urlscan.io logo urlscan.io
SecurityTrails logo

byuxxktl8wi14ga.xyz Open in urlscan Pro
172.67.154.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://6k07xgr2lfz048.xyz/
Effective URL: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Submission: On December 10 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 172.67.154.1, located in United States and belongs to CLOUDFLARENET, US. The main domain is byuxxktl8wi14ga.xyz.
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.
This is the only time byuxxktl8wi14ga.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 188.114.97.3 13335 (CLOUDFLAR...)
2 4.192.73.43 8075 (MICROSOFT...)
2 119.28.76.122 132203 (TENCENT-N...)
1 10 172.67.154.1 13335 (CLOUDFLAR...)
2 43.154.97.193 132203 (TENCENT-N...)
25 6
10    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
6k07xgr2lfz048.xyz
2    4.192.73.43 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hmrh52eh9nz2k8.top
2    119.28.76.122 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
qcgikw.qivtpwt9m2r6zfs.xyz
10    172.67.154.1 (United States)

ASN13335 (CLOUDFLARENET, US)
byuxxktl8wi14ga.xyz
2    43.154.97.193 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
qcgikw.qivtpwt9m2r6zfs.xyz
Domain Requested by
10 byuxxktl8wi14ga.xyz 1 redirects 6k07xgr2lfz048.xyz
byuxxktl8wi14ga.xyz
10 6k07xgr2lfz048.xyz 1 redirects 6k07xgr2lfz048.xyz
4 qcgikw.qivtpwt9m2r6zfs.xyz 6k07xgr2lfz048.xyz
byuxxktl8wi14ga.xyz
2 hmrh52eh9nz2k8.top 6k07xgr2lfz048.xyz
byuxxktl8wi14ga.xyz
0 21k25sfgdepfwgp.xyz Failed byuxxktl8wi14ga.xyz
25 5

This site contains no links.

Subject Issuer Validity Valid
6k07xgr2lfz048.xyz
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
52medhmvvqp51p.top
E6		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.qivtpwt9m2r6zfs.xyz
E6		 2024-12-09 -
2025-03-09		 3 months crt.sh
byuxxktl8wi14ga.xyz
WE1		 2024-11-27 -
2025-02-25		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Frame ID: 306F05C29DFA5B102C2DFD373F6E7012
Requests: 18 HTTP requests in this frame

Frame: https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 4C122C6656CB7B998205071C36D25111
Requests: 2 HTTP requests in this frame

Frame: https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: A5B15A934ED751159B5E6EDD3EC87889
Requests: 2 HTTP requests in this frame

Frame: https://21k25sfgdepfwgp.xyz/?domain=6k07xgr2lfz048.xyz
Frame ID: 35E45D675DF74FB2EDEB6CEE4D1CDBD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://6k07xgr2lfz048.xyz/ HTTP 307
    https://6k07xgr2lfz048.xyz/ Page URL
  2. https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

25
Requests

88 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

692 kB
Transfer

2296 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://6k07xgr2lfz048.xyz/ HTTP 307
    https://6k07xgr2lfz048.xyz/ Page URL
  2. https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://6k07xgr2lfz048.xyz/ HTTP 307
  • https://6k07xgr2lfz048.xyz/
Request Chain 9
  • https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Request Chain 20
  • https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
6k07xgr2lfz048.xyz/
Redirect Chain
  • http://6k07xgr2lfz048.xyz/
  • https://6k07xgr2lfz048.xyz/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1241228a3558b938e80402ef8b29a847b7b6e8ce1a1b7b46fc38fc19c51360

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8effaecccd85c7e1-DUS
content-encoding
zstd
content-type
text/html
date
Tue, 10 Dec 2024 19:36:16 GMT
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOF9Mqw9F7kPnxIxsE2iyQxe7hr4CX%2Fz9bRLDr5osBBvwohblizeV%2B%2BpRBJrqFUe7H13kQw22itoivqK6oLJ2ZEfAOmpYxfxFXQIWl6QbKQqUkYsFHT%2BXJdg0LecuuxtvNRZPSg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=19897&min_rtt=18397&rtt_var=3953&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4485&delivery_rate=606&cwnd=12000&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=441&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

