urlscan.io logo urlscan.io
SecurityTrails logo

ndfrtg8l.xyz Open in urlscan Pro
115.126.91.247  Public Scan

Go To Rescan Add Verdict Report
URL: https://ndfrtg8l.xyz/
Submission: On May 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 32 HTTP transactions. The main IP is 115.126.91.247, located in Hong Kong and belongs to FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK. The main domain is ndfrtg8l.xyz.
TLS certificate: Issued by R3 on May 9th 2024. Valid for: 3 months.
This is the only time ndfrtg8l.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 5555mt.apk 43 MB
Size: 43 MB (45098400 bytes, 0% done)
Downloaded from: https://mtbqz01820.xz.fyqay.cn/default/0518/195/mt/5555mt.apk

Domain & IP information

IP Address AS Autonomous System
24 115.126.91.247 38186 (FTG-AS-AP...)
3 59.110.185.210 37963 (ALIBABA-C...)
2 172.67.74.152 13335 (CLOUDFLAR...)
2 90.84.161.14 2285 (OCB_HONEY...)
1 1 43.132.140.108 132203 (TENCENT-N...)
1 58.218.215.172 ()
32 5
24    115.126.91.247 (Hong Kong)

ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)
ndfrtg8l.xyz
3    59.110.185.210 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
mt55.oss-cn-beijing.aliyuncs.com
2    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
2    90.84.161.14 (France)

ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR)
8bul5z3zdb12ucm.llwtongxin.top
1    43.132.140.108 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
zlff.vclzkac.com
1    58.218.215.172 (None, )

ASN- ()
mtbqz01820.xz.fyqay.cn
Domain Requested by
24 ndfrtg8l.xyz ndfrtg8l.xyz
3 mt55.oss-cn-beijing.aliyuncs.com ndfrtg8l.xyz
2 8bul5z3zdb12ucm.llwtongxin.top mt55.oss-cn-beijing.aliyuncs.com
2 api.ipify.org mt55.oss-cn-beijing.aliyuncs.com
1 mtbqz01820.xz.fyqay.cn ndfrtg8l.xyz
1 zlff.vclzkac.com 1 redirects
32 6

This site contains links to these domains. Also see Links.

Domain
ntobec.itnhereno8iy.site
Subject Issuer Validity Valid
n85uj4n5.xyz
R3		 2024-05-09 -
2024-08-07		 3 months crt.sh
cn-beijing.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-18 -
2024-10-15		 8 months crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
8bul5z3zdb12ucm.llwtongxin.top
ZeroSSL RSA Domain Secure Site CA		 2024-05-13 -
2024-08-11		 3 months crt.sh
*.fyqay.cn
ZeroSSL RSA Domain Secure Site CA		 2024-05-17 -
2024-08-15		 3 months crt.sh

This page contains 1 frames:

Frame: https://mtbqz01820.xz.fyqay.cn/default/0518/195/mt/5555mt.apk
Frame ID: AF1F88A3DDE41D6E03843C2772B2CCF8
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

蜜桃直播

Detected technologies

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

1216 kB
Transfer

1985 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://zlff.vclzkac.com:7102/default/mt/5555mt.apk HTTP 302
  • https://mtbqz01820.xz.fyqay.cn/default/0518/195/mt/5555mt.apk

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ndfrtg8l.xyz/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
11f37d1b0dd99ac4d3123984451317718aba4d55ab5ea78ded3356e74e158dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 18 May 2024 11:59:22 GMT
ETag
W/"6641f3e4-280e"
Last-Modified
Mon, 13 May 2024 11:05:08 GMT
Server
cdn
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-Status
MISS
reset.css
ndfrtg8l.xyz/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/css/reset.css
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
66f55787b51527f9a9ae3d24f92465ccceb5dd9bd722bdc8adce396a19120ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sun, 12 Mar 2023 09:15:51 GMT
Server
cdn
ETag
W/"640d9847-694"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:09 GMT
global.css
ndfrtg8l.xyz/static/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/css/global.css
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
6eef0b641e329e32428301dd6b6469df75f112a449454fb4bad82cbbcc7ffadc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sun, 12 Mar 2023 11:32:35 GMT
Server
cdn
ETag
W/"640db853-1551"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
swiper.min.css
ndfrtg8l.xyz/static/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/css/swiper.min.css
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sun, 12 Mar 2023 09:15:51 GMT
Server
cdn
ETag
W/"640d9847-4570"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
swiper.min.js
ndfrtg8l.xyz/static/js/ 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/js/swiper.min.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
22e71b3903e3ea2b53d152b34a85790f0e6bc2b8dd6795c805909c1b69ae2583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 11:53:38 GMT
Server
cdn
ETag
W/"641ee0c2-178b6"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
jquery-1.8.3.min.js
ndfrtg8l.xyz/static/js/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/js/jquery-1.8.3.min.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 11:53:38 GMT
Server
cdn
ETag
W/"641ee0c2-16dc4"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
main.js
ndfrtg8l.xyz/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/js/main.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
9edb1fb67af11d4cb8c130f96e64a4980f3fcd5911c516813d5a5dfc9e2fb0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 11:53:38 GMT
Server
cdn
ETag
W/"641ee0c2-778"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
scroll.js
ndfrtg8l.xyz/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/js/scroll.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
9d32626d5434d8d6b280b657c6fc9ef059b673083ca98f8853c2af884f517cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 11:53:38 GMT
Server
cdn
ETag
W/"641ee0c2-1184"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
pop-scroll.js
ndfrtg8l.xyz/static/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/js/pop-scroll.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
6e8c71040028cec52dff0a28fceb6c57b7d148c83865d39e0de2f7ff3b332180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:22 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 11:53:40 GMT
Server
cdn
ETag
W/"641ee0c4-4450"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:10 GMT
00e6a00074282.gif
ndfrtg8l.xyz/static/picture/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/00e6a00074282.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
71e20e90051a55b3a88d0449f7c857baaeb16ee2b4d6d8cdd354175023e5c059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 14 Apr 2023 05:33:58 GMT
Server
cdn
ETag
"6438e5c6-216ef"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136943
Expires
Sat, 15 Jun 2024 10:50:25 GMT
9554bd1737fdb.gif
ndfrtg8l.xyz/static/picture/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/9554bd1737fdb.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
72ec86c25c6b2eed8d73df194f1eb48b1b370e82e050750e030d540143c3bff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 14 Apr 2023 05:40:22 GMT
Server
cdn
ETag
"6438e746-24b33"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
150323
Expires
Sat, 15 Jun 2024 10:50:26 GMT
ba1753f7c6add.gif
ndfrtg8l.xyz/static/picture/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/ba1753f7c6add.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
f1f085112cd412ddf1b22b51b7214fe10034273b59f23e89d5f9b74cb9550bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 14 Apr 2023 05:41:21 GMT
Server
cdn
ETag
"6438e781-2776d"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
161645
Expires
Sat, 15 Jun 2024 10:50:25 GMT
edc8a63dffe7e.gif
ndfrtg8l.xyz/static/picture/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/edc8a63dffe7e.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
9a3837dbb7ee801a994f65dbc93352b65311d4896316c33b53b6b41e48dac9b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 14 Apr 2023 05:42:10 GMT
Server
cdn
ETag
"6438e7b2-25f48"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155464
Expires
Sat, 15 Jun 2024 10:50:26 GMT
23.gif
ndfrtg8l.xyz/static/picture/ 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/23.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
bcb81c286039e0c3d8f292ea6cb822aeec4729db88f149e45f0ab869aac863b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 14 Apr 2023 05:37:13 GMT
Server
cdn
ETag
"6438e689-30d50"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200016
Expires
Sat, 15 Jun 2024 10:50:25 GMT
kf.png
ndfrtg8l.xyz/static/picture/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/kf.png
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
f478586ab8dd824c6cefa04c38e473482091b3f5dd25c4be24a23a627efcf59c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:24 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 12 Mar 2023 09:15:51 GMT
Server
cdn
ETag
"640d9847-a411"
X-Cache-Status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42001
Expires
Sat, 15 Jun 2024 10:50:26 GMT
80947216fd640.gif
ndfrtg8l.xyz/static/picture/ 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/80947216fd640.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
5042998788cf7f2037ab40d8943cb9d835b43885409335a939454649a1f6c7cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:24 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 14 Apr 2023 05:38:38 GMT
Server
cdn
ETag
"6438e6de-3eaf4"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
256756
Expires
Sat, 15 Jun 2024 10:50:39 GMT
index.js
ndfrtg8l.xyz/static/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/static/js/index.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
048f6ac5a51f1662e7d79e990431f00bd663591f0fd56ba3e4fd9a0eedc88be8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 11:53:38 GMT
Server
cdn
ETag
W/"641ee0c2-26d5"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 00:32:11 GMT
servers.js
mt55.oss-cn-beijing.aliyuncs.com/ 		182 B
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mt55.oss-cn-beijing.aliyuncs.com/servers.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.185.210 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
415e56ce4a37af78980a17a1e2b3441282d0d09cc257e0fff2e40e12328d78bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:24 GMT
x-oss-request-id
6648981C538DFF3133C4786A
Content-MD5
nUJyQiS8Xi6q0I3jNL97/w==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
182
x-oss-object-type
Normal
Last-Modified
Mon, 13 May 2024 11:03:29 GMT
Server
AliyunOSS
ETag
"9D42724224BC5E2EAAD08DE334BF7BFF"
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14288957932885392489
x-oss-server-time
6
mt.js
mt55.oss-cn-beijing.aliyuncs.com/ 		147 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mt55.oss-cn-beijing.aliyuncs.com/mt.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.185.210 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
fc678875d21a4d0489b29554d1d82cdc00a1de159a0ce6d4e2cfdc8d87ddad07

