xn--v4r82wypf.mfhlw.xyz Open in urlscan Pro Puny
嘈惁枟.mfhlw.xyz IDN
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1a.hdqdh1.buzz/
Effective URL:
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Submission: On December 24 via api (December 24th 2024, 11:17:10 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 24 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is xn--v4r82wypf.mfhlw.xyz.
TLS certificate: Issued by WE1 on December 11th 2024. Valid for: 3 months.

This is the only time xn--v4r82wypf.mfhlw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.177.101 172.67.177.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.66.45.48 172.66.45.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.174.73 172.67.174.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	172.67.132.30 172.67.132.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.211.86 172.67.211.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.148.75 172.67.148.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.188.25 172.67.188.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.187.102 172.67.187.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.209.251 172.67.209.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	10

1 172.67.177.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1a.hdqdh1.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.66.45.48 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lym301.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.73 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--6wtym.ppxkt1.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--v4r82wypf.mfhlw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.132.30 (United States)

ASN13335 (CLOUDFLARENET, US)

www.58sj.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.211.86 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--v4r82wypf.mfhlw1.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.148.75 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--v4r82wypf.mfhlw2.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.188.25 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--v4r82wypf.mfhlw3.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.187.102 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--v4r82wypf.mfhlw4.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.209.251 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--v4r82wypf.mfhlw5.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mfhlw.xyz 1 redirects xn--v4r82wypf.mfhlw.xyz	55 KB
3	pages.dev 1 redirects lym301.pages.dev	6 KB
2	mfhlw5.buzz xn--v4r82wypf.mfhlw5.buzz	2 KB
2	mfhlw4.buzz xn--v4r82wypf.mfhlw4.buzz	2 KB
2	mfhlw3.buzz xn--v4r82wypf.mfhlw3.buzz	2 KB
2	mfhlw2.buzz xn--v4r82wypf.mfhlw2.buzz	2 KB
2	mfhlw1.buzz xn--v4r82wypf.mfhlw1.buzz	2 KB
2	58sj.top www.58sj.top	25 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	ppxkt1.buzz 1 redirects xn--6wtym.ppxkt1.buzz	487 B
1	hdqdh1.buzz 1 redirects 1a.hdqdh1.buzz	525 B
24	12

	Domain	Requested by
9	xn--v4r82wypf.mfhlw.xyz	1 redirects lym301.pages.dev xn--v4r82wypf.mfhlw.xyz
3	lym301.pages.dev	1 redirects
2	xn--v4r82wypf.mfhlw5.buzz	xn--v4r82wypf.mfhlw.xyz
2	xn--v4r82wypf.mfhlw4.buzz	xn--v4r82wypf.mfhlw.xyz
2	xn--v4r82wypf.mfhlw3.buzz	xn--v4r82wypf.mfhlw.xyz
2	xn--v4r82wypf.mfhlw2.buzz	xn--v4r82wypf.mfhlw.xyz
2	xn--v4r82wypf.mfhlw1.buzz	xn--v4r82wypf.mfhlw.xyz
2	www.58sj.top	xn--v4r82wypf.mfhlw.xyz www.58sj.top
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	xn--v4r82wypf.mfhlw.xyz
1	xn--6wtym.ppxkt1.buzz	1 redirects
1	1a.hdqdh1.buzz	1 redirects
24	12

This site contains no links.

Subject Issuer	Validity	Valid
lym301.pages.dev WE1	`2024-12-02` - `2025-03-02`	3 months	crt.sh
mfhlw.xyz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
58sj.top WE1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
mfhlw1.buzz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
mfhlw2.buzz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
mfhlw3.buzz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
mfhlw4.buzz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
mfhlw5.buzz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Frame ID: 34FBE6BEB36AAC129E40D4BCFEC84DD6
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

免费黑料网福利站发布

Page URL History Show full URLs

http://1a.hdqdh1.buzz/ HTTP 307
https://1a.hdqdh1.buzz/ HTTP 301
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA.html HTTP 308
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA Page URL
https://xn--6wtym.ppxkt1.buzz/duoziyuan/?undefined HTTP 301
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93 HTTP 301
http://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/ HTTP 307
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