Location
https://6k07xgr2lfz048.xyz/
Non-Authoritative-Reason
HttpsUpgrades
chunk-vendors.css
6k07xgr2lfz048.xyz/static/20241017204656/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/static/20241017204656/css/chunk-vendors.css
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-2da4c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fW88sZ%2BFvKIdTJKZC7QKuSO8oN79RX1qj3oHExyhYdm8uEFx%2BcoBlMJ%2FKFn4Qh409BcVvuCrLRhX18x%2FgN%2FqT%2F2BJRf36IpWNvR6owUUWgEwNTDD4kSRODUNwFa8ThrPqhHoNZQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaecf9948c7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19603&min_rtt=18209&rtt_var=1937&sent=31&recv=24&lost=0&retrans=0&sent_bytes=23167&recv_bytes=6470&delivery_rate=620104&cwnd=12000&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=1279&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:17 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
share_301.css
6k07xgr2lfz048.xyz/static/20241017204656/css/ 		149 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/static/20241017204656/css/share_301.css
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f875c04fd04a47b543c1027cac0c21629c6e789c0e4af50fd5d3d85280b2479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-95"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2B9vJVfVH%2FckoXKatlrgnaRLif4CfZIpRi6ReZnoIql7CW3QamLUV4RuvDrcAxRqIMWk5xE74cpCMMkB9KDoDfgtOYeVUQfuKx0IpecNVKdYJUxtL1GWItWiV43Y5y17jlpWGGQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaecf994dc7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19686&min_rtt=18209&rtt_var=3387&sent=19&recv=16&lost=0&retrans=0&sent_bytes=10261&recv_bytes=6126&delivery_rate=93303&cwnd=12000&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=900&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:16 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
chunk-vendors.js
6k07xgr2lfz048.xyz/static/20241017204656/js/ 		909 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/static/20241017204656/js/chunk-vendors.js
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-e3513"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyUxy0RN1ZtWJf2O2Xb3%2B4Ogq2vb%2BNqqNnwFCd6HBN%2BecFfYCBzSa9QUmK41xh5Vf81xk3GYZOZE8IB5QAXPAE3rKZ4afC%2FxOt1aGOa8R3or8nD0zjZIHIawzCdkQGl04X%2BZFUQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaecf994fc7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19603&min_rtt=18209&rtt_var=1937&sent=30&recv=24&lost=0&retrans=0&sent_bytes=22466&recv_bytes=6470&delivery_rate=620104&cwnd=12000&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=1268&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:17 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
share_301.js
6k07xgr2lfz048.xyz/static/20241017204656/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/static/20241017204656/js/share_301.js
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5391714d246bb1e38fedde92f9812017a8b9270c786246afe1f2c3291013360d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-7631"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQ9sbcQ%2F0%2FlwCgR%2FpRtE%2BlbE1ywrE8v1rpuYitdrEfR%2FiJoEjUHp%2BtyoDJqrL9SYf3rEV01PwMvgFFxZZkGpKbkJ1nkgnZdMqlO%2B%2Fyg03qebmVyX1gd0QLUIoHtG2hGEVs9b2xs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaecf9952c7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20588&min_rtt=18209&rtt_var=3724&sent=20&recv=19&lost=0&retrans=0&sent_bytes=11094&recv_bytes=6255&delivery_rate=12249&cwnd=12000&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=1085&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:17 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
jsjiami.js
6k07xgr2lfz048.xyz/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/static/cdn/js/jsjiami.js
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-260b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1VeU7Z80nuaT4noPceMQZMGqAJSoLhBZTG%2BFItXnJOkmxjOoz0gsOmoSQozVhxIrmsNEz9knRmcXyB5yaTznHstghaFq2StEPmHaY3GDYhh47XuhifiGwYQsilZREQV2FphCh8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaecf9953c7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19686&min_rtt=18209&rtt_var=3387&sent=14&recv=16&lost=0&retrans=0&sent_bytes=5861&recv_bytes=6126&delivery_rate=93303&cwnd=12000&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=890&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:16 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
/
hmrh52eh9nz2k8.top/ 		231 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/static/20241017204656/js/share_301.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
fcc248ac24cdad5fe9351809b7a87c40dbee1ae032b902f47b08f46a73da1706

