gqc3upqml8bu10yq.xyz Open in urlscan Pro
2606:4700:3033::ac43:d666 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://3xg9ndk8y2o.xyz/
Effective URL:
https://gqc3upqml8bu10yq.xyz/
Submission: On December 09 via api (December 9th 2024, 8:29:55 pm UTC) from US — Scanned from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3033::ac43:d666, located in United States and belongs to CLOUDFLARENET, US. The main domain is gqc3upqml8bu10yq.xyz.
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.

This is the only time gqc3upqml8bu10yq.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::6815:26c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	172.67.138.77 172.67.138.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	4.192.73.43 4.192.73.43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	190.92.242.144 190.92.242.144	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
8	2606:4700:303... 2606:4700:3033::ac43:d666	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.205.118 172.67.205.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	7

1 2606:4700:3032::6815:26c7 (United States)

ASN13335 (CLOUDFLARENET, US)

3xg9ndk8y2o.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.138.77 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

3xg9ndk8y2o.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.192.73.43 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

jbtodbkn620d66ew.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.92.242.144 (Hong Kong, Hong Kong)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-190-92-242-144.compute.hwclouds-dns.com

fdosjtp.16zrzk1s8ef2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::ac43:d666 (United States)

ASN13335 (CLOUDFLARENET, US)

gqc3upqml8bu10yq.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.205.118 (United States)

ASN13335 (CLOUDFLARENET, US)

rgrme0u1sz6jxjz8.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gqc3upqml8bu10yq.xyz gqc3upqml8bu10yq.xyz	55 KB
7	3xg9ndk8y2o.xyz 1 redirects 3xg9ndk8y2o.xyz	32 KB
2	16zrzk1s8ef2.xyz fdosjtp.16zrzk1s8ef2.xyz	2 KB
1	rgrme0u1sz6jxjz8.xyz rgrme0u1sz6jxjz8.xyz
1	jbtodbkn620d66ew.top jbtodbkn620d66ew.top	806 B
25	5

	Domain	Requested by
8	gqc3upqml8bu10yq.xyz	3xg9ndk8y2o.xyz gqc3upqml8bu10yq.xyz
7	3xg9ndk8y2o.xyz	1 redirects 3xg9ndk8y2o.xyz
2	fdosjtp.16zrzk1s8ef2.xyz	3xg9ndk8y2o.xyz
1	rgrme0u1sz6jxjz8.xyz	3xg9ndk8y2o.xyz
1	jbtodbkn620d66ew.top	3xg9ndk8y2o.xyz
25	5

This site contains no links.

Subject Issuer	Validity	Valid
3xg9ndk8y2o.xyz WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
jbtodbkn620d66ew.top E6	`2024-10-23` - `2025-01-21`	3 months	crt.sh
*.16zrzk1s8ef2.xyz E5	`2024-12-09` - `2025-03-09`	3 months	crt.sh
gqc3upqml8bu10yq.xyz WE1	`2024-11-27` - `2025-02-25`	3 months	crt.sh
rgrme0u1sz6jxjz8.xyz WE1	`2024-11-27` - `2025-02-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://gqc3upqml8bu10yq.xyz/
Frame ID: FDD47053738BE412F9777E6482C14E87
Requests: 21 HTTP requests in this frame

Frame: https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 77F265FCD73B42E6FCE9FEF7937010E2
Requests: 2 HTTP requests in this frame

Frame: https://rgrme0u1sz6jxjz8.xyz/
Frame ID: CDBA53EC2A60681FB3161C457F91CC8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

桃子视频

Page URL History Show full URLs

https://3xg9ndk8y2o.xyz/ Page URL
https://gqc3upqml8bu10yq.xyz/ Page URL

Page Statistics

25
Requests

68 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

89 kB
Transfer

354 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://3xg9ndk8y2o.xyz/ Page URL
https://gqc3upqml8bu10yq.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
3xg9ndk8y2o.xyz/ 2 KB
2 KB 652ms
532ms Document
text/html 2606:4700:3032::6815:26c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3xg9ndk8y2o.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:26c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 487787a9cd7dd342465016c55a67683f544554081e48a2b4a92faed481e58b9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ef7bfddcc898df1-MIA
content-encoding: zstd
content-type: text/html
date: Mon, 09 Dec 2024 20:29:49 GMT
last-modified: Mon, 28 Oct 2024 17:09:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnhNs8X2na7JSVR52zt%2BkCY8H%2BHGCpjmfe9%2BbkxlkgXfTcoUIPt0xo%2FookOwn8sxEfOff66yyB1DJ4LD7dOOKBOfFeAjpXEYjdGl0vY15QKyO%2FYIPnVaDI9b0xlP3Lk01OMkGSxxlUIL5P8naao%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=33638&min_rtt=30633&rtt_var=7391&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4274&recv_bytes=2289&delivery_rate=126779&cwnd=254&unsent_bytes=0&cid=63684fb93cb1b7e0&ts=563&x=0"
vary: Accept-Encoding

GET
H3 200 crypto-js.min.js Show response
3xg9ndk8y2o.xyz/static/js/ 46 KB
17 KB 530ms
529ms Script
application/javascript 172.67.138.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3xg9ndk8y2o.xyz/static/js/crypto-js.min.js
Requested by: Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://3xg9ndk8y2o.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"671fc537-b9d8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkhhR5500VV84yzJ8hTcjhoP%2B4D%2BffQ0LFJg%2Bx2toUAtTbaTl%2BzsJbZfhaBah1D9XrqTp2OmNnkOf648esJUphMwEFvaHCvQVDOQpXhJaN0uNGiSQoOoa7jg7%2FA1oyDg7rM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bfe15db21146-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=82345&min_rtt=81629&rtt_var=13745&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4709&delivery_rate=255&cwnd=12000&unsent_bytes=0&cid=9942d7746499bf2f&ts=1091&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 09 Dec 2024 20:29:50 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 17:09:11 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 index.js Show response
3xg9ndk8y2o.xyz/static/js/ 13 KB
5 KB 612ms
611ms Script
application/javascript 172.67.138.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3xg9ndk8y2o.xyz/static/js/index.js?t=202408101145
Requested by: Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323090125e9f2ebf804eb26a5cedf896ca3a03ecd774030e850722803753b203

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://3xg9ndk8y2o.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"671fc537-326e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D43JSftSttXtJYWLGRnKg7C7k%2BBWzxMyc8UBul5nLNxPxN2oant9fDNbP%2FPOK5DimoY0RSsHfBX7GS7SMTeoRdzIjkrn5Gg4iOd%2FD0DyuNtWtXDGymgpVr9Akvt3a7GNE%2Bg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bfe15db61146-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=82345&min_rtt=81629&rtt_var=13745&sent=23&recv=11&lost=0&retrans=0&sent_bytes=16159&recv_bytes=4709&delivery_rate=255&cwnd=12000&unsent_bytes=0&cid=9942d7746499bf2f&ts=1095&x=1", cfExtPri, cfHdrFlush;dur=78
date: Mon, 09 Dec 2024 20:29:50 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 17:09:11 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H2 200 / Show response
jbtodbkn620d66ew.top/ 224 B
806 B 1475ms
239ms Fetch
text/plain 4.192.73.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://jbtodbkn620d66ew.top/

Requested by

Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/static/js/index.js?t=202408101145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

a2f5fde2fe72a882c5a7b29587f4c34c57587642dcfbfcbef19b6b67b57c4840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://3xg9ndk8y2o.xyz/

Response headers

etag: "8d09ee6e369a88038816fc151098de82"
age: 3
nginx-hit: 1
x-ccdn-req-id-46b1: 732e5b33c0d28a2dfd364a81af9713e5
x-cache: BYPASS
date: Mon, 09 Dec 2024 20:29:51 GMT
content-disposition: attachment
content-type: text/plain
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
last-modified: Mon, 09 Dec 2024 16:30:09 GMT
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
strict-transport-security: max-age=31536000
x-amz-tagging-count: 0
cloudservicediscount: CDN
x-ccdn-cachettl: 60
x-hcs-proxy-type: 1
via: EA-HKG-EDGE1-CACHE3[2],EA-HKG-EDGE1-CACHE4[0,TCP_HIT,0],EA-HKG-GLOBAL1-CACHE43[49],EA-HKG-GLOBAL1-CACHE37[44,TCP_MISS,47]
x-amz-request-id: 00000193AC42635190169C501E23635A
accept-ranges: bytes
access-control-allow-origin: *
content-length: 224
server: openresty

GET
H3

200

main.js Show response
3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 77F2
Redirect Chain

https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

8 KB
5 KB

93ms
93ms

Script
application/javascript

172.67.138.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

Protocol

Server

172.67.138.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6d4b2466378f222bf26065d603484f65e477da79f752e42c24417b66ab0d55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZAMCu8asxpmGSZxxHGNW3hv%2FCGrNB7TA2Bxg560%2FCUgiw5l7z8E51U3ZF7kiQKiNZnOuAUSim2NomO7r9RJazLEaB2jvUPkoR83XSUTpNwvEKmJxLsw3T%2FkmwsfyxP594Y%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ef7bfe60b2e1146-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=83589&min_rtt=81629&rtt_var=2993&sent=39&recv=26&lost=0&retrans=0&sent_bytes=28705&recv_bytes=6131&delivery_rate=7134&cwnd=22800&unsent_bytes=0&cid=9942d7746499bf2f&ts=1406&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 09 Dec 2024 20:29:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfI%2F4qZeTzALdYooU2x%2BUy3ZLcfuedtX69u4LAXfwtI%2B9IRJNadaNmsH3kYJrNhLaCOQvxtYxN6ZPeR5x7qkW45btab7eHIVCnRJXcZxnj%2FRwlPO9TSHPjGeKjNguk1%2BYl8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bfe55a6e1146-ORD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=82371&min_rtt=81629&rtt_var=741&sent=37&recv=25&lost=0&retrans=0&sent_bytes=27956&recv_bytes=5842&delivery_rate=23438&cwnd=22800&unsent_bytes=0&cid=9942d7746499bf2f&ts=1304&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 09 Dec 2024 20:29:50 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 404 favicon.ico
3xg9ndk8y2o.xyz/ 555 B
813 B 519ms
519ms Other
text/html 172.67.138.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3xg9ndk8y2o.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e7dfa46dd612db545c0c4616a4a41b668292e266836854ce787649d515244f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://3xg9ndk8y2o.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BKKiLnnxZOCUz%2Bmirjc55NstKzFJHO9yZw6srWC8Ok%2Fp9WKXgRemslFudqnf%2FXWuomKgp3VNbf3VyyaI5hGydS9PULbNqmNc%2FJptEVyR3l2uWT4V4%2Fu90wq5weCQV2sl08%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bfe56a741146-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=86728&min_rtt=81629&rtt_var=5872&sent=50&recv=44&lost=0&retrans=0&sent_bytes=34982&recv_bytes=23414&delivery_rate=53025&cwnd=22800&unsent_bytes=0&cid=9942d7746499bf2f&ts=1733&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 09 Dec 2024 20:29:50 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