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:24 GMT
x-oss-request-id
6648981C5A53BB34349715BB
Content-MD5
7tamsPNAmi5VAZa/Guldww==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
147
x-oss-object-type
Normal
Last-Modified
Mon, 13 May 2024 11:11:45 GMT
Server
AliyunOSS
ETag
"EED6A6B0F3409A2E550196BF1AE95DC3"
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
179922845381844480
x-oss-server-time
3
OpenInstall.js
mt55.oss-cn-beijing.aliyuncs.com/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mt55.oss-cn-beijing.aliyuncs.com/OpenInstall.js
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.185.210 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
85ccbca884b6a07a5d907b95850bc60dda8b09d0f8c73b5633e3df5522db7101

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:24 GMT
Content-Encoding
gzip
x-oss-request-id
6648981C5B40CC3130D69ED8
Content-MD5
we9R8XuLzTLDUnnGo11wIQ==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Wed, 15 May 2024 06:02:54 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7019571542741598566
x-oss-server-time
18
newtl.png
ndfrtg8l.xyz/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/images/newtl.png
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/static/css/global.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
6a99cec968d7de3affe180eadbe644fdd28549d187d04041b1331a3d91d22d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/static/css/global.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:25 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 12 Mar 2023 09:15:51 GMT
Server
cdn
ETag
"640d9847-51e"
X-Cache-Status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1310
Expires
Sat, 15 Jun 2024 10:50:39 GMT
lunbobg.png
ndfrtg8l.xyz/static/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/images/lunbobg.png
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/static/css/global.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
49c6fc6872c960b9f9fa377af798f8a79e1dbf842ef17f227a5e4df7af5a5527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/static/css/global.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:24 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 12 Mar 2023 09:15:51 GMT
Server
cdn
ETag
"640d9847-9886"
X-Cache-Status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39046
Expires
Sat, 15 Jun 2024 10:50:38 GMT
00e6a00074282.gif
ndfrtg8l.xyz/static/picture/ 		134 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/00e6a00074282.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
71e20e90051a55b3a88d0449f7c857baaeb16ee2b4d6d8cdd354175023e5c059

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Last-Modified
Fri, 14 Apr 2023 05:33:58 GMT
Server
cdn
ETag
"6438e5c6-216ef"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
136943
Expires
Sat, 15 Jun 2024 10:50:25 GMT
9554bd1737fdb.gif
ndfrtg8l.xyz/static/picture/ 		147 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/9554bd1737fdb.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
72ec86c25c6b2eed8d73df194f1eb48b1b370e82e050750e030d540143c3bff5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Last-Modified
Fri, 14 Apr 2023 05:40:22 GMT
Server
cdn
ETag
"6438e746-24b33"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
150323
Expires
Sat, 15 Jun 2024 10:50:26 GMT
ba1753f7c6add.gif
ndfrtg8l.xyz/static/picture/ 		158 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/ba1753f7c6add.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
f1f085112cd412ddf1b22b51b7214fe10034273b59f23e89d5f9b74cb9550bc8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Last-Modified
Fri, 14 Apr 2023 05:41:21 GMT
Server
cdn
ETag
"6438e781-2776d"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
161645
Expires
Sat, 15 Jun 2024 10:50:25 GMT
edc8a63dffe7e.gif
ndfrtg8l.xyz/static/picture/ 		152 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ndfrtg8l.xyz/static/picture/edc8a63dffe7e.gif
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
9a3837dbb7ee801a994f65dbc93352b65311d4896316c33b53b6b41e48dac9b0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:23 GMT
Last-Modified
Fri, 14 Apr 2023 05:42:10 GMT
Server
cdn
ETag
"6438e7b2-25f48"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
155464
Expires
Sat, 15 Jun 2024 10:50:26 GMT
/
api.ipify.org/ 		22 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: mt55.oss-cn-beijing.aliyuncs.com
URL: https://mt55.oss-cn-beijing.aliyuncs.com/OpenInstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f1f2be00b10bfdfb410585c8bed7a76c3d1790fbca0afaf31bb8db679dd152

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
885bae52de4192c6-FRA
content-length
22
init
8bul5z3zdb12ucm.llwtongxin.top/browse/web/ 		63 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8bul5z3zdb12ucm.llwtongxin.top/browse/web/init?channelCode=1003&av=0&cv=0&hash=&sw=paCm&sh=oaKm&sp=4
Requested by
Host: mt55.oss-cn-beijing.aliyuncs.com
URL: https://mt55.oss-cn-beijing.aliyuncs.com/OpenInstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.14 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
nginx /
Resource Hash
2ab3d2c2661fe0bd143d94ed75b9da817ff2edefbbc2a1b48c79966339b6abe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain
Accept
application/json
Referer
https://ndfrtg8l.xyz/
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:26 GMT
Strict-Transport-Security
max-age=31536000
via
EU-GER-frankfurt-EDGE5-CACHE5[673],EU-GER-frankfurt-EDGE5-CACHE5[ovl,380]
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-CCDN-REQ-ID-46B1
84d1165931c3296dd2c7476e741b3681
Connection
keep-alive
Access-Control-Allow-Headers
*
favicon.ico
ndfrtg8l.xyz/ 		548 B
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ndfrtg8l.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.126.91.247 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
cdn /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:25 GMT
Server
cdn
Connection
keep-alive
Content-Length
548
X-Cache-Status
MISS
Content-Type
text/html
/
api.ipify.org/ 		22 B
98 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: mt55.oss-cn-beijing.aliyuncs.com
URL: https://mt55.oss-cn-beijing.aliyuncs.com/OpenInstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f1f2be00b10bfdfb410585c8bed7a76c3d1790fbca0afaf31bb8db679dd152

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ndfrtg8l.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 11:59:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
885bae58cb5892c6-FRA
content-length
22
clicked
8bul5z3zdb12ucm.llwtongxin.top/ 		104 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8bul5z3zdb12ucm.llwtongxin.top/clicked?channelCode=1003&p=1&ref=https://ndfrtg8l.xyz/&ac=1&cc=1
Requested by
Host: mt55.oss-cn-beijing.aliyuncs.com
URL: https://mt55.oss-cn-beijing.aliyuncs.com/OpenInstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.14 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
nginx /
Resource Hash
0a0aba2b3ce55a4a36a89944a2f0221efdf902952607b86f2e7faffd14b8c840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain
Accept
application/json
Referer
https://ndfrtg8l.xyz/
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 11:59:26 GMT
Strict-Transport-Security
max-age=31536000
via
EU-GER-frankfurt-EDGE5-CACHE6[482],EU-GER-frankfurt-EDGE5-CACHE6[ovl,317]
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-CCDN-REQ-ID-46B1
4154f5d343b007ffa237103f9dbb96ca
Connection
keep-alive
Access-Control-Allow-Headers
*
5555mt.apk
mtbqz01820.xz.fyqay.cn/default/0518/195/mt/
Redirect Chain
  • https://zlff.vclzkac.com:7102/default/mt/5555mt.apk
  • https://mtbqz01820.xz.fyqay.cn/default/0518/195/mt/5555mt.apk
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mtbqz01820.xz.fyqay.cn/default/0518/195/mt/5555mt.apk
Requested by
Host: ndfrtg8l.xyz
URL: https://ndfrtg8l.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.218.215.172 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ndfrtg8l.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Ali-Swift-Global-Savetime
1716033571
Connection
keep-alive
Content-Length
45098400
Content-Type
application/octet-stream
Date
Sat, 18 May 2024 11:59:30 GMT
ETag
"66489718-2b025a0"
EagleId
3adad01d17160335710981334e
Last-Modified
Sat, 18 May 2024 11:55:04 GMT
Server
Tengine
Timing-Allow-Origin
*
Via
cache5.l2cn3059[19,19,200-0,M], cache34.l2cn3059[21,0], kunlun2.cn192[37,36,200-0,M], kunlun9.cn192[38,0]
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Swift-CacheTime
21600
X-Swift-SaveTime
Sat, 18 May 2024 11:59:31 GMT

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 18 May 2024 11:59:27 GMT
location
https://mtbqz01820.xz.fyqay.cn/default/0518/195/mt/5555mt.apk
server
nginx

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Swiper function| $ function| jQuery function| timeTo object| date number| hours object| mySwiper function| test function| testresult number| ran object| servers object| downloadLink string| __encode object| _a object| _0xb483 object| __Ox11612c function| copyText string| apklink undefined| ioslink object| data object| jQuery18305169580632121085

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ndfrtg8l.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8bul5z3zdb12ucm.llwtongxin.top
api.ipify.org
mt55.oss-cn-beijing.aliyuncs.com
mtbqz01820.xz.fyqay.cn
ndfrtg8l.xyz
zlff.vclzkac.com
115.126.91.247
172.67.74.152
43.132.140.108
58.218.215.172
59.110.185.210
90.84.161.14
048f6ac5a51f1662e7d79e990431f00bd663591f0fd56ba3e4fd9a0eedc88be8
0a0aba2b3ce55a4a36a89944a2f0221efdf902952607b86f2e7faffd14b8c840
11f37d1b0dd99ac4d3123984451317718aba4d55ab5ea78ded3356e74e158dd6
22e71b3903e3ea2b53d152b34a85790f0e6bc2b8dd6795c805909c1b69ae2583
2ab3d2c2661fe0bd143d94ed75b9da817ff2edefbbc2a1b48c79966339b6abe7
36f1f2be00b10bfdfb410585c8bed7a76c3d1790fbca0afaf31bb8db679dd152
415e56ce4a37af78980a17a1e2b3441282d0d09cc257e0fff2e40e12328d78bd
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
49c6fc6872c960b9f9fa377af798f8a79e1dbf842ef17f227a5e4df7af5a5527
5042998788cf7f2037ab40d8943cb9d835b43885409335a939454649a1f6c7cf
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
66f55787b51527f9a9ae3d24f92465ccceb5dd9bd722bdc8adce396a19120ffe
6a99cec968d7de3affe180eadbe644fdd28549d187d04041b1331a3d91d22d40
6e8c71040028cec52dff0a28fceb6c57b7d148c83865d39e0de2f7ff3b332180
6eef0b641e329e32428301dd6b6469df75f112a449454fb4bad82cbbcc7ffadc
71e20e90051a55b3a88d0449f7c857baaeb16ee2b4d6d8cdd354175023e5c059
72ec86c25c6b2eed8d73df194f1eb48b1b370e82e050750e030d540143c3bff5
85ccbca884b6a07a5d907b95850bc60dda8b09d0f8c73b5633e3df5522db7101
9a3837dbb7ee801a994f65dbc93352b65311d4896316c33b53b6b41e48dac9b0
9d32626d5434d8d6b280b657c6fc9ef059b673083ca98f8853c2af884f517cd4
9edb1fb67af11d4cb8c130f96e64a4980f3fcd5911c516813d5a5dfc9e2fb0c6
bcb81c286039e0c3d8f292ea6cb822aeec4729db88f149e45f0ab869aac863b8
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f1f085112cd412ddf1b22b51b7214fe10034273b59f23e89d5f9b74cb9550bc8
f478586ab8dd824c6cefa04c38e473482091b3f5dd25c4be24a23a627efcf59c
fc678875d21a4d0489b29554d1d82cdc00a1de159a0ce6d4e2cfdc8d87ddad07