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

Etag
"a9d43eca375d8b11d95b865fd2d63abe"
Age
13
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
a79f0f24ae0e4cde394f882742d5160b
Date
Tue, 10 Dec 2024 19:36:18 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Tue, 10 Dec 2024 17:46:50 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE6-CACHE3[2],EA-HKG-EDGE6-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE9[119],EA-HKG-GLOBAL1-CACHE23[114,TCP_MISS,117]
X-Amz-Request-Id
00000193B1AEF6A8901444A0EA9F1EEC
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
231
Server
openresty
request
qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
119.28.76.122 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://6k07xgr2lfz048.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Tue, 10 Dec 2024 19:36:19 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zuul:prod:8800
request
qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/request
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/static/20241017204656/js/chunk-vendors.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
119.28.76.122 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://6k07xgr2lfz048.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zuul:prod:8800
Date
Tue, 10 Dec 2024 19:36:19 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
main.js
6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 4C12
Redirect Chain
  • https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7c1a3cf713edebc35967d693ca0e468f9826ea853e3b59130d45b7fa5cf596
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZ9AcocWIE3%2F3usbLF5%2FILrTjNadXgl0jXmM8hJKMZssXnxmbQUrml7t2xbniuqlozEl%2FWwIK1s76oBpx6O4P0gUgOYmpRbhS7Zemgx1DQQtX1cNytjJEuxjRDTf0Z1NuJGev0M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8effaee00d8fc7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37949&min_rtt=18209&rtt_var=10661&sent=314&recv=89&lost=0&retrans=0&sent_bytes=352509&recv_bytes=10137&delivery_rate=28082&cwnd=77100&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=3115&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qd66HbP60BkqU4OkfN3laNjxRAZMOxe%2FKx8sP7KJFu6gsqqVxkgLKGETlTCNYbntCx1i3oauyxZJXMBxo%2FNOsoy4xJn6Vu5l%2FKw4yBktUasyem3vR4On7IvY2K03rauEjlPwqt4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaedfdd58c7e1-DUS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=40759&min_rtt=18209&rtt_var=6723&sent=312&recv=88&lost=0&retrans=0&sent_bytes=351755&recv_bytes=9844&delivery_rate=1429331&cwnd=77100&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=3086&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:19 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
6k07xgr2lfz048.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://6k07xgr2lfz048.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccZ0h9BJhMuq5Izuqg0sBH1v8GmQZMKScobBIB2sGHmNkBXsL3p41a6kP5S9Aj93mUqRoCS3R7moQdqKqn7FuZSCpPmjPNby0CgodfHEw8VxyOm3JeZpNrJDlFjX9gErJo4u4zQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaedfdd5dc7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33364&min_rtt=18209&rtt_var=13951&sent=324&recv=106&lost=0&retrans=0&sent_bytes=358825&recv_bytes=27439&delivery_rate=32695&cwnd=77100&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=3497&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:19 GMT
content-type
image/x-icon
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i
8effaecccd85c7e1
6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4C12 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8effaecccd85c7e1
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4pSQpAw94hblF%2BYR8D0xMqWeq9gZa3lUWFli1t4lFYpvhDo7ql7azb1XQXeKJM4fv58QwO123fzZ%2FUyBTw93mAvEWaVf0dQomDQ5I9D0i1%2B5nHCkJ19%2BOxFhs4yoikOTheJiHOI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaee07e09c7e1-DUS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35520&min_rtt=18209&rtt_var=12855&sent=322&recv=105&lost=0&retrans=0&sent_bytes=357598&recv_bytes=27394&delivery_rate=155653&cwnd=77100&unsent_bytes=0&cid=10f4f46bbed71dbe&ts=3190&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 10 Dec 2024 19:36:19 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
byuxxktl8wi14ga.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Requested by
Host: 6k07xgr2lfz048.xyz
URL: https://6k07xgr2lfz048.xyz/static/20241017204656/js/share_301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114b419b34bb871f986efdee9730f18599165e9cd7394dc95c28b6d00f9755b5

Request headers

Referer
https://6k07xgr2lfz048.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8effaee6193f65dd-FRA
content-encoding
zstd
content-type
text/html
date
Tue, 10 Dec 2024 19:36:20 GMT
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3EsTazyNt0KBd5A3y9igF5bhHFcqa3Kn1QqCdei%2FT2zbbOx%2B1ly5VSx2OW3NlaJk%2FyWpwFC%2BJm%2B2OV6TKVez9qcKypMh%2FQY18O3od%2FfEsnteIb%2FiMnkQ4CqoeC4%2FKmP6qaRCizt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=19204&min_rtt=19050&rtt_var=3137&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4526&delivery_rate=632&cwnd=12000&unsent_bytes=0&cid=72f8114bf6e1012b&ts=410&x=1" cfExtPri cfHdrFlush;dur=0
chunk-vendors.css
byuxxktl8wi14ga.xyz/static/20241017204656/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/static/20241017204656/css/chunk-vendors.css
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67110986-2da4c"
age
4672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFrbmhfB4mMHAfdeeUGPQA91ppjpZ959G1KX0Fn8kdJae4UmpA2GYC7CwyWPTVhzaW1ZJuIy%2BMZ5QC%2FK7WHFRnpiVaUZ46%2FxLpD%2FYb3mC%2BdfY4Lx4h%2BFruekPIXZ4gffg70xOJLM"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19232&min_rtt=19050&rtt_var=1807&sent=17&recv=16&lost=0&retrans=0&sent_bytes=7538&recv_bytes=6280&delivery_rate=92173&cwnd=12000&unsent_bytes=0&cid=72f8114bf6e1012b&ts=456&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:20 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8effaee89c2b65dd-FRA
server
cloudflare
iframe.css
byuxxktl8wi14ga.xyz/static/20241017204656/css/ 		218 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/static/20241017204656/css/iframe.css
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d879d2b39e94be47a92f6f14497900cc4166c25b1975d78b9d60f81af8aaad3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67110986-da"
age
4672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fi7Zkm1gqQP4JW3%2Bh9UGva%2FD%2FiTwoS%2BjJPdFUFeuBNe%2B6ufyTcRYVjj7P9OPKVtZU%2FvHQABhlH%2BcY05Sh0b6CKhM95pYcK9xJpGDhE3UXf5iwUTVyuIf%2Ff9SZurFJV21kI5Tz%2F%2Bl"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19232&min_rtt=19050&rtt_var=1807&sent=15&recv=16&lost=0&retrans=0&sent_bytes=5952&recv_bytes=6280&delivery_rate=92173&cwnd=12000&unsent_bytes=0&cid=72f8114bf6e1012b&ts=453&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:20 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8effaee89c2e65dd-FRA
server
cloudflare
chunk-vendors.js
byuxxktl8wi14ga.xyz/static/20241017204656/js/ 		909 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/static/20241017204656/js/chunk-vendors.js
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67110986-e3513"
age
4672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8w0Y626iXzHhXfutA1tXs9N4G8Hwkzsn2WTc16Gyq6%2Bexin06gCzMYcpqpOPQ9%2B7rg98k3TlxQkrl30k1FZrdFQ4eVG%2B7fULCHd7gVESpr6Hrunf9o55TVo8PXUHzIKVzKxszdT"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19232&min_rtt=19050&rtt_var=1807&sent=16&recv=16&lost=0&retrans=0&sent_bytes=6843&recv_bytes=6280&delivery_rate=92173&cwnd=12000&unsent_bytes=0&cid=72f8114bf6e1012b&ts=455&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:20 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8effaee89c2f65dd-FRA
server
cloudflare
iframe.js
byuxxktl8wi14ga.xyz/static/20241017204656/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/static/20241017204656/js/iframe.js
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce59445094e5cc09076e94d53854eacd071b9157969420604d64f674572ca208

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67110986-796f"
age
4672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lX3ZeXNnYbSAa08INWEg5QQnso7tYywnAGkdgkJkAEEE1HztYA4oWuxd%2FZKAlw4qZi8IzAh%2ByuJ5NYa0fKBVEVBTeLebOzQu3QdsjLRQ53ZjVA3lKzdpgfg7OCKLDdDZyBy0RppR"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19232&min_rtt=19050&rtt_var=1807&sent=27&recv=16&lost=0&retrans=0&sent_bytes=17952&recv_bytes=6280&delivery_rate=92173&cwnd=12000&unsent_bytes=0&cid=72f8114bf6e1012b&ts=468&x=1", cfExtPri, cfHdrFlush;dur=6
date
Tue, 10 Dec 2024 19:36:20 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8effaee89c3265dd-FRA
server
cloudflare
jsjiami.js
byuxxktl8wi14ga.xyz/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/static/cdn/js/jsjiami.js
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67110986-260b"
age
4672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XmoAbmq2M2ElFJj5aIjIwd9K2lqs1I%2Ff8kw7S5EiTLIv%2BDAdRUZapSGz8R4qmUKw2W3%2BA%2Fv4Vy2Xk23rU3IkW6GoGHwOqhLb9W6%2BrTbMUwzwJNm%2FcBiyZJqQMSYY1li0db0bYK1"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19232&min_rtt=19050&rtt_var=1807&sent=27&recv=16&lost=0&retrans=0&sent_bytes=17952&recv_bytes=6280&delivery_rate=92173&cwnd=12000&unsent_bytes=0&cid=72f8114bf6e1012b&ts=472&x=1", cfExtPri, cfHdrFlush;dur=4
date
Tue, 10 Dec 2024 19:36:20 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8effaee89c3465dd-FRA
server
cloudflare
/
hmrh52eh9nz2k8.top/ 		231 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/static/20241017204656/js/iframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
fcc248ac24cdad5fe9351809b7a87c40dbee1ae032b902f47b08f46a73da1706

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/

Response headers

Etag
"a9d43eca375d8b11d95b865fd2d63abe"
Age
54
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
f73e820758ad69157aa7d312311ee9ca
Date
Tue, 10 Dec 2024 19:36:21 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Tue, 10 Dec 2024 17:46:50 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE2-CACHE3[3],EA-HKG-EDGE2-CACHE1[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE21[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,2]
X-Amz-Request-Id
00000193B1AEF6A8901444A0EA9F1EEC
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
231
Server
openresty
request
qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.154.97.193 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://byuxxktl8wi14ga.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8effaef1a9f28594-HKG
Connection
keep-alive
Date
Tue, 10 Dec 2024 19:36:22 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8800
request
qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qcgikw.qivtpwt9m2r6zfs.xyz/fast-endecode/main/request
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/static/20241017204656/js/chunk-vendors.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.154.97.193 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
bf321bac472607d45426b08e1588faed2350960a50a0aebdfac3480fd11f918b

Request headers

Referer
https://byuxxktl8wi14ga.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
CF-RAY
8effaef35f0a8b59-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8800
Date
Tue, 10 Dec 2024 19:36:22 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
main.js
byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame A5B1
Redirect Chain
  • https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4448d0f126feee8e929ff5b34377107c13d93e2e66f478f9475fc1bff05d3079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psuUkJH3%2FIR0IrG8MiPU5JnOw%2B59ywhO0vlpmmTETmRnk%2BvyAI0hnDOytEcQ92llmwGThBXLCQ%2FWlF4E123S9si2hHk2senc5NIwPwdbnMW%2BH8W%2F0csXaJeCAqO6jYasPhDukw2c"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8effaeedca9965dd-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19857&min_rtt=18997&rtt_var=545&sent=324&recv=87&lost=0&retrans=0&sent_bytes=357824&recv_bytes=10234&delivery_rate=201642&cwnd=177600&unsent_bytes=0&cid=72f8114bf6e1012b&ts=1272&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99%2FQFqxwPacAdHjVPR%2BL4mrzJyljVU%2BzzAR1P9FyOGNJLlbKUdaotH5BuCjO78JQViI%2BZSus3yJWKKhYblpjH0GZcaOhcVFJKN5YdTzvx1fUFRsFwldTyo6MI8iWLUaHTctLoicj"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaeed9a6b65dd-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=19983&min_rtt=18997&rtt_var=610&sent=317&recv=85&lost=0&retrans=0&sent_bytes=352486&recv_bytes=9895&delivery_rate=6533731&cwnd=177600&unsent_bytes=0&cid=72f8114bf6e1012b&ts=1238&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:21 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
byuxxktl8wi14ga.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://byuxxktl8wi14ga.xyz/?domain=6k07xgr2lfz048.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67110986-eb0"
age
4662
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mH8UMXiYyj3PJG2fOnEUAu4QvbJBrhQv3BCHXNfP840ClhK5mp45HxZqaxSIajeXdsT6tUwur6SSx%2FCqaL8Z7ascJKA6%2BKMsRfVm5v1BSrpBZpBqXgGFkA%2FnmrAk50kayLfu7lNz"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19983&min_rtt=18997&rtt_var=610&sent=318&recv=85&lost=0&retrans=0&sent_bytes=353215&recv_bytes=9895&delivery_rate=6533731&cwnd=177600&unsent_bytes=0&cid=72f8114bf6e1012b&ts=1244&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 19:36:21 GMT
content-type
image/x-icon
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8effaeed9a6f65dd-FRA
server
cloudflare
8effaee6193f65dd
byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A5B1 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8effaee6193f65dd
Requested by
Host: byuxxktl8wi14ga.xyz
URL: https://byuxxktl8wi14ga.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BfSHIVCYaIDVH2eoxgkCLxsb1SNrKTS1CFhHgnBG82zXO9PuWmTod9xSkOtp4PO4sgMwjJxisjZ1s%2Bf%2BDO06RA6mpWolhzlCad3VcGmINfq2c8AdROGS7v%2BbNzuxxcWzpR%2B9a0E"}],"group":"cf-nel","max_age":604800}
cf-ray
8effaeee3b1b65dd-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19807&min_rtt=18997&rtt_var=508&sent=336&recv=103&lost=0&retrans=0&sent_bytes=363005&recv_bytes=27530&delivery_rate=202612&cwnd=177600&unsent_bytes=0&cid=72f8114bf6e1012b&ts=1353&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 10 Dec 2024 19:36:21 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
/
21k25sfgdepfwgp.xyz/ Frame 35E4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
21k25sfgdepfwgp.xyz
URL
https://21k25sfgdepfwgp.xyz/?domain=6k07xgr2lfz048.xyz

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| encode_version string| fhljt object| __0x10133b function| _0x2379 function| isConsoleOpen function| a0_0x33be function| a0_0x1077 function| a0_0x3afc48 object| webpackJsonp function| a1_0x430c function| _0x31f837 function| a1_0x5b86 object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

2 Cookies

Domain/Path Name / Value
.6k07xgr2lfz048.xyz/ Name: cf_clearance
Value: wqGYHQjsq7s7XrvJgbKfg2jMZomafS678Kz4K_7cT0A-1733859379-1.2.1.1-iZ7YEfFclM.EzgX1.Pp9ydkrUCtfhSq5QqGnfyyT0bnBgAWsfmzrg8TsxPn.QHnNbrGvE629cmwJPagGRfw.X4f4XU1.RKv3SJOS.aTKJLAU1J9E_mgxcrGqJ7_tMvKtJD730YTBNXkuylpJ8UaiQ6Pglp8Mg8KwXKLhq5Efj_VDN6xHKojLXSgddgFTTr_RlyScvi_5ei7Wp4aR_hAbEMTriJNB5WGItrQwMfwU3iLChDJi8caYw7blpZJet9qK7WlRzPGV4yv9VksrJaM.JmQFFMivL4EzZ5GLc1QZ.4HkShkDfTBJ5t4hEhj9gQWtkVLUisjghD3gx.U803nlpwys9rcdfkfXu4rYyG6ht2bx8D3q.RyVV9OEZTn1GojH
.byuxxktl8wi14ga.xyz/ Name: cf_clearance
Value: PQ6E0qOdGHLyWt7uNaWUlfkz8QQ7QEoiPeozQHbe89Q-1733859381-1.2.1.1-1U9oiQlSkF5_QxKeSSRUXKXFD6dncAhBgGBdmyvUvrq03SXVBQBKWcnS5uGcRfawBRwseg2IpkgcW2kgxf7lqMhYRx0atoaaMErq36Y3iaXqjN7BPOHAIUdO1cW2sS4L65nGnPPjZstTyIwLRiqsnCWfmtDkIOBPqB.FwXNlOJ8GiYK0pVJP42HZGOm324pgVggZDk6IPs_ond6wEL2A86W4dYbo7Fq.7LXFLC2lzLYAQBu81G.aT1F4uInLH3wVXrCkCcMd4W32Ap7LI_gzMiOnEx6bCeRz64M1XF1J00HVPn2vbpLuEVp92CCyB1YpFKVQQisx6Bzf8TVYXzWFEJuJQU9maOEvm7m0chECYr34c3c5X7TlYPVjJxpv5yF1