urlscan.io logo urlscan.io
SecurityTrails logo

q753yu1znl2aj.xyz Open in urlscan Pro
104.21.80.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gkcqvwfv1vzaec.xyz/
Effective URL: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Submission Tags: falconsandbox
Submission: On December 12 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 104.21.80.1, located in and belongs to CLOUDFLARENET, US. The main domain is q753yu1znl2aj.xyz.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time q753yu1znl2aj.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 172.67.189.251 13335 (CLOUDFLAR...)
2 4.192.73.43 8075 (MICROSOFT...)
2 43.135.21.38 132203 (TENCENT-N...)
1 10 104.21.80.1 13335 (CLOUDFLAR...)
1 101.32.183.62 132203 (TENCENT-N...)
26 6
10    172.67.189.251 (United States)

ASN13335 (CLOUDFLARENET, US)
gkcqvwfv1vzaec.xyz
2    4.192.73.43 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hmrh52eh9nz2k8.top
2    43.135.21.38 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
vzslez.84rsbmskv3iti.xyz
10    104.21.80.1 (None, )

ASN13335 (CLOUDFLARENET, US)
q753yu1znl2aj.xyz
1    101.32.183.62 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
vzslez.84rsbmskv3iti.xyz
Domain Requested by
10 q753yu1znl2aj.xyz 1 redirects gkcqvwfv1vzaec.xyz
q753yu1znl2aj.xyz
10 gkcqvwfv1vzaec.xyz 1 redirects gkcqvwfv1vzaec.xyz
3 vzslez.84rsbmskv3iti.xyz gkcqvwfv1vzaec.xyz
q753yu1znl2aj.xyz
2 hmrh52eh9nz2k8.top gkcqvwfv1vzaec.xyz
q753yu1znl2aj.xyz
0 vzslez.gnfkmjblm3h9f.xyz Failed q753yu1znl2aj.xyz
26 5

This site contains no links.

Subject Issuer Validity Valid
gkcqvwfv1vzaec.xyz
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
52medhmvvqp51p.top
E6		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.84rsbmskv3iti.xyz
E5		 2024-12-12 -
2025-03-12		 3 months crt.sh
q753yu1znl2aj.xyz
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Frame ID: BA23A472B5E65253B1E1C93E058ED86D
Requests: 19 HTTP requests in this frame

Frame: https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 3DAC3962B7DD50FD7E66CD6EA4217B95
Requests: 2 HTTP requests in this frame

Frame: https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: D244B27303DB39E09A447BA65C34DE25
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gkcqvwfv1vzaec.xyz/ Page URL
  2. https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

