URL: https://xoilac86z68.live/
Submission Tags: 0xscam
Submission: On December 22 via api from US — Scanned from AU

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::681a:191, located in United States and belongs to CLOUDFLARENET, US. The main domain is xoilac86z68.live.
TLS certificate: Issued by WE1 on December 3rd 2024. Valid for: 3 months.
This is the only time xoilac86z68.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:20:... 13335 (CLOUDFLAR...)
4 104.18.94.41 13335 (CLOUDFLAR...)
18 3
Apex Domain
Subdomains
Transfer
9 xoilac86z68.live
xoilac86z68.live
125 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
18 2
Domain Requested by
9 xoilac86z68.live xoilac86z68.live
4 challenges.cloudflare.com xoilac86z68.live
challenges.cloudflare.com
18 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
xoilac86z68.live
WE1
2024-12-03 -
2025-03-03
3 months crt.sh
challenges.cloudflare.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh

This page contains 3 frames:

Primary Page: https://xoilac86z68.live/
Frame ID: 14596AF41B7D10B1DC9A5DDA2C02155E
Requests: 12 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8wksy/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 5C8B57EA2CE7AA5C3E273EBF1BF5433B
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8im7y/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: A7F00940D15AE9F4C6F55A0F656A9D96
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://xoilac86z68.live/ Page URL
  2. https://xoilac86z68.live/ Page URL

Page Statistics

18
Requests

72 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

140 kB
Transfer

350 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xoilac86z68.live/ Page URL
  2. https://xoilac86z68.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
xoilac86z68.live/
10 KB
8 KB
Document
General
Full URL
https://xoilac86z68.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40bef24a300399579b64a7a28f4d97e20603166a467c3f4d269c9cc502d9fd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
vvu0LPn5MbKXuQkwrBz0E3rbvBY+cxvu08HJOrMqkHAqpwdT2AaaFBQWnLKBKvRxJwhY1URugUOvodQQVqxo/SSgeufa9jKX8rCCHPOtRFEE4C/nByJQR5Cx3ZyX46OXoqr9GUS3e0vZ+1FNwgLUMA==$kSM8pAWACuQ7NM09uXrsDg==
cf-mitigated
challenge
cf-ray
8f608a375c02d70d-BNE
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 22 Dec 2024 13:43:16 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDaT%2BZTVIprj7dpwM4ZVNi5qGQt%2B%2F3Xzzn8BTqJIleAtsnlWT6Q0JrbV8usiBWwL%2FkDBD4qxwqQD8CoiW460gkOmu5NQkYkJDatEAyD%2FmhEgfpTMUs4n4X9qtu5e4BEmqy%2FvOnRPSvLNqg4QVt0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=19127&min_rtt=18825&rtt_var=4427&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2256&delivery_rate=204697&cwnd=247&unsent_bytes=0&cid=99f23ef812239a14&ts=71&x=0"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
103 KB
40 KB
Script
General
Full URL
https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a375c02d70d
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f525ac766a4362d16057167f972b957a06eafbbc853cc6c5b0b67d2635d28d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xoilac86z68.live/?__cf_chl_rt_tk=FbZQ8MMYbPOAa4UniKplj7izwutdXOsRL7DMogJPMv0-1734874996-1.0.1.1-jX7rlI4Ln0JS0NrX3WXDSoIpk8H.1BwnZSdMoFwxTPo

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fNjLCUdyh1u5MZMTDtjlBxd9DoOvxXSHaTx5rlE7eJvZlFmN8J0nblObXv0k6Fb7gJTgSKxINJU8a%2BHHlzFObkSlUh2VEu2eb4ZcOwYyvjPvg5IXcsaGAG8nD%2Bl3DJadFNe5hL1kdRACzdtwRc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f608a37ec6fd70d-BNE
server-timing
cfL4;desc="?proto=TCP&rtt=19247&min_rtt=17667&rtt_var=2127&sent=22&recv=17&lost=0&retrans=0&sent_bytes=12791&recv_bytes=2534&delivery_rate=736638&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=159&x=0"
date
Sun, 22 Dec 2024 13:43:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
1a24b819-438f-442f-9a1f-a020d7a4b5f7
https://xoilac86z68.live/ Frame
0
0