POST
H3 200 8ef7bfddcc898df1 Show response
3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 77F2 0
1 KB 117ms
107ms XHR
text/plain 172.67.138.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8ef7bfddcc898df1
Requested by: Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pD%2BO1Hybop%2F7mAVkhfG9fOym9eghQlFIH8tl1uOm5P3Ew2C83RbuRI3jBPGDPAko12KpsnLQ1eCh07cO6%2BUan5iXmUxs0CnBbfhEjhg%2FqMuXl9SmnKDfNbMVmhkeSe3UqxY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bfe75c931146-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=86728&min_rtt=81629&rtt_var=5872&sent=49&recv=44&lost=0&retrans=0&sent_bytes=33792&recv_bytes=23414&delivery_rate=53025&cwnd=22800&unsent_bytes=0&cid=9942d7746499bf2f&ts=1641&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 09 Dec 2024 20:29:50 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

POST
H/1.1 200 request Show response
fdosjtp.16zrzk1s8ef2.xyz/fast-endecode/main/ 2 KB
2 KB 310ms
309ms Fetch
application/json 190.92.242.144
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://fdosjtp.16zrzk1s8ef2.xyz/fast-endecode/main/request
Requested by: Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/static/js/index.js?t=202408101145
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.92.242.144 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-190-92-242-144.compute.hwclouds-dns.com
Software: nginx/1.17.6 /
Resource Hash: 0d1c64c5e443b418598de5001e4dfa036c4ad0505bfac3c742621f0424a9db85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://3xg9ndk8y2o.xyz/

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Date: Mon, 09 Dec 2024 20:29:52 GMT
Content-Type: application/json;charset=UTF-8
Vary: Origin
Server: nginx/1.17.6
Connection: keep-alive

OPTIONS
H/1.1 200 request
fdosjtp.16zrzk1s8ef2.xyz/fast-endecode/main/ Frame 0
0 850ms
282ms Preflight 190.92.242.144
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://fdosjtp.16zrzk1s8ef2.xyz/fast-endecode/main/request
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 190.92.242.144 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-190-92-242-144.compute.hwclouds-dns.com
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://3xg9ndk8y2o.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Mon, 09 Dec 2024 20:29:52 GMT
Server: nginx/1.17.6
Vary: Origin

GET
H2 200 Primary Request / Show response
gqc3upqml8bu10yq.xyz/ 3 KB
2 KB 640ms
533ms Document
text/html 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/
Requested by: Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/static/js/index.js?t=202408101145
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba864e0a56eb9c86856c1fd2b85fe429b8fd1a916e7d639e3ed7fc954be7630a

Request headers

Referer: https://3xg9ndk8y2o.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ef7bff64eaea658-MIA
content-encoding: zstd
content-type: text/html
date: Mon, 09 Dec 2024 20:29:53 GMT
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tf%2FmLJl7MX%2FWBeNeQnwzAtu8AtDn5RPhsw1yDgiB%2F6pYkseuD1M6eCnlxg%2FQP1YW9XEr6X0f9abiBUUjxHwj1ZyPf8Lxw2XoXZwKyKyx0B0NApDUkSgMxI7HePPTn%2BP4lExZrdua1Y9vn%2Fvi5kSGiyfjAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=32905&min_rtt=30638&rtt_var=7183&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2369&delivery_rate=124567&cwnd=253&unsent_bytes=0&cid=4357f4060b844b99&ts=542&x=0"
vary: Accept-Encoding

GET
H3 200 /
rgrme0u1sz6jxjz8.xyz/ Frame CDBA 0
0 634ms
553ms Document
text/html 172.67.205.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rgrme0u1sz6jxjz8.xyz/
Requested by: Host: 3xg9ndk8y2o.xyz
URL: https://3xg9ndk8y2o.xyz/static/js/index.js?t=202408101145
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://3xg9ndk8y2o.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ef7bff62b6c7489-MIA
content-encoding: zstd
content-type: text/html
date: Mon, 09 Dec 2024 20:29:53 GMT
last-modified: Mon, 28 Oct 2024 13:27:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGS5MJwYpz%2BGx61qfQlVy6z7Rq89%2BhaHnk1%2FDdJdAUPB2yvM5Dwe7UainZHH6bB6DnmDnfZcscuv2xuwxDs4AhbFm0jBwEFWLT7g46%2FhrSLWcmHvLHi1Ow%2BjfLdbMXaOYNScLFUO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=31450&min_rtt=31385&rtt_var=5002&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4155&recv_bytes=4500&delivery_rate=495&cwnd=12000&unsent_bytes=0&cid=af812786f52e0b47&ts=572&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 index.css
gqc3upqml8bu10yq.xyz/static/cdn/css/element-ui/ 227 KB
36 KB 539ms
531ms Stylesheet
text/css 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/cdn/css/element-ui/index.css?v=1.0.2
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e10adb31bf4fcc0fcc227b54903888eb9b578aed5de80dd7a204145b9feaa9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"671f987e-38c1e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NjQjtrRn7MTfMLCZz5cMboW1%2BezQL8gUZdHEHCDmuGVhiCGX7XRtxqjhWCEbqqbw2kbYIj5mR0lyAFHuY8YX82HO%2F5msNiJVi0eKPI5lZ4F0FusqBquXIEV1sGlT2t6v6iA1NrLCTF%2FQVl3sIgVQPIjfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9cc78a658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=24&recv=23&lost=0&retrans=0&sent_bytes=12109&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=0&cid=4357f4060b844b99&ts=1094&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 display.css
gqc3upqml8bu10yq.xyz/static/cdn/css/element-ui/ 982 B
704 B 525ms
519ms Stylesheet
text/css 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/cdn/css/element-ui/display.css?v=1.0.2
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10451b01ead5e286ee4dd7fba2a18aeae2a0ecc31035fa9eeed6130865bd514a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"671f987e-3d6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KHJgeh6AQ5LJQvhAuQdWI8hTl0e2%2Bz0LnGUsi2CR27Dh1xhtf77WyBB7UMmJYgRc1TtSM7yhDK7OVhzPIQdFxp3DugyWbeGIMY9yv9%2BPflYJ9LB6fH1VhbHuFiXJ4YUlvaM7nnFESKVfRw71LRf93JI%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9cc7ca658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=13&recv=23&lost=0&retrans=0&sent_bytes=5851&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=0&cid=4357f4060b844b99&ts=1081&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 vendor.css
gqc3upqml8bu10yq.xyz/static/20241028215608/css/ 22 KB
4 KB 531ms
525ms Stylesheet
text/css 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/20241028215608/css/vendor.css
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059fa5ebb89c23f1a438da1bbee13aca2d73c7c8d03ffd666f1c73dd2569e605

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"671f987e-584e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hamchDuFMQkJZoGeHVd5N2U3UK6YxdzmUsmsZMXwFSGqJILk99OzVYF%2FHnxOQjahsV9eLJWEEImZKCClChjiuE%2BZu305HNYv8kbpMrLkcGAn2nY4VLvVR5tVcJwR9FPk8NXxue5d7O%2FYayCYp%2BnON8zX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9cc80a658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=15&recv=23&lost=0&retrans=0&sent_bytes=6621&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=0&cid=4357f4060b844b99&ts=1087&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 styles.css
gqc3upqml8bu10yq.xyz/static/20241028215608/css/ 948 B
930 B 535ms
529ms Stylesheet
text/css 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/20241028215608/css/styles.css
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c059b5b276cadfe8445dfb33e4e421bbd831cd42f419907f401b6a89675730

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"671f987e-3b4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RoY%2FeWRdTcKSXQARLmo1YqqKtUvz2l6dIAunbyKwYDmh1YwEi1fStu%2BoRQ1BWX%2BTkOOpn8%2BPVZnecZTq4W74c9heBwfphDSO9o37tmJGF47E%2B%2FcjrWwCBR8bUl4myTAr6lSTg7lS9G1hjd4wfJTrJro8pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9cc83a658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=21&recv=23&lost=0&retrans=0&sent_bytes=11113&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=0&cid=4357f4060b844b99&ts=1091&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET app.css
gqc3upqml8bu10yq.xyz/static/20241028215608/css/ 0
0

GET
H2 200 axios.min.js Show response
gqc3upqml8bu10yq.xyz/static/cdn/js/ 14 KB
6 KB 554ms
548ms Script
application/javascript 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/cdn/js/axios.min.js?v=1.0.2
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"671f987e-3813"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IrwYKMvHdcafv8jIZbe1YAOea0WkzUJblnNPOvG5XiIiGBUvnHN96%2Bu9xBnNZyu4YdLL%2FBzonEz04nfwjuJNkQISW%2FONLjVzOW48D5mxLTF%2Bf0SSRgZ%2BLO65%2BeGD95gVhuHTqWSiXNoWyIs9pT0KVdFlYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9cc87a658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=57&recv=23&lost=0&retrans=0&sent_bytes=49865&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=3532&cid=4357f4060b844b99&ts=1111&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET crypto-js.min.js
gqc3upqml8bu10yq.xyz/static/cdn/js/ 0
0

GET lodash.min.js
gqc3upqml8bu10yq.xyz/static/cdn/js/ 0
0

GET hls.min.js
gqc3upqml8bu10yq.xyz/static/cdn/js/ 0
0

GET DPlayer.min.js
gqc3upqml8bu10yq.xyz/static/cdn/js/ 0
0

GET
H2 200 jsjiami.js Show response
gqc3upqml8bu10yq.xyz/static/cdn/js/ 9 KB
4 KB 549ms
545ms Script
application/javascript 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/cdn/js/jsjiami.js?v=1.0.2
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c8e81d7f21e600e42f68b01354db750efcdf6aee8d8c6a0856f1445c7a7979

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"671f987e-24dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1ulU6%2F%2Bm7IiC133lLjUxMKmeleYYyDV7U5kdqHkD00uk6r%2BkwgnRMAaRG6Vg%2BtCZM7MN%2BoEHEjBvCfEN7RQDsqLxbYgLYPlLSEwzy8VS7PvQAhIMr%2BCDqwL5r2Ylp5Ycpl8O5g7%2BraNqogQwcMJnlbmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9fccca658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=56&recv=23&lost=0&retrans=0&sent_bytes=49343&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=0&cid=4357f4060b844b99&ts=1107&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET vendor.js
gqc3upqml8bu10yq.xyz/static/20241028215608/js/ 0
0

GET
H2 200 styles.js Show response
gqc3upqml8bu10yq.xyz/static/20241028215608/js/ 5 KB
2 KB 552ms
548ms Script
application/javascript 2606:4700:3033::ac43:d666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gqc3upqml8bu10yq.xyz/static/20241028215608/js/styles.js
Requested by: Host: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 805460a38d930e076f141ba1d77ddddb27f57beff0557126f567326361374fc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"671f987e-128a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIEA1xT4jBIWepsUfcQ4AmJtyLRV%2BYHGy%2BxxLjWHvUMaGpyjNOrcw6N2YtMQea6VYoOEUHKSpJEeiHovfoFlWQ59TcBmQlTQ0PNdcDOFZzTu7h5qtqRF4l3d4C%2Bb0L4ZBdoxyH86WN9JivCZy%2BUUGHfK0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef7bff9fcd0a658-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32640&min_rtt=30638&rtt_var=5918&sent=61&recv=23&lost=0&retrans=0&sent_bytes=53958&recv_bytes=3478&delivery_rate=126413&cwnd=256&unsent_bytes=5338&cid=4357f4060b844b99&ts=1112&x=0"
date: Mon, 09 Dec 2024 20:29:54 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 13:58:22 GMT
vary: Accept-Encoding
server: cloudflare

GET app.js
gqc3upqml8bu10yq.xyz/static/20241028215608/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/20241028215608/css/app.css

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/cdn/js/crypto-js.min.js?v=1.0.2

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/cdn/js/lodash.min.js?v=1.0.2

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/cdn/js/hls.min.js?v=1.0.2

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/cdn/js/DPlayer.min.js?v=1.0.2

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/20241028215608/js/vendor.js

Domain: gqc3upqml8bu10yq.xyz
URL: https://gqc3upqml8bu10yq.xyz/static/20241028215608/js/app.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setCookie function| getCookie function| loadError

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.3xg9ndk8y2o.xyz/	1970-01-21 10:21:52	Name: cf_clearance Value: AHRfK0v5yfgTcljTexwg8py3zuZAzInjhGBeYP7ZZrA-1733776190-1.2.1.1-rs5lUWxNrVEVWfDESubzOlV6gFtVoeGADCjeJlMsUwj3CMYUViQtXx7YiMXKugbuJA1Kog2M34xddcwJ2dfwAGarlTA.XZLN28zs4CTvR3Im8jEqdt2uOTW7vbqn8DJcfNQ27rbuaFrCREG129rv2AWzPCAY8Fz6unYof8Ycy8breKR74U4QRFCwfWbYaVETffp5XTycffCPAfjuQReK2jkJ31B_eAhMrbmwGVG3ufNf_28AiHUqxYo3c7Ct6kS8Bk28Hl6Pp0uTbGHKCIK9JbFsSwkKUK0UmZiIaIeAg9amptDozEf2HWUdPPVn8USM2tc6RpVv.udDzTAZtiiVA4g9QU8LPIdIuxiQbqvKurdQEpRl8hoJB2C7_nYsDSOC

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://3xg9ndk8y2o.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3xg9ndk8y2o.xyz
fdosjtp.16zrzk1s8ef2.xyz
gqc3upqml8bu10yq.xyz
jbtodbkn620d66ew.top
rgrme0u1sz6jxjz8.xyz
gqc3upqml8bu10yq.xyz
172.67.138.77
172.67.205.118
190.92.242.144
2606:4700:3032::6815:26c7
2606:4700:3033::ac43:d666
4.192.73.43
059fa5ebb89c23f1a438da1bbee13aca2d73c7c8d03ffd666f1c73dd2569e605
0d1c64c5e443b418598de5001e4dfa036c4ad0505bfac3c742621f0424a9db85
10451b01ead5e286ee4dd7fba2a18aeae2a0ecc31035fa9eeed6130865bd514a
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
323090125e9f2ebf804eb26a5cedf896ca3a03ecd774030e850722803753b203
487787a9cd7dd342465016c55a67683f544554081e48a2b4a92faed481e58b9b
7e10adb31bf4fcc0fcc227b54903888eb9b578aed5de80dd7a204145b9feaa9b
805460a38d930e076f141ba1d77ddddb27f57beff0557126f567326361374fc9
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010
91c8e81d7f21e600e42f68b01354db750efcdf6aee8d8c6a0856f1445c7a7979
a0c059b5b276cadfe8445dfb33e4e421bbd831cd42f419907f401b6a89675730
a2f5fde2fe72a882c5a7b29587f4c34c57587642dcfbfcbef19b6b67b57c4840
a5e7dfa46dd612db545c0c4616a4a41b668292e266836854ce787649d515244f
ba864e0a56eb9c86856c1fd2b85fe429b8fd1a916e7d639e3ed7fc954be7630a
c6d4b2466378f222bf26065d603484f65e477da79f752e42c24417b66ab0d55e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

gqc3upqml8bu10yq.xyz Open in urlscan Pro 2606:4700:3033::ac43:d666 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

25 Requests

68 %HTTPS

33 %IPv6

5 Domains

5 Subdomains

7 IPs

2 Countries

89 kBTransfer

354 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

gqc3upqml8bu10yq.xyz Open in urlscan Pro
2606:4700:3033::ac43:d666 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

68 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

89 kB
Transfer

354 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions