URL: https://fza3yg3vc239pm.top/
Submission: On September 26 via api from BE — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 172.67.156.52, located in United States and belongs to CLOUDFLARENET, US. The main domain is fza3yg3vc239pm.top.
TLS certificate: Issued by WE1 on September 11th 2024. Valid for: 3 months.
This is the only time fza3yg3vc239pm.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 172.67.156.52 13335 (CLOUDFLAR...)
2 192.151.192.234 40065 (CNSERVERS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 3
Domain Requested by
5 fza3yg3vc239pm.top fza3yg3vc239pm.top
2 api.gv86knght6r.top fza3yg3vc239pm.top
1 udsyobez1hsfpf.top fza3yg3vc239pm.top
8 3

This site contains no links.

Subject Issuer Validity Valid
fza3yg3vc239pm.top
WE1
2024-09-11 -
2024-12-10
3 months crt.sh
*.gv86knght6r.top
ZeroSSL ECC Domain Secure Site CA
2024-09-09 -
2024-12-08
3 months crt.sh
udsyobez1hsfpf.top
WE1
2024-09-11 -
2024-12-10
3 months crt.sh

This page contains 2 frames:

Primary Page: https://fza3yg3vc239pm.top/
Frame ID: CD6A19CDB0EDF8B7AAE69171274DD5A3
Requests: 6 HTTP requests in this frame

Frame: https://udsyobez1hsfpf.top/
Frame ID: 880681B964ABFA7F8AC1D8DE6DD467FB
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

27 kB
Transfer

59 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fza3yg3vc239pm.top/
1 KB
1 KB
Document
General
Full URL
https://fza3yg3vc239pm.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427355644694c798140f7008cc3a757323d9d79d70c65ffa26c90b659be6bb84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c8f38f7baa53a64-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Sep 2024 00:43:56 GMT
last-modified
Tue, 10 Sep 2024 04:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0HkeR9o6t6JIXJ8VhhX5GVr2ybp%2F63o6%2BGrx5iiGjFNh8OOl2lE1MLJS%2F8OD%2BB57qPLHiJI1KOfdcfwRN62EppAucUwLNqSvqV8ATn9FIH5%2FAhYTYGe5xMkIyt1lzoawOgHQGI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
fza3yg3vc239pm.top/cdn-cgi/
128 B
561 B
Other
General
Full URL
https://fza3yg3vc239pm.top/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fza3yg3vc239pm.top
Referer
https://fza3yg3vc239pm.top/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwgqfiWpSiaR1SUlA4eSEKXIxP5yY0WXnEazLhMckWsu0x6JCNlwzlbmygTr%2FN3B64GY%2FOeGUhzbKZghSqk09GsNiJOXzcv5gAfl4t6NTDScxoNExkGu737U12iYaR9ZEsdcWxU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8f38fb6d763a64-FRA
access-control-allow-origin
https://fza3yg3vc239pm.top
alt-svc
h3=":443"; ma=86400
content-length
128
date
Thu, 26 Sep 2024 00:43:56 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
crypto-js.min.js
fza3yg3vc239pm.top/static/cdn/js/
46 KB
17 KB
Script
General
Full URL
https://fza3yg3vc239pm.top/static/cdn/js/crypto-js.min.js
Requested by
Host: fza3yg3vc239pm.top
URL: https://fza3yg3vc239pm.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fza3yg3vc239pm.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"66dfc8a8-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dz6C6d8yO7CtRTTSxJVZGeO0uhVis0Yt2h3o2AspwQnKgoR0xQx6tLzKvbBoZbYok82YgL1GkA9sfcDXhQAp6PRd%2BXh8HC3FiSsXfBeV8tbiQAM9RrtKXW9WGW5o28YeUOFZBao%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8f38fb6d773a64-FRA
date
Thu, 26 Sep 2024 00:43:57 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:18:48 GMT
vary
Accept-Encoding
server
cloudflare
iframe.js
fza3yg3vc239pm.top/static/js/
6 KB
3 KB
Script
General
Full URL
https://fza3yg3vc239pm.top/static/js/iframe.js?t=202409101529
Requested by
Host: fza3yg3vc239pm.top
URL: https://fza3yg3vc239pm.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03ea32aee9865eba7291d6340518e820a5b1f11b2208e4c1b4a168c179ee9a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fza3yg3vc239pm.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"66dfc8a8-1793"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTsgpIhMNWeSHpwB75OrdsdUiQw6YRfl2SkLhu2jNT8om8fIEcQO4LJPnATAmZTzEOe9jSzWR0%2BAUT3XHVgjjHVJNK828ItepJXyUXqiStrAiF1EIDcvjRBIX8eHb14nBHM39lo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8f38fb6d783a64-FRA
date
Thu, 26 Sep 2024 00:43:56 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:18:48 GMT
vary
Accept-Encoding
server
cloudflare
request
api.gv86knght6r.top/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://api.gv86knght6r.top/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
192.151.192.234 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fza3yg3vc239pm.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8c8f3906a96785da-HKG
Connection
keep-alive
Date
Thu, 26 Sep 2024 00:43:57 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PefA8Acy51PDAiLEF5MrDAiXVrZzO11uTVx%2F1RnKblHiL9q9Re4E3L9bKnjufTwchfhg4dZSgAfOnj5xXxrZ%2FYrV%2Funb3avGjVS37e5XdvtkLh80IagZweLenkzc6jWZeT9XB14%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8801
request
api.gv86knght6r.top/fast-endecode/main/
2 KB
2 KB
Fetch
General
Full URL
https://api.gv86knght6r.top/fast-endecode/main/request
Requested by
Host: fza3yg3vc239pm.top
URL: https://fza3yg3vc239pm.top/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
192.151.192.234 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
64ed2cc262099ec362ed21b82a342afab94c4892c33297229e45cb698e64ab98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://fza3yg3vc239pm.top/

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HoQqoOPVpYxEZbcHQW8%2FujrpTMSOhGlwpyre4ZGr3f6T6NE5%2FViXkiPhmZUg8v014N4WZnRSDr1XzoaGRTkr4dnJtDq%2FPZooHWCAXZ%2FFsjG07m64EoAwQOfuLF0yYyzAaC%2FOhPQ%3D"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Methods
GET, POST, OPTIONS
CF-RAY
8c8f39086c94dd9c-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8801
Date
Thu, 26 Sep 2024 00:43:58 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
favicon.ico
fza3yg3vc239pm.top/
4 KB
4 KB
Other
General
Full URL
https://fza3yg3vc239pm.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fza3yg3vc239pm.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"66dfc8a8-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SVszvvA7QsK0WC4GmFrRt7E5wI7vZqMvjGswswAFTrz56DaP7Ycco2tpW4qhIOFYQ%2B8Dmx%2F3APQgZPKLVcSMQL8p0iTCiTdcUEdWKWLCcT5W%2BcVCvMf82iqAvt5CRtZgJ0NK8I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8f390279a93a64-FRA
date
Thu, 26 Sep 2024 00:43:57 GMT
content-type
image/x-icon
last-modified
Tue, 10 Sep 2024 04:18:48 GMT
vary
Accept-Encoding
server
cloudflare
/
udsyobez1hsfpf.top/ Frame 8806
0
0
Document
General
Full URL
https://udsyobez1hsfpf.top/
Requested by
Host: fza3yg3vc239pm.top
URL: https://fza3yg3vc239pm.top/static/js/iframe.js?t=202409101529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1811 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://fza3yg3vc239pm.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c8f390aefb1d276-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Sep 2024 00:43:59 GMT
last-modified
Tue, 10 Sep 2024 04:18:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdYv82wdtbqeBMO8K9JeXsWCSrKN0gvvDM07bhLXDD3jyJ5vE1d9azNgRL16UofYp2HwTQ%2BBXhYvfNKVHLQ6orujp0rXjaaQ3fwfb8PjtDXYt9s%2FjOCzuSxD7dPCVMHvr6R650xG9BwK8zlyTeC%2BYm0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CryptoJS object| _0x3b3d function| _0x180e object| domainList object| publicKey function| getDomain function| handleEncrypt function| handleDecrypt function| fromCode boolean| connect object| urls number| urlIndex function| getconfigDown

0 Cookies