api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a375c02d70d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xoilac86z68.live
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f608a389e6ea7f3-SYD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 13:43:16 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
xoilac86z68.live/
8 KB
8 KB
Image
General
Full URL
https://xoilac86z68.live/favicon.ico
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5317aa0d24dec38aa12cf2842be784de504674e8385001a8749898438e57a54
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xoilac86z68.live/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B293TtbjKfLiqXoShu2IDdtTKxBAzZSbFIZDW67JJ6qU0Q%2BcXrOLP%2BiZgfMdY1iRUPmLM%2FECv5IiPIFKnc4q0t5U2gA4Thu8z5LMiHJQtHrYiANmY4Z3kVCj5HyIgtx43N5GtIw%2Fk9GC%2F7O5Mcc%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=18001&min_rtt=17553&rtt_var=504&sent=70&recv=31&lost=0&retrans=0&sent_bytes=54049&recv_bytes=2672&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=220&x=0"
x-content-options
nosniff
date
Sun, 22 Dec 2024 13:43:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
KUusksPAM+OyJmX4LeHvBfSCYa8sNbl6UOYrccKFRpXgYFIi6W84To21Kd/c8iAWEX4HP8lVV9ggV1/wZkbdaeEE26GdzDcOHY++KiNLqnZFAGuMAIFG1dWIj+FdRcVvAxFg1ZbXEbm15Q5o/njHpg==$yWDAhCJ6okq0lwAhXkXu2A==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f608a384caed70d-BNE
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
66MbVDGodEMuY58YR9x_GL7R5sJ0FpRZJR.6WNdFjUo-1734874996-1.2.1.1-cSD.TlLdzdAS_YzbBl7Pe9rm_qOqHPdWLfLf.CcpXNh4.2h6f3O7Ou8.J0LHJ_2c
xoilac86z68.live/cdn-cgi/challenge-platform/h/b/flow/ov1/575225563:1734873201:mctHlTiPW0VsoyiPeKjubAUEt6iPP42b8arDN7hLMpU/8f608a375c02d70d/
13 KB
9 KB
XHR
General
Full URL
https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/flow/ov1/575225563:1734873201:mctHlTiPW0VsoyiPeKjubAUEt6iPP42b8arDN7hLMpU/8f608a375c02d70d/66MbVDGodEMuY58YR9x_GL7R5sJ0FpRZJR.6WNdFjUo-1734874996-1.2.1.1-cSD.TlLdzdAS_YzbBl7Pe9rm_qOqHPdWLfLf.CcpXNh4.2h6f3O7Ou8.J0LHJ_2c
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a375c02d70d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc261cdd045ea58634de98d5bdc1f6776149dcd686f2b83b67ffc07a4feccaf5

Request headers

Referer
https://xoilac86z68.live/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
66MbVDGodEMuY58YR9x_GL7R5sJ0FpRZJR.6WNdFjUo-1734874996-1.2.1.1-cSD.TlLdzdAS_YzbBl7Pe9rm_qOqHPdWLfLf.CcpXNh4.2h6f3O7Ou8.J0LHJ_2c