17 %
IPv6

12
Domains

12
Subdomains

10
IPs

3
Countries

203 kB
Transfer

518 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1a.hdqdh1.buzz/ HTTP 307
https://1a.hdqdh1.buzz/ HTTP 301
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA.html HTTP 308
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA Page URL
https://xn--6wtym.ppxkt1.buzz/duoziyuan/?undefined HTTP 301
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93 HTTP 301
http://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/ HTTP 307
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://1a.hdqdh1.buzz/ HTTP 307
https://1a.hdqdh1.buzz/ HTTP 301
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA.html HTTP 308
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA Show response
lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/
Redirect Chain

http://1a.hdqdh1.buzz/
https://1a.hdqdh1.buzz/
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA.html
https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA

5 KB
3 KB

30ms
29ms

Document
text/html

172.66.45.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199f0a67f447c5edabd95304b2eabdd0cbf75ec422ef0a6c764b4652a5e2fd21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8f702edda8ec694b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Dec 2024 11:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8lUEB2qfod74IKKnZWrRHLlGnrdIos4%2Bfm6mrNqky85S1V3TWGOunIjTc2hymmAQjaeV7ZVR3JbcYgqBgoBqJ2qg03dlyaB%2FtVzNAb0T6vDsjpoahsdGPC3%2BNbWMfH56w4H"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=10102&min_rtt=7439&rtt_var=3016&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4903&recv_bytes=4978&delivery_rate=20599&cwnd=12000&unsent_bytes=0&cid=4c5b7233c68b487f&ts=86&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8f702edd68d0694b-FRA
content-length: 0
date: Tue, 24 Dec 2024 11:17:06 GMT
location: /寡厹彵/国富民强
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vXbAYtCBCoedQymiVSk4Wwf%2BgfzyNdfc1WMkYSBc%2FP2sQ%2FN%2B9jzgSswkIRoAvVVZoh%2BVvsZeiuBbCpmTucasHUMp7XBw%2BOSJS2tn55ATk0Bt0pAPb3w8MAjQBmS%2B09qTh9O"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=9989&min_rtt=7439&rtt_var=3720&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4500&delivery_rate=78225&cwnd=12000&unsent_bytes=0&cid=4c5b7233c68b487f&ts=42&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 favicon.ico
lym301.pages.dev/ 4 KB
3 KB 46ms
45ms Other
text/html 172.66.45.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lym301.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a4fecaaca6345786d1c69f68d03ff6ac717e18e8ba1aca520281cbb861ae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJy7%2BNYLHjGXgCArhQ%2BTTxONhZkIp%2BoLn9QeHXDWpF1uPz5IfO9iMF4TbXs6sGPmU3zZMuEVMillGzzJD19GZykI72wID4avBLtrdAyOjBec%2F6AVPQbdhmOaZT%2BpSN%2FvVqZb"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f702eddf90c694b-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9327&min_rtt=6636&rtt_var=3030&sent=19&recv=14&lost=0&retrans=0&sent_bytes=7775&recv_bytes=5461&delivery_rate=101742&cwnd=12000&unsent_bytes=0&cid=4c5b7233c68b487f&ts=157&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

Primary Request / Show response
xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Redirect Chain

https://xn--6wtym.ppxkt1.buzz/duoziyuan/?undefined
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93
http://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

12 KB
5 KB

187ms
187ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Requested by: Host: lym301.pages.dev
URL: https://lym301.pages.dev/%E5%AF%A1%E5%8E%B9%E5%BD%B5/%E5%9B%BD%E5%AF%8C%E6%B0%91%E5%BC%BA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8761be030e23a31c4c1363009399ba1397ca76983753697a5bb3932de47252f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f702ee71ca465e0-FRA
content-encoding: zstd
content-type: text/html
date: Tue, 24 Dec 2024 11:17:08 GMT
last-modified: Sun, 29 Sep 2024 03:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwCnFTL%2FFS1j1X5EXb5bC0KBd4b5EOtsqcXFPVBlRq85b1BEAlfrD9iQp6deSkQJn5cFpvJgPInhxefkxlc5bMeY6P95oTgsFB1QaVwi4nHzmQlBezgZvsA1IhTcbSEV2an10R2Rgv9upw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=7195&min_rtt=6278&rtt_var=2212&sent=17&recv=13&lost=0&retrans=0&sent_bytes=5132&recv_bytes=5004&delivery_rate=144770&cwnd=12000&unsent_bytes=0&cid=96f7f404efab8eef&ts=553&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 css.css
xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/css/ 3 KB
2 KB 17ms
16ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/css/css.css
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50b3809e34fe4694c036cbfd741b3f4af6f32106d7f18f1454cebdf619c3cd87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5b3ba39a-d8a"
age: 36896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2BMNUScGlm%2BZLnH%2FmZl2c8d7UsBFUQl7JmfYXMMpP4q51wCIdyKnQa8%2FDmNyROHZUC%2B54gq3TItHFUMfbDU4sVokgBNxqU6CiwchCF%2BPMNTMCM6eso8BTs4m1yPNAH8Y7FJIQJLbdzMx9w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 13:02:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=6278&rtt_var=1529&sent=22&recv=19&lost=0&retrans=0&sent_bytes=9920&recv_bytes=6506&delivery_rate=25264&cwnd=12000&unsent_bytes=0&cid=96f7f404efab8eef&ts=577&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: text/css
last-modified: Tue, 03 Jul 2018 16:26:02 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702ee84dba65e0-FRA
server: cloudflare

GET
H3 200 jquery.min.js Show response
xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/js/ 82 KB
33 KB 17ms
17ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/js/jquery.min.js
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5b3ba396-14938"
age: 36896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrRW9qvDKlxFvKuu8PV2KPHARzNRLIdDxvZcDDPJhbphY%2F6FKs6SKhFPmIZfWL4MHcsGDOeNgqe4KC7hP7vUxgkStfbEi3m0D9hKiZIKKq7Tgk0fhc5e1QbVICUkMnGeURzr4llOzH8t9A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 13:02:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=6278&rtt_var=1529&sent=24&recv=19&lost=0&retrans=0&sent_bytes=11792&recv_bytes=6506&delivery_rate=25264&cwnd=12000&unsent_bytes=0&cid=96f7f404efab8eef&ts=578&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: application/javascript
last-modified: Tue, 03 Jul 2018 16:25:58 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702ee84dbb65e0-FRA
server: cloudflare

GET
H3 200 uaredirect.js Show response
xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/js/ 819 B
1 KB 23ms
23ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/js/uaredirect.js
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1cac245a9daa0ff3a9e12ad5ff809822d35742803f040960531fffff3131f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"5b3ba396-333"
age: 36896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDCXCUS69vriQFG6Qarv5Ynh6KOtDLE9i7MzCIY4Osu8jIilPb3muTDv%2FWNdT%2Fl9oAQL43EegeDvYHY7y6wMyKO9Gb3GPyIgSX7tCQEGi%2FlcuH2A2HR%2BI9nsnHwa8HC7T1YIR2pcuvsIIA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 13:02:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=6278&rtt_var=1529&sent=33&recv=19&lost=0&retrans=0&sent_bytes=21920&recv_bytes=6506&delivery_rate=25264&cwnd=12000&unsent_bytes=0&cid=96f7f404efab8eef&ts=582&x=1", cfExtPri, cfHdrFlush;dur=2
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: application/javascript
last-modified: Tue, 03 Jul 2018 16:25:58 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702ee84dbc65e0-FRA
server: cloudflare

GET
H3 200 logo.png
xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/images/ 10 KB
11 KB 24ms
24ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/images/logo.png
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d4e6ee27707bf1b2537cd8ef6cb25d64d2cd96e6a4221ce2d53d5f195a132a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66bdbf59-2775"
age: 1743943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4N%2FkBuFamm49UfILWENAD922mtbMiFGHzlvJXn9fsRvpi5lOmVtI4zKN%2F83hfKqEatXw9S4VorLfIMnNBonQwsyZ2Y7O9okO8SuKsoACW2zYGrLopiLneqwZrIq2WVTn5sWuVYD0lWzCmg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 06:51:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=6278&rtt_var=1529&sent=33&recv=19&lost=0&retrans=0&sent_bytes=21920&recv_bytes=6506&delivery_rate=25264&cwnd=12000&unsent_bytes=0&cid=96f7f404efab8eef&ts=578&x=1", cfExtPri, cfHdrFlush;dur=6
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: image/png
last-modified: Thu, 15 Aug 2024 08:42:01 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702ee84dbd65e0-FRA
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 79ms
35ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VTWN254XSJ

