urlscan.io logo urlscan.io
SecurityTrails logo

xylocybin.com Open in urlscan Pro
2606:4700:3035::6812:2eaf  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xylocybin.com/index_1.php
Effective URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5A...
Submission: On March 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3035::6812:2eaf, located in United States and belongs to CLOUDFLARENET, US. The main domain is xylocybin.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 9th 2020. Valid for: 9 months.
This is the only time xylocybin.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer) Excel / PDF download (Online)

Domain & IP information

IP Address AS Autonomous System
28 2606:4700:303... 13335 (CLOUDFLAR...)
28 1
Apex Domain
Subdomains		 Transfer
28 xylocybin.com
xylocybin.com
218 KB
28 1
Domain Requested by
28 xylocybin.com xylocybin.com
28 1

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-09 -
2020-10-09		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Frame ID: 25B2AB4D034065E8771285332547E345
Requests: 14 HTTP requests in this frame

Frame: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Frame ID: DC9E47CF90E63A58E79DC85319869C85
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://xylocybin.com/index_1.php Page URL
  2. https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-158... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

218 kB
Transfer

462 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xylocybin.com/index_1.php Page URL
  2. https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index_1.php
xylocybin.com/ 		15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/index_1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a4263792ab2445320bdae2397dd31aa8407b3e0daa4bbc4a3e1f4310788f45
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
xylocybin.com
:scheme
https
:path
/index_1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
503
date
Sat, 14 Mar 2020 05:02:43 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dac57e5ea06a7cce07e4a889b0a3ba6c91584162163; expires=Mon, 13-Apr-20 05:02:43 GMT; path=/; domain=.xylocybin.com; HttpOnly; SameSite=Lax; Secure
x-frame-options
SAMEORIGIN
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
573b71aefc40c2f4-FRA
transparent.gif
xylocybin.com/cdn-cgi/images/trace/jschal/js/ 		42 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=573b71aefc40c2f4
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://xylocybin.com/index_1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 14 Mar 2020 05:02:43 GMT
last-modified
Fri, 06 Mar 2020 12:21:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5e624055-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
573b71af5cd5c2f4-FRA
content-length
42
expires
Sat, 14 Mar 2020 07:02:43 GMT
transparent.gif
xylocybin.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=573b71aefc40c2f4
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://xylocybin.com/index_1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 14 Mar 2020 05:02:43 GMT
last-modified
Fri, 06 Mar 2020 12:21:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5e624055-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
573b71af5cd9c2f4-FRA
content-length
42
expires
Sat, 14 Mar 2020 07:02:43 GMT
Primary Request index_1.php
xylocybin.com/ 		40 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadfcd9d715f8e8f33af3db9a093fea844008f4c35c65c9d707c1dbcbf24bc3b

Request headers

:method
POST
:authority
xylocybin.com
:scheme
https
:path
/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
content-length
2037
pragma
no-cache
cache-control
no-cache
origin
https://xylocybin.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://xylocybin.com/index_1.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dac57e5ea06a7cce07e4a889b0a3ba6c91584162163
Origin
https://xylocybin.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://xylocybin.com/index_1.php

Response headers

status
200
date
Sat, 14 Mar 2020 05:02:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_clearance=0493adf1a7de798556cae63663aed3ff7dc0493e-1584162167-0-150; path=/; expires=Sun, 15-Mar-20 06:02:47 GMT; domain=.xylocybin.com; HttpOnly; Secure; SameSite=None __cfduid=de24f087e62b3b2893a2cd65ab371f94e1584162167; expires=Mon, 13-Apr-20 05:02:47 GMT; path=/; domain=.xylocybin.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
573b71c86d69c2f4-FRA
content-encoding
gzip
index_1.css
xylocybin.com/ 		45 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/index_1.css
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6bba9179a5ec451dc6f4c93ab99525f4fb5918ad1f65e201a03f54ad7f6c8c3

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Dec 2016 06:46:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
573b71cac996c2f4-FRA
ndhui.css
xylocybin.com/trademanager/excel/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.css
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 14 Mar 2020 05:02:47 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71cac997c2f4-FRA
ndhui.js
xylocybin.com/trademanager/excel/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.js?0=0&0=0&0=0
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 05:02:47 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71cac99ac2f4-FRA
ewaother.png
xylocybin.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/ewaother.png
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb87e9c96059f20821e4fe13900f60b7394752324574d38569381b98adc84196

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:47 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Jun 2015 08:47:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
573b71cac99dc2f4-FRA
ewacommon.png
xylocybin.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/ewacommon.png
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e65540513cb2a3e47e1d83f002ec50edb09a1b5572be0c0847cbc668569ade24

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:47 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Jun 2015 08:47:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
573b71cac99fc2f4-FRA
ewaedit.png
xylocybin.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/ewaedit.png
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa641ac1e002d1f34211836f31e81832c05ac2c8545078488c07b5e2d58df03

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Jun 2015 08:50:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
573b71ccbcd0c2f4-FRA
jquery-1.7.2.min.js
xylocybin.com/trademanager/excel/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/jquery-1.7.2.min.js
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a14334cecd2ff3eab027a8cfa5c3632f7b630a9b4e4a7bc5804c6bdd027efb73

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
573b71cc7c6bc2f4-FRA
jquery.sim.utils.js
xylocybin.com/trademanager/excel/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/jquery.sim.utils.js
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a379adb1028e345f0c739e3401ff7ff60c8663e898ca0e746f140aba329f74c0

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
573b71ccbccfc2f4-FRA
ndhui.js
xylocybin.com/trademanager/excel/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.js?0=0&0=0&0=0
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 05:02:47 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71ccbcd2c2f4-FRA
index.jpg
xylocybin.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/index.jpg
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b017df1defe56bb74395e69cf291beea481d7f97cdbe2cd50e9ea9f86f5570ca

Request headers

Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2016 15:05:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
573b71ccbcdcc2f4-FRA
content-length
48861
login.php
xylocybin.com/trademanager/excel/ Frame DC9E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3a8d094df644e0fdd3458ad62e16728f24e5febda43b6f76e80c84a5ca7765

Request headers

:method
GET
:authority
xylocybin.com
:scheme
https
:path
/trademanager/excel/login.php?login=&sfm_from_iframe=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cf_clearance=0493adf1a7de798556cae63663aed3ff7dc0493e-1584162167-0-150; __cfduid=de24f087e62b3b2893a2cd65ab371f94e1584162167
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://xylocybin.com/index_1.php?__cf_chl_jschl_tk__=798ced84632d1237fcf413c7c02916edc5356dd6-1584162163-0-ATG8LmXu5AWx4qaGZ3Fb737XnupkQeZqEYGkdEUx_jo-rhkoy2ML63-7DEeyFZHohDwvdnoSNSrsB0CfO0dJu2gfUwOzgRkmSGyzmNBtgfwSNCalfxwYPmy5efZAa9Spk9chW5YykdznnJW4-xyZG564vVQbM1tt4FobjFwRhmROhQT0pG2_ME-huJSLcIwq7iC_6GX3jYcdtoPLTIeCZqO-2vjI7L2RI5_E9cfdU0sCdfbrsxea7QGvdm0t7T0wRCZiq9eHME153sBu7KWWOTo7iXgGUn-iWxpbEm9GQyxj

Response headers

status
200
date
Sat, 14 Mar 2020 05:02:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
573b71cf7942c2f4-FRA
content-encoding
br
jquery-1.7.2.min.js
xylocybin.com/trademanager/excel/ Frame DC9E 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/jquery-1.7.2.min.js
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a14334cecd2ff3eab027a8cfa5c3632f7b630a9b4e4a7bc5804c6bdd027efb73

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d0db66c2f4-FRA
jquery.sim.utils.js
xylocybin.com/trademanager/excel/ Frame DC9E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/jquery.sim.utils.js
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a379adb1028e345f0c739e3401ff7ff60c8663e898ca0e746f140aba329f74c0

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d0db76c2f4-FRA
sfm-png-fix.js
xylocybin.com/trademanager/excel/ Frame DC9E 		2 KB
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/sfm-png-fix.js
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d3a4b5db9a1dae0dde8d18e7edc94ed4253290ea2e3a8ba43203657311022b

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d0db77c2f4-FRA
gen_validatorv4.js
xylocybin.com/trademanager/excel/ Frame DC9E 		31 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/gen_validatorv4.js
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba301c5ae0d795e133519ac0d2891d8f9cf3820c487e029dbfef86cf61a0c5d2

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d0db7bc2f4-FRA
excel.css
xylocybin.com/trademanager/excel/ Frame DC9E 		4 KB
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/excel.css
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d16c77980e69cd796fbac3ab5b828fc707867303c991eebf2c5c14112ea655c

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d0db78c2f4-FRA
ndhui.css
xylocybin.com/trademanager/excel/ Frame DC9E 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.css
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71d0db7ac2f4-FRA
ndhui.js
xylocybin.com/trademanager/excel/ Frame DC9E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.js?0=0&0=0&0=0
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71d0db7cc2f4-FRA
294.GIF
xylocybin.com/trademanager/excel/ Frame DC9E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/trademanager/excel/294.GIF
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef58f4d384c2763c7be72b7df1180f9e4a0c64f128659fb3d16a44fd5c0ef06

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
573b71d0db7dc2f4-FRA
content-length
7077
excel-Submit-0.png
xylocybin.com/trademanager/excel/ Frame DC9E 		549 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/trademanager/excel/excel-Submit-0.png
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3ddbd5a8dea7f9743b3d9a9821e219f33c21a91088f27424dba087c208870b

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d0db7ec2f4-FRA
excel2013.png
xylocybin.com/trademanager/excel/ Frame DC9E 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/trademanager/excel/excel2013.png
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d68907dc3aba1d0be80f20a3f1b5d40dee98469ad512d14225a2712b0fd97c

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
573b71d2be5ac2f4-FRA
ndhui.css
xylocybin.com/trademanager/excel/ Frame DC9E 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.css
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71d2de82c2f4-FRA
ndhui.js
xylocybin.com/trademanager/excel/ Frame DC9E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://xylocybin.com/trademanager/excel/ndhui.js?0=0&0=0&0=0
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xylocybin.com/trademanager/excel/login.php?login=&sfm_from_iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 14 Mar 2020 05:02:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
573b71d2de86c2f4-FRA
loading.gif
xylocybin.com/trademanager/excel/ Frame DC9E 		673 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xylocybin.com/trademanager/excel/loading.gif
Requested by
Host: xylocybin.com
URL: https://xylocybin.com/trademanager/excel/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a526a07a078d736e5c9d67d8479dd54072b7e5c6ddd2cd466f86a086e49ef5

Request headers

Referer
https://xylocybin.com/trademanager/excel/excel.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Sat, 14 Mar 2020 05:02:48 GMT
cf-cache-status
MISS
last-modified
Tue, 10 Apr 2018 08:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
573b71d2fedac2f4-FRA
content-length
673

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer) Excel / PDF download (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| sfm_refresh_captcha function| sfm_hyper_link_popup function| sfm_popup_form function| sfm_window_popup_form function| sfmFormObj function| sfm_show_loading_on_formsubmit function| sfm_clear_form function| sfm_init_special_action_button function| sfm_init_default_text object| $ifr

2 Cookies

Domain/Path Name / Value
.xylocybin.com/ Name: __cfduid
Value: de24f087e62b3b2893a2cd65ab371f94e1584162167
.xylocybin.com/ Name: cf_clearance
Value: 0493adf1a7de798556cae63663aed3ff7dc0493e-1584162167-0-150

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN