urlscan.io logo urlscan.io
SecurityTrails logo

5fijxvumu04ziocv.xyz Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://5fijxvumu04ziocv.xyz/
Submission: On December 25 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 5fijxvumu04ziocv.xyz.
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.
This is the only time 5fijxvumu04ziocv.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 188.114.96.3 13335 (CLOUDFLAR...)
1 4.192.73.43 8075 (MICROSOFT...)
2 43.154.91.147 132203 (TENCENT-N...)
1 172.67.146.206 13335 (CLOUDFLAR...)
10 4
Domain Requested by
7 5fijxvumu04ziocv.xyz 1 redirects 5fijxvumu04ziocv.xyz
2 frkoxs.s4pxtjt82spivrbk.xyz 5fijxvumu04ziocv.xyz
1 uthli8sqkn20l4rt.xyz 5fijxvumu04ziocv.xyz
1 hmrh52eh9nz2k8.top 5fijxvumu04ziocv.xyz
10 4

This site contains no links.

Subject Issuer Validity Valid
5fijxvumu04ziocv.xyz
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh
52medhmvvqp51p.top
E5		 2024-12-14 -
2025-03-14		 3 months crt.sh
*.s4pxtjt82spivrbk.xyz
E5		 2024-12-25 -
2025-03-25		 3 months crt.sh
uthli8sqkn20l4rt.xyz
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://5fijxvumu04ziocv.xyz/
Frame ID: 0E40A00E44606067B0B8FC0401C511AC
Requests: 6 HTTP requests in this frame

Frame: https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: B135C2FF1877FBA240B3A0AB39218093
Requests: 2 HTTP requests in this frame

Frame: https://uthli8sqkn20l4rt.xyz/
Frame ID: CBA0FDA3006887D2B32027E9E86BBF24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

38 kB
Transfer

74 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
5fijxvumu04ziocv.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fijxvumu04ziocv.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa5f862eea15766c99c9873d12d3948087a21baa7bd840136f945105700ffc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f7c055fdb1ff5eb-AMS
content-encoding
zstd
content-type
text/html
date
Wed, 25 Dec 2024 21:45:56 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BWdTlVqTYEMD0dr4e7MhTb3%2B1nlSTlJ2vM3VrmjpsAJy%2Fif%2Bp5q2p4Ew%2BWFyiS11mwyjLKTrDoEG%2BsCsaiCW38Ec7A%2F%2Fnh8LF%2B04Rky9s9ZzH0abnT8RRvM%2FntGViMitxl%2F5Ixu8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13618&min_rtt=13378&rtt_var=2350&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4150&recv_bytes=4490&delivery_rate=717&cwnd=12000&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=427&x=1" cfExtPri cfHdrFlush;dur=0
crypto-js.min.js
5fijxvumu04ziocv.xyz/static/cdn/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5fijxvumu04ziocv.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: 5fijxvumu04ziocv.xyz
URL: https://5fijxvumu04ziocv.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://5fijxvumu04ziocv.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbxuuFBaVddW8KY9NZ0N6tnt9oW6Vgqjy2bfyrkdp3G7Il5yhmZ1dIQ3cG37smu%2F9aAbInKuK2SycLsXIjmS003D1IanGlxfurhE55UuaEyO4mvhJsrMhzhN6YLxd%2FcvAh9n6DERng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7c05628e57f5eb-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13632&min_rtt=13294&rtt_var=703&sent=20&recv=16&lost=0&retrans=0&sent_bytes=11009&recv_bytes=5295&delivery_rate=11274&cwnd=12000&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=1262&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 21:45:57 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
iframe.js
5fijxvumu04ziocv.xyz/static/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5fijxvumu04ziocv.xyz/static/js/iframe.js?t=202409101529
Requested by
Host: 5fijxvumu04ziocv.xyz
URL: https://5fijxvumu04ziocv.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166d01f8aeab337307b72d120ee2c44e1d30de85aaeb722f26b56c6fc5621a19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://5fijxvumu04ziocv.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-2b62"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOVEpvnQF8JBvkeKxUctYCovM4QG2cHbHy85HLzyDAnYkVFLzvmzekNuZD%2Fe0s%2BLLMN78BtgjihAfxV4CFTgY5uH4a4dEsC8Fy%2FVCAF%2FHsbhdTOmv15fuBaHgQb7%2F93C02C1Z%2BsS9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7c05628e59f5eb-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13593&min_rtt=13294&rtt_var=1413&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6037&recv_bytes=5165&delivery_rate=140204&cwnd=12000&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=875&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 21:45:57 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
/
hmrh52eh9nz2k8.top/ 		231 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: 5fijxvumu04ziocv.xyz
URL: https://5fijxvumu04ziocv.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
24158bf3d0147a4fc41689b02a566e210ce38a5b8c04cb657ceafff0fab83bcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://5fijxvumu04ziocv.xyz/

Response headers

Etag
"ef8cf450b05c9ca2966172ee0f3675c8"
Age
25
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
f1b8af17aa47b1e520f202c1a2fa854a
Date
Wed, 25 Dec 2024 21:45:58 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Wed, 25 Dec 2024 20:34:09 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE6-CACHE3[2],EA-HKG-EDGE6-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE9[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,2]
X-Amz-Request-Id
00000193FF872525901444161E78880A
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
231
Server
openresty
main.js
5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame B135
Redirect Chain
  • https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae5423ac7fd17cbe2a1ab0e6e8f1af6e4f624b19cf1ebab5a004745c3a946a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndaxyWk1Cuwh%2FEhp650hXV1Baom3r4hJYuZsll4z3DPt95Sru%2FjQopQyO1%2BOY7xoHYYr51ceTOlqG6xHprGdXFSAkAv%2Fu115gsHnxtObpcbqbRftS8SDfZfHSmnNQSr1uznNYRO%2B0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f7c05681d22f5eb-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14246&min_rtt=13294&rtt_var=1497&sent=41&recv=27&lost=0&retrans=0&sent_bytes=30074&recv_bytes=6569&delivery_rate=35155&cwnd=22800&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=1341&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 21:45:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYasw4Jqo2BToh0QuMcpvp%2BKW7VS4lP8mDd3BNcgPdR%2F%2B0lEdrwuC9z%2BTbtJj4ldgFcYEhfYIU%2FcnuhxmL2JdD1D6Tt9V8DXQ6ev41yW2Y%2FEpYfIJjEVSrDHJGWt%2F0iwtVra7jrPFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7c0567fcedf5eb-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=13569&min_rtt=13294&rtt_var=190&sent=39&recv=26&lost=0&retrans=0&sent_bytes=29316&recv_bytes=6275&delivery_rate=491736&cwnd=22800&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=1319&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 21:45:57 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
5fijxvumu04ziocv.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://5fijxvumu04ziocv.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://5fijxvumu04ziocv.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhkx9qGBOteNv74HZFqDjp8whU1%2B3j9VDBjt4BvbMgdDgx9afowQS5cmRccSuHYeGHnozjzmpU%2FwGS0rNT29F1WSjQcNffUgSZAn0RMXt%2FwxhEccD%2F9yk%2BNd%2F42jsBvptCmcLeiFuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7c0567fcf1f5eb-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14010&min_rtt=13294&rtt_var=808&sent=58&recv=46&lost=0&retrans=0&sent_bytes=36574&recv_bytes=23951&delivery_rate=13300&cwnd=22800&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=1734&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 25 Dec 2024 21:45:58 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i
8f7c055fdb1ff5eb
5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B135 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8f7c055fdb1ff5eb
Requested by
Host: 5fijxvumu04ziocv.xyz
URL: https://5fijxvumu04ziocv.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwVI%2Bcu%2FoMnv77sUL8x0NIgpt3dUHdaP1r%2BRLPt7wY50KCYPbTY7atI7kfxb521Gv5IfWqJ%2BWRTxFNwaWRX%2F86VocaZra5q1lJkehIRmW1Cso92Jz7n%2BuzE6o89%2FvKQiT6JIKQgBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f7c05689db5f5eb-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14083&min_rtt=13294&rtt_var=884&sent=56&recv=45&lost=0&retrans=0&sent_bytes=35337&recv_bytes=23908&delivery_rate=256435&cwnd=22800&unsent_bytes=0&cid=8b29eb0d8a814d3f&ts=1496&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Wed, 25 Dec 2024 21:45:57 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
request
frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/request
Requested by
Host: 5fijxvumu04ziocv.xyz
URL: https://5fijxvumu04ziocv.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.154.91.147 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
a2e99453881f58a2b23f67b2cf16198cc415ad6970f860cf714d234f6a9b341c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://5fijxvumu04ziocv.xyz/

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
cf-cache-status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1c78MpxCwGD9dP99iLjWilii172e5Qgt2wUNmBFnQHbl1c5ipKAPvZUXN54B0QnkBMs%2FhwYXQjmSIkOlxDLU1nNAK2I3bQKeC3S70a8PF061qWXpzVOzdrsLkH%2Biu45cD%2BtOvu2uyc%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f7c057268e9dda3-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41135
server-timing
cfL4;desc="?proto=TCP&rtt=1280&min_rtt=1280&rtt_var=640&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=655&delivery_rate=0&cwnd=138&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Wed, 25 Dec 2024 21:45:59 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.154.91.147 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://5fijxvumu04ziocv.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-RAY
8f7c056f1b770f10-HKG
Connection
keep-alive
Content-Length
0
Date
Wed, 25 Dec 2024 21:45:58 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHfZH3zdA98Hp4suSjBqHm56js88mQSw0AnHApgAGwDVZIIwW993j9m9k64bXH67L8%2FJLrddp%2F1rpQHXRjjpQ3pNXRFfIR5CQxMSAwD7TQ%2FREhAjVzORd1iYdB2dYeQy0HS5M52b33U%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
server-timing
cfL4;desc="?proto=TCP&rtt=1044&min_rtt=1044&rtt_var=522&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=593&delivery_rate=0&cwnd=106&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
/
uthli8sqkn20l4rt.xyz/ Frame CBA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uthli8sqkn20l4rt.xyz/
Requested by
Host: 5fijxvumu04ziocv.xyz
URL: https://5fijxvumu04ziocv.xyz/static/js/iframe.js?t=202409101529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://5fijxvumu04ziocv.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f7c05736f80f5b0-AMS
content-encoding
zstd
content-type
text/html
date
Wed, 25 Dec 2024 21:46:00 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWXzPFy0yLswIYRtsLD9brdqTvFSa%2B1xqBF7xvt8HVWOC%2BCcu3YyE5HrnzBmDPG1HyTClkAFGOXrsuTHl5EAYiqWZrKpqinjWzxTkYT6IQT%2BdCg5G05VKRb%2FlLQSyQ41N%2BF7Bqz4Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13599&min_rtt=13505&rtt_var=2195&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4184&recv_bytes=4501&delivery_rate=725&cwnd=12000&unsent_bytes=0&cid=a1ae74f38203228f&ts=437&x=1" cfExtPri cfHdrFlush;dur=0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CryptoJS function| getApiUrlSync object| publicKey function| getDomain function| handleEncrypt function| handleDecrypt function| fromCode boolean| connect number| resetNum object| urls number| urlIndex function| getconfigDown

2 Cookies

Domain/Path Name / Value
.5fijxvumu04ziocv.xyz/ Name: cf_clearance
Value: 5ntYYJ5Qck0LbiXLAiNGcqIoSoPiwH2KHnsbrwULC_k-1735163157-1.2.1.1-CNmCvfXL3vMPt.2Pq_ZWSXlZd.wYim3cGwHWM0ODUbnekfb1M4qx79BPOf0pS_YcsMe5DMbACSFLwnfyCE0K2d.0Coq01wc_F6Gq0L6SkGo8F0Rl5ddRIyY3Q6jTWZJIgkj5mgC9awmwY9ZQBvr9vbx2L21QRUlC9SSgwxeaz5wLFrRAztxe32WgK6Kh5vixP.kCySL6qYQkfthwqBJkmbxEIbhfQITUoBt351gICkLRiHANrqmYwfBecZ3ihf5VCFgdNeMTLboEMARVEp8vsh6qN_Rj.kupm4Teki0weHcr0CYxXjACs6gNDWx5AB8EwSWNCiIhCvZvEdizMUGi2gqry.fgjfEVMxWiFY7wKbwFtk8JgpLXQUmbIpQ_VJ0M
.uthli8sqkn20l4rt.xyz/ Name: cf_clearance
Value: bSCy7IEaGcXc_T_nghlS4Z3H1LN3Qed9d7QpkPq3X1E-1735163160-1.2.1.1-JDj0jAWH0eBGKR0sDdc_BRuiSpsF8KslmvGNztFtttKiTLxAfcphzi8vY70qJl3O0ZZ7IjQS5SUXl6VcWwOuz43iGiGhmmxNfXzoxpB4ZEu73qFo3_q9UL7jux5SqsINALLwqY4jqeeTmwd.9tWgzELtHu78JqmAPseG57OF3Ti8nG36HvWJGkwkETqUGv4EBMkJW1cfw3OfkX6wWGbzQI.stX2eI0e_ODVPSVA7zxwl1MAXnMuodSIs.QYgT56YCLF6Qi55pcHZXVryKsxcGfU6JxwPMUJ3motmBAijCWJgiqvVuwO6i3q3BSxznzzqMJW.F4Rbavd4SF.Qc9_YGK2p10phRbzR3WR3xs8mjFWZAkZ7zIS2TJ485QrX.Tz2