Requested by

Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd14304f7c1088b25449450bc3bdc40f6b96c62381450b60ae08037e743ab039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 11:17:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109872
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 Matomo.js Show response
xn--v4r82wypf.mfhlw.xyz/ 510 B
1 KB 367ms
367ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw.xyz/Matomo.js?0.4477868497790307
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52eace504a9f73bf69a3d66e7542e17d655287bd50671fea6521a6c9236c9d62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"67472afd-1fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5qfz0mRulzx8L5y8W7rol3Iv4M48MHpS5En5UhnNGQk1jD8r91IiSXWTMM4xbWCg7x2CDRMZnTC0rQdwgqvEW7xgn%2BktfDBA1zJlS06nS%2BdHUeZIQOAeq2eDO3IZRgkralIfNtMMZuXTsw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8620&min_rtt=6169&rtt_var=1814&sent=72&recv=44&lost=0&retrans=0&sent_bytes=60624&recv_bytes=8232&delivery_rate=102395&cwnd=32400&unsent_bytes=0&cid=96f7f404efab8eef&ts=970&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 14:21:49 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702ee88dfc65e0-FRA
server: cloudflare

GET
H3 200 shaow_bg.png
xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/images/ 9 KB
2 KB 17ms
17ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/images/shaow_bg.png
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b56c3f42adef2886d607eb0ec3bd0cae11020e78371b90a9da9ede536affa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/css/css.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5b3ba3a0-2209"
age: 1743943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qddjPZI2KCkq7WbzX0p%2FD9OkxU3CBBJeOVZXQYymx8tZpNHGhKQf7edgmk8rXPpMfsnF2bIPxcDnd8dFWJt7rS4dTdxR8EQFB3ZNH76geTewnX2g7GQPFXwEUtJGvAEb8OEwrLWsYnCsw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 03 Jan 2025 06:51:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8890&min_rtt=6169&rtt_var=1697&sent=70&recv=43&lost=0&retrans=0&sent_bytes=58860&recv_bytes=8188&delivery_rate=227952&cwnd=32400&unsent_bytes=0&cid=96f7f404efab8eef&ts=620&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: image/png
last-modified: Tue, 03 Jul 2018 16:26:08 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702ee88dff65e0-FRA
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 54ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VTWN254XSJ&gtm=45je4cc1v9196317692za200&_p=1735039028561&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=103772489.1735039029&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735039028&sct=1&seg=0&dl=https%3A%2F%2Fxn--v4r82wypf.mfhlw.xyz%2F%E5%A4%AF%E6%AC%93%2F&dt=%E5%85%8D%E8%B4%B9%E9%BB%91%E6%96%99%E7%BD%91%E7%A6%8F%E5%88%A9%E7%AB%99%E5%8F%91%E5%B8%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=822
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VTWN254XSJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://xn--v4r82wypf.mfhlw.xyz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 11:17:08 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 matomo.js Show response
www.58sj.top/ 66 KB
25 KB 632ms
14ms Script
application/javascript 172.67.132.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.58sj.top/matomo.js
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/Matomo.js?0.4477868497790307
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89e35b18e2ddd93f040839eb32f71a22a7781f27fca6e294f9405d5fb0ea2cc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6765b519-107aa"
age: 22125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4C7CvcyCF5nyT1TtQ%2FWJx8Y9tsTy4vuyDai2a1vruZn2nkMr7JujNqMil3qYKSWiXeNkckd16hUDsgyw5vxHmJJE62fCtplXkvjC9gt3WdvQwKOSr4jN90OE738bMpU%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 17:08:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6402&min_rtt=6144&rtt_var=1498&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4147&recv_bytes=4328&delivery_rate=94715&cwnd=12000&unsent_bytes=0&cid=933fe03b31d2d3ef&ts=18&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 18:19:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eeebaf0d275-FRA
server: cloudflare

GET
H3 200 aj1.js Show response
xn--v4r82wypf.mfhlw1.buzz/ymff/ 147 B
892 B 374ms
349ms Script
application/javascript 172.67.211.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw1.buzz/ymff/aj1.js?0.523715018588649
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b393c3ba7c4e16cf0424b716244541c2138b8c430bf076ae28a07b704b7b26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c1cebb-93"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7a9Ia3lFrUmTiuZiebISDAbkLirB70NZjWsf2EbxSA5r6T6p4kuGZEfd%2BCklFC9gir25EPxjiTxQNvTq1ZNxPuE1yCuLHWYhfos1TNHYyIhCDEH4gi8bWfR%2BY4V%2FZy8wS6jcFWlp0y%2Bh%2Bdo"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6420&min_rtt=6222&rtt_var=1097&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4488&delivery_rate=891&cwnd=12000&unsent_bytes=0&cid=32e5bbbfe0b9467b&ts=354&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Sun, 18 Aug 2024 10:36:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eeb0ac618fb-FRA
server: cloudflare

GET
H3 200 aj2.js Show response
xn--v4r82wypf.mfhlw2.buzz/ymff/ 147 B
890 B 384ms
358ms Script
application/javascript 172.67.148.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw2.buzz/ymff/aj2.js?0.7077915964134438
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91b85df3679c9ee5c74649c6e521be3f5c2289f1a5e9b8be351fe2bb6007712d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c1cebc-93"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcMp%2FARk28TjzA%2FVra%2BLQJiBO17K1O6j2uuBL0tyUJa8j8C36DQ7bst3pGQ109a1wDwpQLhO%2F%2FkvfXZQ3%2B49w131Z1JTAbyShM7kMOlyOrc5XLiZ1i7SHlEqqDqh1CKCRgU5JvEOPFedkpSZ"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6691&min_rtt=6436&rtt_var=1294&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4491&delivery_rate=868&cwnd=12000&unsent_bytes=0&cid=06f6d91b5cd113e8&ts=363&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Sun, 18 Aug 2024 10:36:44 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eeb0db835ff-FRA
server: cloudflare

GET
H3 200 aj3.js Show response
xn--v4r82wypf.mfhlw3.buzz/ymff/ 147 B
888 B 373ms
341ms Script
application/javascript 172.67.188.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw3.buzz/ymff/aj3.js?0.6904769557895294
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a496a6e8fa7e3540386f0c46d01f90fdeaf8318f9a1925ed472b70e03988a9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c1cebd-93"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Gm4MLIqBloMmzhxwzaeFaniNMIZ7qrGHzadXXHAUq09Amw3dEmi7AjgV43%2F0fzyRNkAAgbwc1tkei9OR8iqYmr0uen7A4vU0k1jPCk5%2BiCDmyMnnfnOGeOBrECdbVSKGV8tBKwzOEUxRSmM"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7755&min_rtt=6689&rtt_var=2513&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4200&recv_bytes=5740&delivery_rate=866&cwnd=12000&unsent_bytes=0&cid=5e30e3e15dcdf3b9&ts=351&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Sun, 18 Aug 2024 10:36:45 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eeb08a45d9a-FRA
server: cloudflare

GET
H3 200 aj4.js Show response
xn--v4r82wypf.mfhlw4.buzz/ymff/ 147 B
887 B 374ms
348ms Script
application/javascript 172.67.187.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw4.buzz/ymff/aj4.js?0.34834103140416817
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600ca85b4a33010334ec77f6b1dc9e8008cac705d7c284717e6b798ae41389f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c1cebe-93"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ONnUJ43E0l%2BQre7xLLApw%2F0K2QvHezahKw9uunVgGtdY%2BIzi8XRy2lNDL0WjIMqDGwVZ9OulSVsZiwu9D4BCwB3uhLqBgGCAH38oAh5uCII1pBRQeE7X535TSR3cTe4a7bh7dRnkDB8tTuk"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7044&min_rtt=6344&rtt_var=1436&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4489&delivery_rate=874&cwnd=12000&unsent_bytes=0&cid=b24bb85d97346d56&ts=353&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Sun, 18 Aug 2024 10:36:46 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eeb0bf0dccc-FRA
server: cloudflare

GET
H3 200 aj5.js Show response
xn--v4r82wypf.mfhlw5.buzz/ymff/ 172 B
891 B 359ms
333ms Script
application/javascript 172.67.209.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw5.buzz/ymff/aj5.js?0.6445476174969809
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e18f995b5c6411adc91a8eb1d464c29c65548f41ba66678917e0bb38bc57220

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c1cebf-ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPkh3V3hoLo%2BxyJhhPpH0nVnkzxYqkpp4NBPXzyIc5lEfuZKvRu1x92PCJemfcAfzGbp5ZjI4qQnc%2B%2Bo8xFCh0Cso1iHaWG8X5qQTXTATCj3LVhDZhS7lNjDZmFMSzdb7ercyOG%2FYM4wIN1K"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7047&min_rtt=6506&rtt_var=1366&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4139&recv_bytes=4487&delivery_rate=879&cwnd=12000&unsent_bytes=0&cid=d62f5c6bdbcff9e1&ts=337&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Sun, 18 Aug 2024 10:36:47 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eeb0e57d28e-FRA
server: cloudflare

GET
H3 200 tz1.js Show response
xn--v4r82wypf.mfhlw1.buzz/ymff/ 255 B
921 B 329ms
329ms Script
application/javascript 172.67.211.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw1.buzz/ymff/tz1.js?0.30993803751622884
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ab2f2b01808fae8c8d98155ce45e492ca0ea5f1499b7e85ce616f98d44ebda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c1cf86-ff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfCavLjJmZBp6dKCzHIXz9Dmn9gcVxA83WpyVL6mzk29dMytrBa9%2BnnvszT4qvde9%2FfeL2qV0ttal30NZAhgpnhpDrygkqW4aUpwuAFXTFA2frJv5wRPWWRE3vQ6w6xfLNQXxJd%2Fgqgc9PEW"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6418&min_rtt=6222&rtt_var=826&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5124&recv_bytes=4916&delivery_rate=146535&cwnd=12000&unsent_bytes=0&cid=32e5bbbfe0b9467b&ts=696&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Sun, 18 Aug 2024 10:40:06 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eed4cbc18fb-FRA
server: cloudflare

GET
H3 200 tz2.js Show response
xn--v4r82wypf.mfhlw2.buzz/ymff/ 255 B
928 B 338ms
338ms Script
application/javascript 172.67.148.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw2.buzz/ymff/tz2.js?0.2828144590602726
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53eae61a45b44f04e5eed2d83b13cc8738c01ca4823bb4c79d80a39ea2c1d713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66bde719-ff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GsfQ0gBsLh%2FHyxDPbn6XQq8G5N3QRgprRw3MF3jxZFeWR4TDkIZrLA2th%2FKUs%2FrmxnJq9q6VqhZKoBWj%2B1cqgUnbQt5JyONRpX6vmpAlOQQxNes3b%2BVAzZ%2F1trqqe7U6bipTj%2BkmTPAhMS7l"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6640&min_rtt=6287&rtt_var=1071&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5118&recv_bytes=4918&delivery_rate=149019&cwnd=12000&unsent_bytes=0&cid=06f6d91b5cd113e8&ts=704&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 11:31:37 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eed4faf35ff-FRA
server: cloudflare

GET
H3 200 tz3.js Show response
xn--v4r82wypf.mfhlw3.buzz/ymff/ 255 B
922 B 367ms
366ms Script
application/javascript 172.67.188.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw3.buzz/ymff/tz3.js?0.1346899444571923
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492fac708f42a7df2cea565582ee6af11b7ea77f26ad867e9be299c204992d7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66bde71a-ff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clI%2FvIVk0oNbOsdF0cF2BTkkS4SvnljXJWBIZA9GFT3G%2BDitKngWpOnazDTr2KUI1GoUmf3Pi0AA9icCycl7h4YDER%2FvsTQthespUXTcf8XS%2Fe4GCW3ZK6c1CUf8LRf39ZMNZogU4JE5wB%2Fe"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9442&min_rtt=6689&rtt_var=5260&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5135&recv_bytes=6131&delivery_rate=42858&cwnd=12000&unsent_bytes=0&cid=5e30e3e15dcdf3b9&ts=731&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 11:31:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eed49b65d9a-FRA
server: cloudflare

GET
H3 200 tz4.js Show response
xn--v4r82wypf.mfhlw4.buzz/ymff/ 255 B
925 B 349ms
349ms Script
application/javascript 172.67.187.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw4.buzz/ymff/tz4.js?0.9242165715055322
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83726868e4a69a0b241b7819090b8c05a289a3096288e83805fe4cb48f53a397

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66bde71b-ff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsTOpTEZVCfodNFqtGBw%2FbgBl%2Flk9MWEWyivmLFedCniD1RAgrbPhMM2KbJsmxFNtSea6neJVpUOf%2Fx7szvacWsJUvvj0fOJnCwKu3y7uyfnjMKRFlgLf48rz%2Bnn5XtLdqHMa5pkm5KHl%2Bck"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6957&min_rtt=6344&rtt_var=1250&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5093&recv_bytes=4916&delivery_rate=147028&cwnd=12000&unsent_bytes=0&cid=b24bb85d97346d56&ts=714&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 11:31:39 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eed481ddccc-FRA
server: cloudflare

GET
H3 200 tz5.js Show response
xn--v4r82wypf.mfhlw5.buzz/ymff/ 255 B
921 B 355ms
354ms Script
application/javascript 172.67.209.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw5.buzz/ymff/tz5.js?0.3652448148399625
Requested by: Host: xn--v4r82wypf.mfhlw.xyz
URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8979dbb851fc5bc6e59ee22dceadcdc952a0f26f97c0deb984431c5d94259a02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66bde71c-ff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X00X0yR6LlIN63BBOCHYzDWfca9Go5%2F6tF1%2BKqqOKDEiiDniK1rJvUAnlqGuSNw7kJK%2BnPjndoo8e8RIlHuj9sozkw2TanXgCXWZuUp3B30Iubd05A%2FEiKQCmggvSjZtkCCqErcE8ls8C6cG"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 23:17:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7040&min_rtt=6506&rtt_var=1040&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5100&recv_bytes=4915&delivery_rate=134285&cwnd=12000&unsent_bytes=0&cid=d62f5c6bdbcff9e1&ts=719&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 11:31:40 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f702eed4b06d28e-FRA
server: cloudflare

POST
H3 204 matomo.php
www.58sj.top/ 0
646 B 399ms
399ms Ping
text/html 172.67.132.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.58sj.top/matomo.php?action_name=%E5%85%8D%E8%B4%B9%E9%BB%91%E6%96%99%E7%BD%91%E7%A6%8F%E5%88%A9%E7%AB%99%E5%8F%91%E5%B8%83&idsite=39&rec=1&r=483737&h=12&m=17&s=9&url=https%3A%2F%2Fxn--v4r82wypf.mfhlw.xyz%2F%E5%A4%AF%E6%AC%93%2F&_id=cd9cbcf3ab804aa5&_idn=1&send_image=0&_refts=0&pv_id=aq0y81&pf_net=0&pf_srv=186&pf_tfr=2&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: www.58sj.top
URL: https://www.58sj.top/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://xn--v4r82wypf.mfhlw.xyz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7GLzAqqf0cwLnK4fnlmYQe1GfZPINqQDO36PEUMxzs%2FfWZfVghQuVdP%2BYeiDM2bibEEbD5g5bciQDePrf4p%2FpdbX6Rk6Fsb6%2F8IDEIkQIGHfyYUqk1o5m0JJS1b2uo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f702eeeeb45d275-FRA
access-control-allow-origin: https://xn--v4r82wypf.mfhlw.xyz
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7151&min_rtt=6099&rtt_var=491&sent=35&recv=21&lost=0&retrans=0&sent_bytes=30101&recv_bytes=5574&delivery_rate=1846572&cwnd=22800&unsent_bytes=0&cid=933fe03b31d2d3ef&ts=429&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:09 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
priority: u=4,i

GET
H3 404 favicon.ico
xn--v4r82wypf.mfhlw.xyz/ 548 B
821 B 355ms
355ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--v4r82wypf.mfhlw.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gath3B%2Fm8I4RrmLpVqeukOCW%2BS%2BBnrmEmNJ6VbQGNqEeKB3DmUQLpToLKLCfqDktBZ1Y%2FtRrcuGM80P9Of%2F%2FpXV7tSF%2B6IK79hB8ecZJ9I4pFYyHxp0xkNZx%2FLm9%2BEz6XR4MB144MkkF4A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f702eef9b1565e0-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8315&min_rtt=6169&rtt_var=1970&sent=75&recv=46&lost=0&retrans=0&sent_bytes=61748&recv_bytes=8764&delivery_rate=177725&cwnd=32400&unsent_bytes=0&cid=96f7f404efab8eef&ts=2084&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 11:17:10 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mfhlw.xyz/	1970-01-21 11:33:19	Name: _ga Value: GA1.1.103772489.1735039029
.mfhlw.xyz/	1970-01-21 11:33:19	Name: _ga_VTWN254XSJ Value: GS1.1.1735039028.1.0.1735039028.0.0.0
xn--v4r82wypf.mfhlw.xyz/	1970-01-21 11:23:14	Name: _pk_id.39.d9c2 Value: cd9cbcf3ab804aa5.1735039030.
xn--v4r82wypf.mfhlw.xyz/	1970-01-21 01:57:20	Name: _pk_ses.39.d9c2 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw1.buzz/ymff/aj1.js?0.523715018588649, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw1.buzz/ymff/aj1.js?0.523715018588649, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw2.buzz/ymff/aj2.js?0.7077915964134438, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw3.buzz/ymff/aj3.js?0.6904769557895294, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw4.buzz/ymff/aj4.js?0.34834103140416817, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw5.buzz/ymff/aj5.js?0.6445476174969809, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw1.buzz/ymff/tz1.js?0.30993803751622884, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw1.buzz/ymff/tz1.js?0.30993803751622884, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw2.buzz/ymff/tz2.js?0.2828144590602726, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw3.buzz/ymff/tz3.js?0.1346899444571923, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw4.buzz/ymff/tz4.js?0.9242165715055322, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xn--v4r82wypf.mfhlw.xyz/%E5%A4%AF%E6%AC%93/(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--v4r82wypf.mfhlw5.buzz/ymff/tz5.js?0.3652448148399625, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://xn--v4r82wypf.mfhlw.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a.hdqdh1.buzz
lym301.pages.dev
region1.google-analytics.com
www.58sj.top
www.googletagmanager.com
xn--6wtym.ppxkt1.buzz
xn--v4r82wypf.mfhlw.xyz
xn--v4r82wypf.mfhlw1.buzz
xn--v4r82wypf.mfhlw2.buzz
xn--v4r82wypf.mfhlw3.buzz
xn--v4r82wypf.mfhlw4.buzz
xn--v4r82wypf.mfhlw5.buzz
172.66.45.48
172.67.132.30
172.67.148.75
172.67.174.73
172.67.177.101
172.67.187.102
172.67.188.25
172.67.209.251
172.67.211.86
188.114.97.3
2001:4860:4802:32::36
2a00:1450:4001:81d::2008
199f0a67f447c5edabd95304b2eabdd0cbf75ec422ef0a6c764b4652a5e2fd21
26a4fecaaca6345786d1c69f68d03ff6ac717e18e8ba1aca520281cbb861ae19
3a496a6e8fa7e3540386f0c46d01f90fdeaf8318f9a1925ed472b70e03988a9b
41b393c3ba7c4e16cf0424b716244541c2138b8c430bf076ae28a07b704b7b26
492fac708f42a7df2cea565582ee6af11b7ea77f26ad867e9be299c204992d7e
50b3809e34fe4694c036cbfd741b3f4af6f32106d7f18f1454cebdf619c3cd87
52eace504a9f73bf69a3d66e7542e17d655287bd50671fea6521a6c9236c9d62
53eae61a45b44f04e5eed2d83b13cc8738c01ca4823bb4c79d80a39ea2c1d713
54b56c3f42adef2886d607eb0ec3bd0cae11020e78371b90a9da9ede536affa7
600ca85b4a33010334ec77f6b1dc9e8008cac705d7c284717e6b798ae41389f4
83726868e4a69a0b241b7819090b8c05a289a3096288e83805fe4cb48f53a397
8761be030e23a31c4c1363009399ba1397ca76983753697a5bb3932de47252f4
8979dbb851fc5bc6e59ee22dceadcdc952a0f26f97c0deb984431c5d94259a02
89e35b18e2ddd93f040839eb32f71a22a7781f27fca6e294f9405d5fb0ea2cc3
8e18f995b5c6411adc91a8eb1d464c29c65548f41ba66678917e0bb38bc57220
8e1cac245a9daa0ff3a9e12ad5ff809822d35742803f040960531fffff3131f8
91b85df3679c9ee5c74649c6e521be3f5c2289f1a5e9b8be351fe2bb6007712d
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c4ab2f2b01808fae8c8d98155ce45e492ca0ea5f1499b7e85ce616f98d44ebda
c5d4e6ee27707bf1b2537cd8ef6cb25d64d2cd96e6a4221ce2d53d5f195a132a
cd14304f7c1088b25449450bc3bdc40f6b96c62381450b60ae08037e743ab039
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

xn--v4r82wypf.mfhlw.xyz Open in urlscan Pro Puny 嘈惁枟.mfhlw.xyz IDN 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

17 %IPv6

12 Domains

12 Subdomains

10 IPs

3 Countries

203 kBTransfer

518 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

4 Cookies

13 Console Messages

Security Headers

Indicators

xn--v4r82wypf.mfhlw.xyz Open in urlscan Pro Puny
嘈惁枟.mfhlw.xyz IDN
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

17 %
IPv6

12
Domains

12
Subdomains

10
IPs

3
Countries

203 kB
Transfer

518 kB
Size

4
Cookies

24 HTTP transactions
0 data transactions