26
Requests

81 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

687 kB
Transfer

2294 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gkcqvwfv1vzaec.xyz/ Page URL
  2. https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Request Chain 20
  • https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gkcqvwfv1vzaec.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9af70f71e69a85520319d06bd17718b33d6c7ccba697d6dd502d0f83a0a36da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f3a55ae573ce3-CDG
content-encoding
zstd
content-type
text/html
date
Thu, 12 Dec 2024 16:52:58 GMT
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YoBC1ddklB6XUwhbYapzXf%2BS7X1D6WylRwBUf02r7npld0rCwbpLxST6fKpMQ6Fb5kxzXqr4Xl3d2zmxoWW3ftXoDYinyWr4mEfh7FXd7cFWEuNOaidC%2FBxAEmrMvvm%2B9pa2yE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24482&min_rtt=19429&rtt_var=9203&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4222&recv_bytes=4536&delivery_rate=701&cwnd=12000&unsent_bytes=0&cid=31624c1d84f770e2&ts=446&x=1" cfExtPri cfHdrFlush;dur=0
chunk-vendors.css
gkcqvwfv1vzaec.xyz/static/20241017204656/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/static/20241017204656/css/chunk-vendors.css
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-2da4c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dcjjS2ohTOJD4kaGdJmtbryY9V7nyzScIfYob%2F44JCsso3j%2BFHdy3bpHo98iz6HVbCbN0ME5u7yePjWXC5PCmkxZ49vpC8Y3nd%2FdhM9v9BOa5KHwV8LIHkODBh08kCV9i26rZaY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a586a813ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19144&min_rtt=14468&rtt_var=2122&sent=34&recv=27&lost=0&retrans=0&sent_bytes=23271&recv_bytes=6614&delivery_rate=16024&cwnd=12000&unsent_bytes=0&cid=31624c1d84f770e2&ts=1277&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:52:59 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
share_301.css
gkcqvwfv1vzaec.xyz/static/20241017204656/css/ 		149 B
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/static/20241017204656/css/share_301.css
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f875c04fd04a47b543c1027cac0c21629c6e789c0e4af50fd5d3d85280b2479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-95"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9r2YSYnN4VlgIXYHVb5elwEXLiPZZy2Tz4f7SHDnAtSV5zoWMkh3xq1MMWSIh1Mts5qs%2B6QzF%2B6i6RHZFcVibYnydfx4dJlZvEUBiBT3kBpepcdQCAZc3bUqrpNqjKyBVPcRjA0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a586a823ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23234&min_rtt=14499&rtt_var=9398&sent=16&recv=17&lost=0&retrans=0&sent_bytes=5943&recv_bytes=6182&delivery_rate=117109&cwnd=12000&unsent_bytes=0&cid=31624c1d84f770e2&ts=871&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:52:58 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
chunk-vendors.js
gkcqvwfv1vzaec.xyz/static/20241017204656/js/ 		909 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/static/20241017204656/js/chunk-vendors.js
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-e3513"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWjSmY90iRXnfm1F95CWn3S1daLYp36UAtcwrqem4DWXXOCmA8I0qKhUFL8ufEYrosmvbJ9gF9yY5%2FFx2E7IGA6PnCcaOop9I0OD4HCp6mUdOTBbRxn%2BmB6u9x9vRRfyEPhUorQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a586a843ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19254&min_rtt=14468&rtt_var=2534&sent=33&recv=26&lost=0&retrans=0&sent_bytes=22576&recv_bytes=6570&delivery_rate=622402&cwnd=12000&unsent_bytes=0&cid=31624c1d84f770e2&ts=1229&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:52:59 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
share_301.js
gkcqvwfv1vzaec.xyz/static/20241017204656/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/static/20241017204656/js/share_301.js
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5391714d246bb1e38fedde92f9812017a8b9270c786246afe1f2c3291013360d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-7631"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAEu93apdCwqx6m%2FSpmSimnbSw%2Fy4BU27GrZ8fxNBF1Z2vR1Tnaa2hL6JpHga2SMrxGgNjr%2BM82gA01efSsIB3CtnNFrr67HBDS6bIiV2ZECmRYrQhL0LU%2FDwaNyRyUcpeGmk6Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a586a863ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20056&min_rtt=14468&rtt_var=6923&sent=23&recv=21&lost=0&retrans=0&sent_bytes=11210&recv_bytes=6355&delivery_rate=290335&cwnd=12000&unsent_bytes=0&cid=31624c1d84f770e2&ts=1085&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:52:58 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
jsjiami.js
gkcqvwfv1vzaec.xyz/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/static/cdn/js/jsjiami.js
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-260b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWHV5Dq2SRppckwLPIm1%2FSV3skaQNLaqO%2BHHdUy%2FGigJ6vyCNbLe1ZPrl5Cul9Mm8k1JkFCUru6kPsbVG%2FYuxA5RuxizHcFxJ4wmjDWKym4k47bCqxFwB6Z%2Fzqv%2Bdji0b0ANkLM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a586a883ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22138&min_rtt=14468&rtt_var=9240&sent=18&recv=18&lost=0&retrans=0&sent_bytes=6801&recv_bytes=6225&delivery_rate=2109&cwnd=12000&unsent_bytes=0&cid=31624c1d84f770e2&ts=898&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:52:58 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
/
hmrh52eh9nz2k8.top/ 		223 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/static/20241017204656/js/share_301.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
789cda387ee40cb674bd56a4412a7aff1756c446ff0da8dd798c70c34aed35d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

Etag
"f5bb3476e7d167514a7d58cea18532d9"
Age
10
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
9c8423624f3bb137ebaf94378c15fe48
Date
Thu, 12 Dec 2024 16:53:01 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Thu, 12 Dec 2024 16:35:11 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE4[2],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE9[110],EA-HKG-GLOBAL1-CACHE23[104,TCP_MISS,107]
X-Amz-Request-Id
00000193BBBA070690196E57E4BF1A40
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
223
Server
openresty
request
vzslez.84rsbmskv3iti.xyz/fast-endecode/main/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vzslez.84rsbmskv3iti.xyz/fast-endecode/main/request
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/static/20241017204656/js/chunk-vendors.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.135.21.38 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://gkcqvwfv1vzaec.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0dh%2FBzwSAGMA%2FvDzCDscmDUE9rMtUI%2BEg%2Fr%2B5IglJa0CsrCiS6zNszqGGVvGn%2FfyZ3jE%2B40pJGLtQFhGgO6sawF6XvZDzNlNPiImn0SV23TC5MedjQbKqtLeuT%2FozWRIq7u03VHzq8%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f0f3a725c03e2f8-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41136
server-timing
cfL4;desc="?proto=TCP&rtt=1948&min_rtt=1948&rtt_var=974&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=681&delivery_rate=0&cwnd=121&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Thu, 12 Dec 2024 16:53:02 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
vzslez.84rsbmskv3iti.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vzslez.84rsbmskv3iti.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.135.21.38 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gkcqvwfv1vzaec.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8f0f3a6f0e5720ed-HKG
Connection
keep-alive
Content-Length
0
Date
Thu, 12 Dec 2024 16:53:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BXRU1QiOnUcALblFGDC3xrvE2kx3TEz%2F4lwfmqw%2FA0kSaMyaCOnqkPMxU5oDszdE3WaxpQV95YjPqTv39Wb%2FpFoy7z4surBIqLqAYJd0gSGROef4c8N%2FnQ6XOQxoScBDPpaLgribg8%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1077&min_rtt=1077&rtt_var=538&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=589&delivery_rate=0&cwnd=190&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
main.js
gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 3DAC
Redirect Chain
  • https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefa83f464f8bb2e97717973535ab82fa4a9b9ef6503b67e6a956b91c43fad90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnj9m8QdoGgGt9W0MOtk9NeQBWRKArJ3GR%2BO3rAv8KmrURTvrkfErSDcUkpuB3uSbXvkvEFIuGNX3kQhIwma1I8uWgQg0ie2Iry6lOGsc49lJyBvxUyem6DfBizEqt%2Fzk0%2FGpqs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0f3a6c18c73ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20736&min_rtt=14468&rtt_var=4578&sent=317&recv=91&lost=0&retrans=0&sent_bytes=352610&recv_bytes=10234&delivery_rate=31541&cwnd=87300&unsent_bytes=0&cid=31624c1d84f770e2&ts=3635&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:53:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xxg1UdNuJzdsmixmczgprnkufcqZvyjVEjG9wkBHNZxV%2BQuPRNvlA5sYFz71oFZ6KtBn3Ph%2BSS8IEFxLzJv5jF4oH8WEf0ySDYbV4biku35umW7Ls2nsGVrReAEKvZEwuGJu6Hs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a6bf8a83ce3-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=21595&min_rtt=14468&rtt_var=3814&sent=315&recv=90&lost=0&retrans=0&sent_bytes=351857&recv_bytes=9940&delivery_rate=4041671&cwnd=87300&unsent_bytes=0&cid=31624c1d84f770e2&ts=3608&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:53:01 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
gkcqvwfv1vzaec.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gkcqvwfv1vzaec.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r06Jwgy4xXPHMyoPmLXFfL90V0MCG0UR99MbVcV09pTrBhokbPmrgPVTXq8L4RdpPJOnbao5qNcuXvLm4OjLrMiYe6ryibyGssBclnqoZEUCG%2BxPuxzucNswUuAb%2FEwmrgFBOAE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a6bf8a93ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19670&min_rtt=14468&rtt_var=4538&sent=325&recv=108&lost=0&retrans=0&sent_bytes=358861&recv_bytes=27484&delivery_rate=32655&cwnd=87300&unsent_bytes=0&cid=31624c1d84f770e2&ts=3982&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 16:53:01 GMT
content-type
image/x-icon
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i
8f0f3a55ae573ce3
gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3DAC 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8f0f3a55ae573ce3
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aR0KfrZDmmQGVGswsPl62%2FkwRudLVlZEvzLoh2RtBddb7ZZR9KVt48a7%2FsrMp%2Fdybi6Anq%2BTUbGgE4V231p5WAJmAGHcLrk5m16h3GSZ03hoSiZxcvglTbPf0kDwrcfLy1dcOYo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a6ddaf83ce3-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20400&min_rtt=14468&rtt_var=4105&sent=324&recv=107&lost=0&retrans=0&sent_bytes=357661&recv_bytes=27439&delivery_rate=153669&cwnd=87300&unsent_bytes=0&cid=31624c1d84f770e2&ts=3926&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Thu, 12 Dec 2024 16:53:01 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
q753yu1znl2aj.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Requested by
Host: gkcqvwfv1vzaec.xyz
URL: https://gkcqvwfv1vzaec.xyz/static/20241017204656/js/share_301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97bc970226eaa7302c48f244c381332242aba2b90de8d9857c6d9536d48f2a24

Request headers

Referer
https://gkcqvwfv1vzaec.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f3a761d18bb1e-CDG
content-encoding
zstd
content-type
text/html
date
Thu, 12 Dec 2024 16:53:03 GMT
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGeuD6cRb2OUm5tniEpnJvqXcUqp%2FvawKg5Hlnt3l5dujHoAdKgX0elo%2F4xMA5uSblLcOZXWvRl1aVUBNXWBdA5hriwpAjnE%2BjRNfGi0KnefKDW6KKkfJdic3mt7yKq2PqqPFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
chunk-vendors.css
q753yu1znl2aj.xyz/static/20241017204656/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/static/20241017204656/css/chunk-vendors.css
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67110986-2da4c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wt52T6LsPeagCM4boMribSPKvf%2BCHKwqGcJ86Ks%2FaunAr9KuU3557l%2FkV0o47f%2FhP7vZvTwMJjzTLGIKPxACws%2BIRqsQLuuj%2FEPxWcaaVRO97PVD5hnmR0a%2BMdZBS9ts9ZlSog%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a7a2d1abb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:04 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
server
cloudflare
vary
Accept-Encoding
iframe.css
q753yu1znl2aj.xyz/static/20241017204656/css/ 		218 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/static/20241017204656/css/iframe.css
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d879d2b39e94be47a92f6f14497900cc4166c25b1975d78b9d60f81af8aaad3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67110986-da"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fqm7%2FgAgFtjw5lvb8ETpC2OpI7NYwZ3AwyIQA3LCmskka1GYpOkCWfD0ur3KuKz%2BVAMQeSvyKp9XNTzURz7Ho1C5j9UZYy38mRRM77oUgZu4hiIAKm6Pj2aRdsYl5mP6UvJbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a7a3d1cbb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:04 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
server
cloudflare
vary
Accept-Encoding
chunk-vendors.js
q753yu1znl2aj.xyz/static/20241017204656/js/ 		909 KB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/static/20241017204656/js/chunk-vendors.js
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67110986-e3513"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBOgrx%2BqREJn5xti239qb4TZbgOXKvv6HVUCD%2FgW7KsN8ZP%2Fc2%2BsOzrPOM2iXK3AHSoum7HSYSfTsbA1H5BFAnoIt6hI6LBAuYXMulZ8beIjRgXqREtrkWgClsWX2GmUt5BmlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a7a3d1ebb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:04 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
server
cloudflare
vary
Accept-Encoding
iframe.js
q753yu1znl2aj.xyz/static/20241017204656/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/static/20241017204656/js/iframe.js
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce59445094e5cc09076e94d53854eacd071b9157969420604d64f674572ca208

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67110986-796f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGeXNOIs6fyJKfNtza3HIiAxKldCGGK4YLokj0z38wJhWYzm0c9WSWmgPjtn4YL1UGWr1bHUAr9mpVo7gSiBBXcxoD5ROreGkvGlklKAZblZPZPbxHP4toJnnexOlJ6ISJW9fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a7a3d1fbb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:04 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
server
cloudflare
vary
Accept-Encoding
jsjiami.js
q753yu1znl2aj.xyz/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/static/cdn/js/jsjiami.js
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67110986-260b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIRkKtIAq9%2FgItXLdmrtVLuerW4uHbhvftmOKMh23A425qoHr6lMjdAN8lWc%2FWJX9BxsHtsedLLh9eVcqNMbRRF40iwadHN%2FLTwdjAySX7gxvyUQfO76XSmkkQrQ6MbOBZHsQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a7a3d1dbb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:04 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
server
cloudflare
vary
Accept-Encoding
/
hmrh52eh9nz2k8.top/ 		223 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/static/20241017204656/js/iframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
789cda387ee40cb674bd56a4412a7aff1756c446ff0da8dd798c70c34aed35d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/

Response headers

Etag
"f5bb3476e7d167514a7d58cea18532d9"
Age
13
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
f3e3ca99361609e043ea370f49823fa3
Date
Thu, 12 Dec 2024 16:53:04 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Thu, 12 Dec 2024 16:35:11 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE3[2],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE9[110],EA-HKG-GLOBAL1-CACHE23[104,TCP_MISS,107]
X-Amz-Request-Id
00000193BBBA070690196E57E4BF1A40
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
223
Server
openresty
request
vzslez.84rsbmskv3iti.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vzslez.84rsbmskv3iti.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
101.32.183.62 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://q753yu1znl2aj.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8f0f3a851d62ddcb-HKG
Connection
keep-alive
Content-Length
0
Date
Thu, 12 Dec 2024 16:53:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPoXL1r33bNm68TIcfXnuiNenRa%2BVrzLIyhOtfwHES8zGydINHlfM5ABK2e7pa%2BGv8qM%2Fh7wX1EHM7ijQh1s7DBNgeLnfEbiYqQY5sjOUwlcwbsowv9V%2FWjGyOVIHhExDKiALLaJ934%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1321&min_rtt=1321&rtt_var=660&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=587&delivery_rate=0&cwnd=153&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
request
vzslez.84rsbmskv3iti.xyz/fast-endecode/main/ 		0
0
main.js
q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame D244
Redirect Chain
  • https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ac0e3bcbd1825381ac8436f7bafb83a970d47136077216aa0b029dbf623c01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COzNMtsTNfWklLWkl%2FlYPTCM%2FmQoVGJuUHp5EZGSyE8%2FAQQsumCt5uWMs4oz7rijn6RSL8fEbzb4Kts%2BEKbwJqMlk%2BnQbBWPnRXZ0drs%2F%2Fbf6bEi%2FhjX9hfLtfyaSdl9bekDLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0f3a824d2abb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZHVXrYMbD6aWUEU22mE%2F6xHAqVQ2dsZfLFzijphOtriiLXAx%2F9RpKaRhrdahASiItT5yDumrBUrqFPyaCyFSGxILICL9bN%2FzqFL57z%2F6rcOG5LZOXiwzuOO38qXOuRKUn4agw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a822d28bb1e-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 16:53:04 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
q753yu1znl2aj.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://q753yu1znl2aj.xyz/?domain=gkcqvwfv1vzaec.xyz

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67110986-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FAdRYLZvGsk2Okv3hyk3kQenmQHtdFwQE89EkvgQ9KScI%2FA%2FTdeXfvakowO35ms%2Fz5VGXAji72rkt2zkz2KhoqHVx1W39jcSCDa1a5hLDEz4HibK16AIFD7voiKtz1LXPFZVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a822d29bb1e-CDG
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 16:53:05 GMT
content-type
image/x-icon
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
server
cloudflare
vary
Accept-Encoding
8f0f3a761d18bb1e
q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D244 		0
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8f0f3a761d18bb1e
Requested by
Host: q753yu1znl2aj.xyz
URL: https://q753yu1znl2aj.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBHj%2BXo4sNuBk3tHgS3UcGjquUrfgXM9WEWPnUpdbU27COR1jmpwWplaexEBDqGdO2XEF7UZegXh%2BAYVO19tj8%2F3pi%2F%2FLdKWm4NMveLbrMiRIzMurftuN9Pa24lWJpi7syb94Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f3a832d2bbb1e-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 16:53:05 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
request
vzslez.gnfkmjblm3h9f.xyz/fast-endecode/main/ Frame 		0
0
request
vzslez.gnfkmjblm3h9f.xyz/fast-endecode/main/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vzslez.84rsbmskv3iti.xyz
URL
https://vzslez.84rsbmskv3iti.xyz/fast-endecode/main/request
Domain
vzslez.gnfkmjblm3h9f.xyz
URL
https://vzslez.gnfkmjblm3h9f.xyz/fast-endecode/main/request
Domain
vzslez.gnfkmjblm3h9f.xyz
URL
https://vzslez.gnfkmjblm3h9f.xyz/fast-endecode/main/request

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| encode_version string| fhljt object| __0x10133b function| _0x2379 function| isConsoleOpen function| a0_0x33be function| a0_0x1077 function| a0_0x3afc48 object| webpackJsonp function| a1_0x430c function| _0x31f837 function| a1_0x5b86 object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

2 Cookies

Domain/Path Name / Value
.gkcqvwfv1vzaec.xyz/ Name: cf_clearance
Value: QUMpnnUFecZfDu3UG_QGV8O5AGY08pdDV.IWZ_iDusk-1734022381-1.2.1.1-ohJi2sUWRdjXG35Svw5nbjICt4N7EaSbWJV_GfgEWqGPkuHhyhqFdLF32yOo4UUBtLwKz.RNokoHJ0SG5np_ZP6CQ.uDrA0IryRh9FCEwjcVIs_a9ZEgHC9TJyU_3UweOejpOmgtSLhJV7pVw3yFhVOiGLsY0.lS6Nz.qWxSqKP1hpiQ2NsXXgTGKtlzTJxLGyvYuiNS90IPS3AzJ46vQIEplxVF7SNkYQkbis88OLN7OkAvgsr.UQ.dG75p1af6gjnv7j.EvgL1aphh.uaCd6ZfUgmxr3lr4vonaB9c.2eueMVs6H7hIibBs66rnLKvlfKCL.txgIaGIqOpkwMN1gCyA9jyIqVOcSuuwKGo0cmziGL2Lod6MQsC6PjeQxgl
.q753yu1znl2aj.xyz/ Name: cf_clearance
Value: Vq1kMxj4BhI0rl15oKerClMOERAVTsKDyDXoy8jgiM0-1734022385-1.2.1.1-TwxcS5NVG3PTAuSiznpLc_ofUrWzndyVfqkcZBKdK_EQho.jtq3yO3YlSNAxB6r1OVW3su9XnGuxwuAmlCvKKAhnoSutzFHmuMMgDjSEMSLYNe.nwVchnFbj7vxjvHYvxK6c43EerJgIQLNPnDZ_7VwVkOMqyfwxtHqqcBYq7mMVZUmofhzyp5M5RlSToIxGwLr9pEwDYnADKjIjcR4kY3u3J51IGT.eFyYljpvMFle1ra9y0Wja7HQuH6TJsKdPbeKTxzEV.lNMxc6hKUvZcxym8tOm0bimCNpcDD52cQ8UppnPLSq_Jahv19l0SouqoiFOofAcEf.gH_ayRFjKaoks5bx2UVk68j1j51xj24GhB1Cz2EUWzgaGiq42iLfG