=18&lost=0&retrans=0&sent_bytes=5983&recv_bytes=7287&delivery_rate=546831&cwnd=12000&unsent_bytes=0&cid=d3e60a6584205e44&ts=980&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:46 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
vue.min.js
12osrsjav7okxw.xyz/static/cdn/js/
92 KB
36 KB
Script
General
Full URL
https://12osrsjav7okxw.xyz/static/cdn/js/vue.min.js
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-16fc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdAlfJpBVhXDtz3f5WBmJM%2BAzTonevCXHlNjcjM7mgqyWpcAwFFnizyN967kXscyoFKNb8P8JLlnVOBRslPOYh1303UCbQ%2FwsiSCZaL8OGLG%2BSLyijAnKtzoaO1I9YrU%2Fin%2F9GIrXP4xpDw6LQl%2FFOQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c62daa5442f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2985&sent=50&recv=34&lost=0&retrans=0&sent_bytes=38878&recv_bytes=7976&delivery_rate=2035986&cwnd=22800&unsent_bytes=0&cid=d3e60a6584205e44&ts=1445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:46 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
axios.min.js
12osrsjav7okxw.xyz/static/cdn/js/
17 KB
7 KB
Script
General
Full URL
https://12osrsjav7okxw.xyz/static/cdn/js/axios.min.js
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-45b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BC40FK5EACAzdscAMukMh11FdJe%2BKr3I6mkR7qy6r4BE4m3on7AGDSB%2BG%2FLogQqfBFayijekGyvZhKSpO5Vrqf2xUgZFiDeyyzDYkBBA8xAB5mI8aBddaF7gZNL9OrCIsaWXFaeWZkxLwplw2uO1mMQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c62daa5542f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3047&sent=26&recv=22&lost=0&retrans=0&sent_bytes=13335&recv_bytes=7459&delivery_rate=15471&cwnd=12000&unsent_bytes=0&cid=d3e60a6584205e44&ts=1212&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:46 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
crypto-js.min.js
12osrsjav7okxw.xyz/static/cdn/js/
46 KB
17 KB
Script
General
Full URL
https://12osrsjav7okxw.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lObOf3fH6hrUKdScpK7VxqCEQ3RGxAEMXKgPUucKRTMeQKBkNgXHCVS4OvW%2BTlFh%2B3IBePKEUQ8edQJrX7MkDfny8CgkC14gMka8jTEK0UXs6d5yYrV7UquPiZXmkMwIHgMz50bHMdRdAyu3%2FcCRMiY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c62daa5642f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3164&sent=33&recv=26&lost=0&retrans=0&sent_bytes=20624&recv_bytes=7632&delivery_rate=2296893&cwnd=12000&unsent_bytes=0&cid=d3e60a6584205e44&ts=1437&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:46 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
collect_301.js
12osrsjav7okxw.xyz/static/js/
8 KB
3 KB
Script
General
Full URL
https://12osrsjav7okxw.xyz/static/js/collect_301.js?t=202409091529
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434620144df9c6f0572a9e55d35d51a97669b3846cd16cae57a0b803c4069eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-1e3e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixHy7SjRxrYJuGub%2FAWyR9PLclyIxW5eNDAn4hpIOuy6xKo4Jfyc9PC82PbOJH7akBKOX8gRVy9kqj9RhPYSpO5uHtvpYAxQkKN6msORe1HrrtiHJ%2BSOJIFx2ATwYQtAY5D3RUpByp%2BTQzk%2FR9QNGro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c62daa5842f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3038&sent=22&recv=18&lost=0&retrans=0&sent_bytes=9712&recv_bytes=7287&delivery_rate=546831&cwnd=12000&unsent_bytes=0&cid=d3e60a6584205e44&ts=981&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:46 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
/
hmrh52eh9nz2k8.top/
220 B
1 KB
Fetch
General
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/static/js/collect_301.js?t=202409091529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
487b5f8eb7fb8a5f106e6c570d3a2cdec623146426632d15b6ffc2b534df58b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

Etag
"c077713035b253567e1fc18a8a5b4db5"
Age
6232
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
29d381ed7c5b87b2185bdd7ef362936a
Date
Tue, 12 Nov 2024 10:17:47 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Tue, 12 Nov 2024 08:33:46 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE3[4],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE25[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,2]
X-Amz-Request-Id
000001931F81FA9E90169C63F97EC20F
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
220
Server
openresty
main.js
12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 1AE7
Redirect Chain
  • https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB
Script
General
Full URL
https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99a7177b97fe4afbd988a4a63a705f9233ecca94af2508a993db60d859907e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XEYOtAzuKvAOe%2B0dJe8Xed%2F4sWO0fyHhK4uyVYbl%2FeQtIZ3R0I3LE445lJ6m1d5EZmaEGkEXqPZ%2BD8%2Fo0twsbZjP228kBtPFs8Irlo2k5cHVTUMfXs0Y7wg4wEIJgRwWCZjcsI2wdlTa4L5LlHZv0s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e15c63558b842f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2916&sent=86&recv=54&lost=0&retrans=0&sent_bytes=77011&recv_bytes=9634&delivery_rate=70830&cwnd=44400&unsent_bytes=0&cid=d3e60a6584205e44&ts=1739&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6k1wmdX%2F1GiIZBRTiAnfV%2B4q8umLC8b1TLBWLH9RBFSowbXrtm%2BZEuiyhvlCPVj7S1pFkT86TQVg%2BG16bYt%2BZBN9U3siK%2BKn%2FEmgMmOrPiKUQG%2BU8y1feJEMw5u%2Bv%2BJCcm92lIITazCM1xIiYZJys4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c63548ae42f1-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=2970&sent=84&recv=53&lost=0&retrans=0&sent_bytes=76258&recv_bytes=9342&delivery_rate=4269826&cwnd=44400&unsent_bytes=0&cid=d3e60a6584205e44&ts=1728&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:47 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
12osrsjav7okxw.xyz/
4 KB
4 KB
Other
General
Full URL
https://12osrsjav7okxw.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://12osrsjav7okxw.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejUiNCS0wNmj8w9ZpsgtUPYH%2BLj4BZ1murPXVtZcOzpkWW44X8C96sdQCUGslQnF228%2FXUkrtZXL6C2rqUfF5D1PDv%2FUWWethEHM3ctsxrWTAzCcevBqvFJ5VRZ5pyQg8ZTGK752BqHKSQwzzj9qiK0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c63548b342f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2955&sent=98&recv=72&lost=0&retrans=0&sent_bytes=83020&recv_bytes=26908&delivery_rate=29211&cwnd=44400&unsent_bytes=0&cid=d3e60a6584205e44&ts=2216&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:47 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i
8e15c62a989f42f1
12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1AE7
0
1 KB
XHR
General
Full URL
https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8e15c62a989f42f1
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:a635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3TIH6SlakYbnc%2FTIIs3l0vjhe2ee3ddLNe7E13j%2FBZCkIcMYjCtGsy0UJiDVz0ghu%2F%2FSj5Om%2BH4QUnhCva%2F0c7mjLvDvvmkOlf%2BbuNzgwUMi9wLTqzuvpnV5ZFruIZCwHy9vb6NPd5G0BIYyIPU4Xc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c636295e42f1-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2920&sent=97&recv=71&lost=0&retrans=0&sent_bytes=81824&recv_bytes=26863&delivery_rate=554427&cwnd=44400&unsent_bytes=0&cid=d3e60a6584205e44&ts=1884&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 12 Nov 2024 10:17:47 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
request
znutu.tc4etuigq1tp2.xyz/fast-endecode/main/
2 KB
2 KB
XHR
General
Full URL
https://znutu.tc4etuigq1tp2.xyz/fast-endecode/main/request
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/static/cdn/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
206.238.197.151 Singapore, Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://12osrsjav7okxw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
CF-RAY
8e15c63fda00dd44-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8800
Date
Tue, 12 Nov 2024 10:17:48 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
request
znutu.tc4etuigq1tp2.xyz/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://znutu.tc4etuigq1tp2.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
206.238.197.151 Singapore, Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://12osrsjav7okxw.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8e15c63e5ba4e2fd-HKG
Connection
keep-alive
Date
Tue, 12 Nov 2024 10:17:48 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8800
Primary Request /
n4gia9fn2xc3z.xyz/
2 KB
2 KB
Document
General
Full URL
https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz
Requested by
Host: 12osrsjav7okxw.xyz
URL: https://12osrsjav7okxw.xyz/static/js/collect_301.js?t=202409091529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2f5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de9c45d76c2576d4b85eab017151104934b5b15efbea4e7bdd4f6ca297d369a8

Request headers

Referer
https://12osrsjav7okxw.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e15c640ee044210-EWR
content-encoding
zstd
content-type
text/html
date
Tue, 12 Nov 2024 10:17:49 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BPhof5enPpU7DryOTKrnK1Vv81SbzyUs9HwbB3N6CO2r6lARgnz1T0yyIF6KKgctAXAi5c2SWGhpGypdkwJz%2FqARmlvjGuEk32E2gXz3ojmQNY4uQ3wxBxNM65BkIi0Vrve6lx79nRo1vSiG35KBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=2421&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4259&recv_bytes=5688&delivery_rate=1013&cwnd=12000&unsent_bytes=0&cid=d8661083c5538d70&ts=480&x=1" cfExtPri cfHdrFlush;dur=0
crypto-js.min.js
n4gia9fn2xc3z.xyz/static/cdn/js/
46 KB
17 KB
Script
General
Full URL
https://n4gia9fn2xc3z.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: n4gia9fn2xc3z.xyz
URL: https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2f5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-b9d8"
age
95
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZMyh0yM%2F7W5DU0Co%2BIbtPp0RZrlJvkMtj%2BHTo%2B9BmHKYlwezIcRq1hIwGSg71JWhdDFqn80%2FAlyTsKvovm7EYJtVFSHhWd%2Bb0vC4qe5twlLcAjLJR9RrmAk%2BUOkNTppPSrAe9PEJnKasnCKzEf1ww%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2520&sent=18&recv=14&lost=0&retrans=0&sent_bytes=6128&recv_bytes=6390&delivery_rate=630899&cwnd=12000&unsent_bytes=0&cid=d8661083c5538d70&ts=506&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:49 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e15c643f85a4210-EWR
server
cloudflare
iframe.js
n4gia9fn2xc3z.xyz/static/js/
11 KB
5 KB
Script
General
Full URL
https://n4gia9fn2xc3z.xyz/static/js/iframe.js?t=202409101529
Requested by
Host: n4gia9fn2xc3z.xyz
URL: https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2f5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166d01f8aeab337307b72d120ee2c44e1d30de85aaeb722f26b56c6fc5621a19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-2b62"
age
95
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MA6WbWFpdfQjD6h6Xes8Ex3uyyb6WZnSe09cbK%2FOBq8hR3pTj%2BcoOvz6r3pX8gsc7vGxIVvLwvojiM8Iefqn%2F9LsZE8E5eu89vjs66O0mQkrcWulOF9GXhavupYaNqZqFFqaLTJHDoW2vYt81F9oaw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2520&sent=29&recv=14&lost=0&retrans=0&sent_bytes=18128&recv_bytes=6390&delivery_rate=630899&cwnd=12000&unsent_bytes=0&cid=d8661083c5538d70&ts=507&x=1", cfExtPri, cfHdrFlush;dur=3
date
Tue, 12 Nov 2024 10:17:49 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e15c643f85b4210-EWR
server
cloudflare
/
hmrh52eh9nz2k8.top/
220 B
1 KB
Fetch
General
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: n4gia9fn2xc3z.xyz
URL: https://n4gia9fn2xc3z.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
487b5f8eb7fb8a5f106e6c570d3a2cdec623146426632d15b6ffc2b534df58b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://n4gia9fn2xc3z.xyz/

Response headers

Etag
"c077713035b253567e1fc18a8a5b4db5"
Age
6235
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
9a114eef11c30d7327bb42d952833077
Date
Tue, 12 Nov 2024 10:17:50 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Tue, 12 Nov 2024 08:33:46 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE3[2],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,0],EA-HKG-GLOBAL1-CACHE25[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,2]
X-Amz-Request-Id
000001931F81FA9E90169C63F97EC20F
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
220
Server
openresty
main.js
n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 098B
Redirect Chain
  • https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB
Script
General
Full URL
https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
2606:4700:3032::6815:2f5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af84947ea29fe7e07745ecaa7a63d0402623fadf8f3a7c7bc376db592470bd40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1YcIo6ujif5DFsJKn4mzW5IhswMLYJCHQV2Nn9cgrcHBwrZM9%2FjYtVDm9sufdzPPkVitfGz6HLg%2B1mJpNNSr9656dBE%2F8uLETLfgV2731YlkVa9v4cQ4N%2FD0%2F8qMFmt%2BWGQ2hM5xCs9ilGnt8d%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e15c64478ba4210-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2677&sent=45&recv=28&lost=0&retrans=0&sent_bytes=30844&recv_bytes=7793&delivery_rate=70750&cwnd=22800&unsent_bytes=0&cid=d8661083c5538d70&ts=580&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThwnJoqyZ4ISOeHxxZkmUJnAJck06MSqiVMgHJnwBpTStP3hw2fZnfO7PHH8kTYuJyns3Zue5NQ336KXLy88Zc1NOTz2nayjchZsFrhFY7PItlc4%2FRt6Al%2FgpXmzPxuC23XrbKQICUZVVHk9KWn%2Bpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c64468b04210-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=2585&sent=41&recv=26&lost=0&retrans=0&sent_bytes=29373&recv_bytes=7134&delivery_rate=991015&cwnd=22800&unsent_bytes=0&cid=d8661083c5538d70&ts=570&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:49 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
n4gia9fn2xc3z.xyz/
4 KB
4 KB
Other
General
Full URL
https://n4gia9fn2xc3z.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2f5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://n4gia9fn2xc3z.xyz/?domain=12osrsjav7okxw.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-eb0"
age
93
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxT%2BC1diK6wdDwxLpEVy43hIBLBfRhCvzN11Ya4dvWwOsUVP4kDaOH24d%2BqIWLXCTPK6uGmZfQliVOTGHHn3bDzyB%2F73fkzygK8U4MtHOdiHxbVeFGiGO3Ql3wCyi5dnoiKfHf%2BugrBJRzNqQdEXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2677&sent=44&recv=28&lost=0&retrans=0&sent_bytes=30141&recv_bytes=7793&delivery_rate=70750&cwnd=22800&unsent_bytes=0&cid=d8661083c5538d70&ts=580&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 12 Nov 2024 10:17:49 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e15c64468b74210-EWR
server
cloudflare
8e15c640ee044210
n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 098B
0
1 KB
XHR
General
Full URL
https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8e15c640ee044210
Requested by
Host: n4gia9fn2xc3z.xyz
URL: https://n4gia9fn2xc3z.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2f5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIUSI28VlAlji5iN5mZoEgEessQFB9aemegdTehL0QX8wKdRoacOCsaNBE56A7OvMZmAFIlIOkbw%2FXu1lX4Qnhjelyk48Z0Bm2Ty0q2AOPCsSScpPBmE05O%2FJDZjyw0csvGAHUD0bji69Jz381vrfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e15c6456a7e4210-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2696&sent=60&recv=48&lost=0&retrans=0&sent_bytes=39528&recv_bytes=25198&delivery_rate=1222828&cwnd=22800&unsent_bytes=0&cid=d8661083c5538d70&ts=741&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 12 Nov 2024 10:17:49 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
request
znutu.tc4etuigq1tp2.xyz/fast-endecode/main/
0
0

request
znutu.tc4etuigq1tp2.xyz/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://znutu.tc4etuigq1tp2.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.140.74 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://n4gia9fn2xc3z.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8e15c64bcc4104ff-HKG
Connection
keep-alive
Date
Tue, 12 Nov 2024 10:17:50 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8800
request
znutu.zch3phrvosp9v.xyz/fast-endecode/main/
2 KB
2 KB
Fetch
General
Full URL
https://znutu.zch3phrvosp9v.xyz/fast-endecode/main/request
Requested by
Host: n4gia9fn2xc3z.xyz
URL: https://n4gia9fn2xc3z.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.140.74 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
11f79cdd84d0593081a47827e06b7e80ce41af7fafe6743b51661c005a45b909

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://n4gia9fn2xc3z.xyz/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
CF-RAY
8e15c65fde3b23b0-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8800
Date
Tue, 12 Nov 2024 10:17:53 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
request
znutu.zch3phrvosp9v.xyz/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://znutu.zch3phrvosp9v.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.140.74 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://n4gia9fn2xc3z.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8e15c65e6b9addbc-HKG
Connection
keep-alive
Date
Tue, 12 Nov 2024 10:17:53 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8801
/
5ugvq2ynmibym.xyz/ Frame 7FB9
0
0
Document
General
Full URL
https://5ugvq2ynmibym.xyz/?domain=12osrsjav7okxw.xyz
Requested by
Host: n4gia9fn2xc3z.xyz
URL: https://n4gia9fn2xc3z.xyz/static/js/iframe.js?t=202409101529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9f06 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://n4gia9fn2xc3z.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e15c6630d6f7c81-EWR
content-encoding
zstd
content-type
text/html
date
Tue, 12 Nov 2024 10:17:54 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOFYvCaPu42orD6axhrC5yr7k7vFIX%2FLJQGTFPj6QiF9nzVwKC7uCvWwfw6hkyIBGEXDcmL1rF0FceyfUq1Rsfqfwr%2BP%2BpQuGAkjKPubM1f6kAFoI%2F9Nkfjm54%2B4kXm4j0mDe4N0RdBPholatt7SZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=2786&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4282&recv_bytes=5740&delivery_rate=1010&cwnd=12000&unsent_bytes=0&cid=7df3ed996e07a811&ts=498&x=1" cfHdrFlush;dur=0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
znutu.tc4etuigq1tp2.xyz
URL
https://znutu.tc4etuigq1tp2.xyz/fast-endecode/main/request

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CryptoJS function| getApiUrlSync object| publicKey function| getDomain function| handleEncrypt function| handleDecrypt function| fromCode object| urls function| getconfigDown

2 Cookies

Domain/Path Name / Value
.12osrsjav7okxw.xyz/ Name: cf_clearance
Value: ipP3FzacpNoDEkcQcA_nSPMYjTwmgORlLxptKsk6tBY-1731406667-1.2.1.1-nczzIn_qya6doyWorBmgyOi.eBX9ffdf43s3kiaCGaj8RaFqfzWlIW7yo8m_U0gfuexgAcbkGn1RIyA_iWMzHGWAWjFNO56bPDHDunKriWOiyChGWVEbtEHHYnSJUAplFDSamR1EoQ0lpR5tg7Sgc8g2VRt7jFtAa.7QiuNgvyWKaN50F8vi5qlvOkif0HXdXrUC4vKbeIp5Zd8IseJzB1hVV_IvRUMIMVaIrXY306lnvz.LuS12lXSBy2T2WF2.VqAS7r7GS1qbBBzBRVGhNvouBDAft_QHVDaq_UfJNffQ8aRNkYNqMnRsqE3PQHyNCC21G6oN0fZghP4tLhveck5v7uNo3Ls66HTjLIZ2vfdS8ImxvEv5xerk4ziOmydT
.n4gia9fn2xc3z.xyz/ Name: cf_clearance
Value: tnH_j_4oZ8mw6.4rORdeVCWo9dACvAzoC6NrETreDxk-1731406669-1.2.1.1-Z_7rwETrusC1QfiFew7fqzpszgh1d7jykum0yEforIsTJuVL4mM_MSv1ueFk8cfYz4pD9.d9UvsUIwX7E4C1m2Qu_MZRqcp0uxR7p0ZaKasQN2v.2ExqR1m4TF7pHzi7E.Zg77T5WLr3kYValE9EW3pPdPxjxm81Kq83wO5zfMDMnVealpKKYc_8CYmyhM0aXubRc8fEy0xmwLY2Rt26pilo5Kuft69PPu0b4msHbMU79HeURIY4Fl6xDWVBTfLR2eClGajtzYpaiWVIg_lNugHXwuWO1.IajcYOsaLH11_sECs8oF2V9Qq9OEbJ_l5jLaJ_nOINyRitDQwvih35QH9e5FRkfemLPEqVwX.1vf4HIH35Tev3igdmmokHQfzn