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSrc4TMUWfpb0q98Gzj0gLzKijZEZrmHaUeRWoAliyktCE7dKDnZ0OwbcBcVn5By%2F1ALEwgKCEaejsQddVzTIMbSsxli2ezEp7l%2FoNaQAIKifZHfDSgu2JgyC8cB3N1w8EEjY%2FrMXvrvjWE99ng%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f608a38fd59d70d-BNE
server-timing
cfL4;desc="?proto=TCP&rtt=17912&min_rtt=17553&rtt_var=337&sent=79&recv=39&lost=0&retrans=0&sent_bytes=59690&recv_bytes=6497&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=341&x=0"
date
Sun, 22 Dec 2024 13:43:16 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
7Rty3bHHoOhWSIE75NpWld419U2bNW+rq5ApcUbMC63T1Pv68RJUFf37sPycYb041ao8XA8wVbU=$5QefAq4ho8KuMCKY
server
cloudflare
favicon.ico
xoilac86z68.live/
8 KB
6 KB
Other
General
Full URL
https://xoilac86z68.live/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4d9c977bb936cf84559baba531554848c77ccd3550b209416be8a8e8dde287
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xoilac86z68.live/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blVGHUcCYe0eEws19EmoqePd7EL6aDBW1PfKo14%2Fav5LLCzKwjZib%2Bo8TVFzvj%2BzLTyBt1ZHAUlG3ewL%2BQ7gQr0KMArdVh5e9y2EuBTOM9LAOyeJWlXzDwiAgHHUTieZ%2FRTomgTyEqdRZqzpa8Q%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=17912&min_rtt=17553&rtt_var=337&sent=89&recv=39&lost=0&retrans=0&sent_bytes=69192&recv_bytes=6497&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=343&x=0"
x-content-options
nosniff
date
Sun, 22 Dec 2024 13:43:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
39QQ3AmsJauFFotQpDT+ir8MN+XbXE4UjB55zuTuMIb1JelQaA1o2KAmBCE7WMpNwpl1yw1eKyatu7Vigm7nBgM9YQOtyYxmwEyLM5KMCARlH7tFFyjUxVdRAgVjQkUUMVX7X4dIkzQqwakQTPdBUg==$nz4HtMrSS3sEyySb6TxYgQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f608a390d5fd70d-BNE
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
d66e58aa-954b-4175-b24d-781243e6ba2a
https://xoilac86z68.live/ Frame
0
0

/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8wksy/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 5C8B
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8wksy/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f608a39887ba959-SYD
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 13:43:16 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
66MbVDGodEMuY58YR9x_GL7R5sJ0FpRZJR.6WNdFjUo-1734874996-1.2.1.1-cSD.TlLdzdAS_YzbBl7Pe9rm_qOqHPdWLfLf.CcpXNh4.2h6f3O7Ou8.J0LHJ_2c
xoilac86z68.live/cdn-cgi/challenge-platform/h/b/flow/ov1/575225563:1734873201:mctHlTiPW0VsoyiPeKjubAUEt6iPP42b8arDN7hLMpU/8f608a375c02d70d/
2 KB
3 KB
XHR
General
Full URL
https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/flow/ov1/575225563:1734873201:mctHlTiPW0VsoyiPeKjubAUEt6iPP42b8arDN7hLMpU/8f608a375c02d70d/66MbVDGodEMuY58YR9x_GL7R5sJ0FpRZJR.6WNdFjUo-1734874996-1.2.1.1-cSD.TlLdzdAS_YzbBl7Pe9rm_qOqHPdWLfLf.CcpXNh4.2h6f3O7Ou8.J0LHJ_2c
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a375c02d70d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee3254cf0f4913f93d58ca0ec52e46b24d9bcb702a10fbb5963ba60228721bda

Request headers

Referer
https://xoilac86z68.live/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
66MbVDGodEMuY58YR9x_GL7R5sJ0FpRZJR.6WNdFjUo-1734874996-1.2.1.1-cSD.TlLdzdAS_YzbBl7Pe9rm_qOqHPdWLfLf.CcpXNh4.2h6f3O7Ou8.J0LHJ_2c

Response headers

cf-chl-out
KJKzaNNE6+16NwjNGjRdhTiHZDqgkh8qD/vz8xG+utNHZjJR2alFExY13PsMEPIBZIXL5ZMdvRkniy6yRiaUjIOPeLkPfZ1xDUjlyaME/wER/wuP5mR9I+k=$j9qGtLG/CsGWeKpX
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BnowtVWQabMCOY3yq6OuNgGgeuIJG4xxky6R3PCb8sVzNx1SoG38Ohrm0PVn86FFpmdVTkKNLroCB8DwC%2BPFfZ49pOjUXK1V56N2l6uukRrf8cEtWV3CYVzDo6MKQZUm8LPMQuLmqCMsv%2FeDpJQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f608a409c4cd70d-BNE
server-timing
cfL4;desc="?proto=TCP&rtt=23502&min_rtt=17545&rtt_var=11450&sent=99&recv=52&lost=0&retrans=0&sent_bytes=75861&recv_bytes=10826&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=1559&x=0"
cf-chl-out-s
m5Q+TtyceqHXf2cOwEEF8NOo1wxvPcZJxTx8WjuAjVfttTjThVNkP3w4dRFH1ksyE+Fu5lromGNqqE8YT7ueyAtomjAIOkE+q3xz34WHvPLbvVSQCboFUyjmbkE/QTWOMd5wNEo8K9wUZPNzu0dvfSa9jBtOkoD3maDEomrJPIHuEnkf5M1b4HFaphUZFQbO3D9GqbA+/z6oFteRlI3NoWv9CQCzY6G9EDH9FMhnKn5+nkkY7gpDyKMtCZgFeHGdD43Zo/v1aXGe61ZRKhYznLM0mbFNGBE8DhpVl63lEqbXFum7+MdzZRlUFNVIN1HQ0uAuQ9E9pfRk2tI1Kryp1mXhlBO7MNZi+dyfXNsM+HL4zEQhK9Io$hkM4k0v8NUnPJtZd
date
Sun, 22 Dec 2024 13:43:17 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
Primary Request /
xoilac86z68.live/
8 KB
7 KB
Document
General
Full URL
https://xoilac86z68.live/
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4407372a5bc93a8ee8727d689c44b1673feb403d9a3db301d0331a9922f48a29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://xoilac86z68.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
8cwJi9SXno7eb5viDf506hFjusXkJQcatK6HdS/k4R55ujJcfCNC/bAvwaAnq+bEoYjz/DOmRnJqko0G3YOPQrHEBgDBjoJQ6Z7ExYKI6stpZNtvlZjE/pkln1XUss1BkevJ+8cSPUahT1/gM89Inw==$NKW+aM+OetjKDJv+iQKJyA==
cf-mitigated
challenge
cf-ray
8f608a4d7f16d70d-BNE
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 22 Dec 2024 13:43:19 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bz9IMqFmeN8TBjIVyUdBd%2FRnfogZGmMYMPq0ETFAHt8HPODKbthn%2Ff5I%2FjeM5XO7SHFKuh%2FLuQ%2FBmiiRsn8i7ofN1OYVd5JiXdbC019KAAeaBct1xMGqzU0jeY8ttMRnYJCpmTsI6c7xvUJUz%2BY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=21287&min_rtt=17545&rtt_var=6505&sent=103&recv=57&lost=0&retrans=0&sent_bytes=78550&recv_bytes=10897&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=3612&x=0"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
93 KB
35 KB
Script
General
Full URL
https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a4d7f16d70d
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655a991b6f3790030b4c61e6a0a4835144c6158a5d98cd764bcf466d32502a88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xoilac86z68.live/?__cf_chl_rt_tk=gh_Qo31aHwHdP8XVxSXAdMFZBH.rvGcztGfGKZtG7D8-1734874999-1.0.1.1-eHNClWz5bTxv929Umv.1R6VhBJ5lmDZiDwbafvqUqdU

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vt58g1IL4ItJdhY51LT8LXrvMardAMCbwSCLEWL3UDLA2XMoo8aXic0yHmHM8Jl5owbi4c2JUEnDPyP%2Fw9IkPiS4v%2BKuaS0LIgq2frV3cc0FFRVvmk%2FkiqdnkoyIHRPLxnuA2xTmJT67Azc53iU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f608a4ddf6bd70d-BNE
server-timing
cfL4;desc="?proto=TCP&rtt=19347&min_rtt=17545&rtt_var=2540&sent=110&recv=65&lost=0&retrans=0&sent_bytes=85310&recv_bytes=11118&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=3672&x=0"
date
Sun, 22 Dec 2024 13:43:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
d1cbd3d5-8145-4206-9e7a-090b5cd5a1ad
https://xoilac86z68.live/ Frame
0
0

api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/
47 KB
0
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a4d7f16d70d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xoilac86z68.live
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f608a389e6ea7f3-SYD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 13:43:16 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
xoilac86z68.live/
0
0

de6OXhm0kOIYHnna0LYjblHgDqWnC2ACaDnjQVbHalU-1734874999-1.2.1.1-eyBNnDpV_Kf7Uw..pnDoGF7Z4423e7cYugufmnh8TYs8363f15JpRYVdKsE4QvAV
xoilac86z68.live/cdn-cgi/challenge-platform/h/b/flow/ov1/2131804224:1734873279:c73YvLIRx3qlPlHn8FbrwHroc_mbvQiFdalKrs4i6So/8f608a4d7f16d70d/
13 KB
9 KB
XHR
General
Full URL
https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/flow/ov1/2131804224:1734873279:c73YvLIRx3qlPlHn8FbrwHroc_mbvQiFdalKrs4i6So/8f608a4d7f16d70d/de6OXhm0kOIYHnna0LYjblHgDqWnC2ACaDnjQVbHalU-1734874999-1.2.1.1-eyBNnDpV_Kf7Uw..pnDoGF7Z4423e7cYugufmnh8TYs8363f15JpRYVdKsE4QvAV
Requested by
Host: xoilac86z68.live
URL: https://xoilac86z68.live/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f608a4d7f16d70d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcfd3865a155192af3b14321e0cec065588222ae5cdbb41c02044ca3667a876

Request headers

Referer
https://xoilac86z68.live/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
de6OXhm0kOIYHnna0LYjblHgDqWnC2ACaDnjQVbHalU-1734874999-1.2.1.1-eyBNnDpV_Kf7Uw..pnDoGF7Z4423e7cYugufmnh8TYs8363f15JpRYVdKsE4QvAV

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSivJTeYatfj%2FEF8Twcf1oER3Y0PTzj%2BzeSyu0%2FCibAhWGTjrdOY18V6xU2XBd56lsIGHcNpEO%2Brrz0cVbdS2LbnsxZmixrnZiEE6RHOPZ4nOB0Doj5MMxJIiF4h7BlhCVpEO%2BjlBDpZyAAA4PM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f608a4f1859d70d-BNE
server-timing
cfL4;desc="?proto=TCP&rtt=21259&min_rtt=17545&rtt_var=5816&sent=154&recv=92&lost=0&retrans=0&sent_bytes=127303&recv_bytes=14879&delivery_rate=3412118&cwnd=251&unsent_bytes=0&cid=99f23ef812239a14&ts=3871&x=0"
date
Sun, 22 Dec 2024 13:43:20 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
z/3MtVk0A6w2HlG3sHTIkB9mIvYA9a0irRXbOj5J0ubJej36vdclouGElg/jBtt9NDjzMYdRJ9w=$ot8xD5heNznTbj22
server
cloudflare
4cf5262b-f1ac-49d3-8317-7c98fbed3f4d
https://xoilac86z68.live/ Frame
0
0

/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8im7y/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame A7F0
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8im7y/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f608a4f9cf1a959-SYD
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 13:43:20 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xoilac86z68.live
URL
blob:https://xoilac86z68.live/1a24b819-438f-442f-9a1f-a020d7a4b5f7
Domain
xoilac86z68.live
URL
blob:https://xoilac86z68.live/d66e58aa-954b-4175-b24d-781243e6ba2a
Domain
xoilac86z68.live
URL
blob:https://xoilac86z68.live/d1cbd3d5-8145-4206-9e7a-090b5cd5a1ad
Domain
xoilac86z68.live
URL
https://xoilac86z68.live/favicon.ico
Domain
xoilac86z68.live
URL
blob:https://xoilac86z68.live/4cf5262b-f1ac-49d3-8317-7c98fbed3f4d

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| GVOAr6 function| WXqDk4 function| PmhRk7 function| CScbg6 function| omQod3 function| YHws6 function| Whin0 function| domE8 object| hephn8 object| bOVG4 object| cVGi2 number| VaUI1 object| angular object| qHqZf6 object| turnstile boolean| aRcx2

1 Cookies

Domain/Path Name / Value
xoilac86z68.live/ Name: cf_chl_rc_ni
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://xoilac86z68.live/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xoilac86z68.live/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xoilac86z68.live/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xoilac86z68.live/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN