urlscan.io logo urlscan.io
SecurityTrails logo

y36eyl3b182f8.xyz Open in urlscan Pro
104.21.16.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hxegoh9u5342gmu9.xyz/
Effective URL: https://y36eyl3b182f8.xyz/?domain=hxegoh9u5342gmu9.xyz
Submission: On December 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is y36eyl3b182f8.xyz.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time y36eyl3b182f8.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 188.114.97.3 13335 (CLOUDFLAR...)
1 4.192.73.43 8075 (MICROSOFT...)
2 43.154.91.147 132203 (TENCENT-N...)
1 104.21.16.1 13335 (CLOUDFLAR...)
15 5
Domain Requested by
10 hxegoh9u5342gmu9.xyz 1 redirects hxegoh9u5342gmu9.xyz
2 kwxet.ymd08ddh1g3tfu2.xyz hxegoh9u5342gmu9.xyz
1 y36eyl3b182f8.xyz hxegoh9u5342gmu9.xyz
y36eyl3b182f8.xyz
1 hmrh52eh9nz2k8.top hxegoh9u5342gmu9.xyz
15 4

This site contains no links.

Subject Issuer Validity Valid
hxegoh9u5342gmu9.xyz
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh
52medhmvvqp51p.top
E5		 2024-12-14 -
2025-03-14		 3 months crt.sh
*.ymd08ddh1g3tfu2.xyz
E5		 2024-12-21 -
2025-03-21		 3 months crt.sh
y36eyl3b182f8.xyz
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://y36eyl3b182f8.xyz/?domain=hxegoh9u5342gmu9.xyz
Frame ID: 1FA9A716A2019D63BB48DF4031F5CC62
Requests: 12 HTTP requests in this frame

Frame: https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 90627D7A688C98878DCE060D8522C0D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hxegoh9u5342gmu9.xyz/ Page URL
  2. https://y36eyl3b182f8.xyz/?domain=hxegoh9u5342gmu9.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Page Statistics

15
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

84 kB
Transfer

189 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hxegoh9u5342gmu9.xyz/ Page URL
  2. https://y36eyl3b182f8.xyz/?domain=hxegoh9u5342gmu9.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hxegoh9u5342gmu9.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fe1b46e887d6b891edf65412eb0e760621914cc2ce5ec2c507aa2f5317fce5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f59b97be9686574-AMS
content-encoding
zstd
content-type
text/html
date
Sat, 21 Dec 2024 17:52:12 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyKWKQ%2FnhlHGotIo%2BzDGQtd8xoYwx1blDJSYk9rhl4uaEyzp8Zzimqw82LQuNX9Oxcx3l2q128Jyuqu8FXFm5gBmw2BdvFiiNZP7hOrB%2F1xtqdMo8Hp3uphtfbWcke134GUCbXNRmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=14699&min_rtt=14454&rtt_var=2607&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4146&recv_bytes=4492&delivery_rate=690&cwnd=12000&unsent_bytes=0&cid=94a45d9615f052c8&ts=451&x=1" cfExtPri cfHdrFlush;dur=0
common.js
hxegoh9u5342gmu9.xyz/static/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/static/js/common.js?t=202409091529
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadb131196f7bf3c5702c6a43209470907e7638a486a0851700dc68b6acf5125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-1e7c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7V4VYjbNsEr1RHEbWZUVuXam1LaMJ2pshFEvW0KLlgWnCXJK3j0%2B690A3Cikewx2ULUC5jkWixVVFD8kS%2BR9fNJZmVQXth8QJRPLfO1c74gcJCPeeCXXbSq0SvrGp5qUmvzrXOiYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b97ebc306574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14766&min_rtt=14454&rtt_var=2090&sent=14&recv=16&lost=0&retrans=0&sent_bytes=5840&recv_bytes=6096&delivery_rate=109587&cwnd=12000&unsent_bytes=0&cid=94a45d9615f052c8&ts=907&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
vue.min.js
hxegoh9u5342gmu9.xyz/static/cdn/js/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/static/cdn/js/vue.min.js
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-16fc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eq7K05WNwLlWQhYB2x9nqtTNVFQsAXnlGKcMOhrj8py15djzC2RtdZHeQE699Qr105yrHk4WspbPwKGRZYIs6OajutS2Srvw6SQcJAGPeNt5t3n4YdlQOfr0NSjBaU1YLz7gX6s9fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b97ebc346574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14769&min_rtt=14454&rtt_var=381&sent=29&recv=24&lost=0&retrans=0&sent_bytes=20511&recv_bytes=6441&delivery_rate=502776&cwnd=12000&unsent_bytes=0&cid=94a45d9615f052c8&ts=1353&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
axios.min.js
hxegoh9u5342gmu9.xyz/static/cdn/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/static/cdn/js/axios.min.js
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-45b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FofHvWEcNNw8jTJ6rrow4LcKF8yh4FDFB5khL6DPZ6KQn4r0J%2FTN8VbGCTBb6Zi0SwfYDv1xBCn9qh1gpgqE7tLqcMx4%2FRXkbpErw%2Fdyo2Bdv43Rfj4zN7uUH86xf7uASLwXN8RL9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b97ebc356574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14720&min_rtt=14454&rtt_var=741&sent=22&recv=20&lost=0&retrans=0&sent_bytes=13210&recv_bytes=6268&delivery_rate=249298&cwnd=12000&unsent_bytes=0&cid=94a45d9615f052c8&ts=1107&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
crypto-js.min.js
hxegoh9u5342gmu9.xyz/static/cdn/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z977iq1bnUNUoOOPaXPTqNB32t%2BlDq1YuM73OJTbFbmJ9TUJvDOjIoC6ckPZGywj4XPODPYRdfFdY30CU9Xkd11K0qE4HuNQ9IedP0s6o00zB0C5FDfnyhlEO%2F%2BPkeFJBFLzmj9SBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b97ebc366574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14769&min_rtt=14454&rtt_var=381&sent=30&recv=24&lost=0&retrans=0&sent_bytes=21206&recv_bytes=6441&delivery_rate=502776&cwnd=12000&unsent_bytes=0&cid=94a45d9615f052c8&ts=1358&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
collect_301.js
hxegoh9u5342gmu9.xyz/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/static/js/collect_301.js?t=202409091529
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434620144df9c6f0572a9e55d35d51a97669b3846cd16cae57a0b803c4069eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-1e3e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoMFORHQGxHuF2AuhxhQ%2BXoQWkONd5KLNj6F1RgyDDZBqvc8Kt%2FipLbCnvhncEJb50wfC0b0GuWf%2Frddf3PV5E74cwMm42DRQ1CJYl7HdHq2FPzlkcYliTDdFFBzpZRBjrFLBKLJSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b97ebc376574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14762&min_rtt=14454&rtt_var=1188&sent=18&recv=18&lost=0&retrans=0&sent_bytes=9578&recv_bytes=6182&delivery_rate=8345&cwnd=12000&unsent_bytes=0&cid=94a45d9615f052c8&ts=926&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i=?0
/
hmrh52eh9nz2k8.top/ 		223 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/static/js/collect_301.js?t=202409091529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
ad90a4d3f612825820b0063a32d01719e04e9c2418aa177c2250b6d723030f30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

Etag
"fd39f55a06996915299746117282b752"
Age
13
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
de7873a5e6c63dba056e94c8be2c386f
Date
Sat, 21 Dec 2024 17:52:14 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Sat, 21 Dec 2024 12:59:13 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE1[3],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE8[3],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,2]
X-Amz-Request-Id
00000193E94D24EE9017617A630A6C0F
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
223
Server
openresty
main.js
hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 9062
Redirect Chain
  • https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e26d60c07dbdacca0ed759d96ba5b9e8780a06752354678b8effcbc7861a76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jjPqUbIZuV4rTi4VG%2Fmqy4FOfiG%2BKkwQIVCr0gqGzwDYYOrAg9VgYjdw3g6b%2FTF%2BhcHmLl6oLNoPLxmj%2Frxdc6YR8mw8PNkcimYh%2BF9kLptGtDd9soEPwZbqD1lYfd9s%2FC3sOC8%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f59b9861c236574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15378&min_rtt=14454&rtt_var=1071&sent=81&recv=46&lost=0&retrans=0&sent_bytes=76891&recv_bytes=8198&delivery_rate=30280&cwnd=34800&unsent_bytes=0&cid=94a45d9615f052c8&ts=1660&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSTn5K2d1gIp9DUPbENHvsprZKR1zVRxnK6cm19FCNuXhEdtMhdl0sEWQJY98%2BWOiXtHi%2F4fLdVnb725YIqiNlXYFDpD9hakq87uDur8tDIH%2B%2FuyOqlwpBlTS9KBPFr5n0TzbEvn9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b985ebf66574-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=15223&min_rtt=14454&rtt_var=1016&sent=79&recv=45&lost=0&retrans=0&sent_bytes=76133&recv_bytes=7903&delivery_rate=1608577&cwnd=34800&unsent_bytes=0&cid=94a45d9615f052c8&ts=1635&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:13 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
hxegoh9u5342gmu9.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hxegoh9u5342gmu9.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aJGVpnhQcCB6vOoOLfIHXv6L46JYgGPqjog8XW4F%2B81DWRfxE%2BUYqHmr43WASAvtfTDVP5LVzUNuxpYHPsp46Qcw6FlYqwlLU6bwPSu0CpdoDomUvi%2FbBMhR4UnpyR9k9ceBn2V6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b985ebf86574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15157&min_rtt=14454&rtt_var=726&sent=96&recv=65&lost=0&retrans=0&sent_bytes=83307&recv_bytes=25588&delivery_rate=11912&cwnd=34800&unsent_bytes=0&cid=94a45d9615f052c8&ts=2090&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 17:52:14 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i
8f59b97be9686574
hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9062 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8f59b97be9686574
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruhloawoGULx6zyUlvRib47FxBWMlLkuybi63xiILWc%2BhdjCUn1QonasNCZkYmfl39kpqz39P%2BN38yko2Re%2BrN2hXc3BKhLttCRmwra5R6GvvcfBOuyqGM7mYuUdpDdK5dIyplE7OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f59b9869c906574-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15247&min_rtt=14454&rtt_var=729&sent=94&recv=64&lost=0&retrans=0&sent_bytes=82079&recv_bytes=25544&delivery_rate=225361&cwnd=34800&unsent_bytes=0&cid=94a45d9615f052c8&ts=1821&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sat, 21 Dec 2024 17:52:13 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
request
kwxet.ymd08ddh1g3tfu2.xyz/fast-endecode/main/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kwxet.ymd08ddh1g3tfu2.xyz/fast-endecode/main/request
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/static/cdn/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.154.91.147 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://hxegoh9u5342gmu9.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
cf-cache-status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZR46j3dBdlHMjUm7Ab1MMsFeMC1oIkk3U0uXOvCedRyRwygxUJ7jobec7Jt5kjDPqOBelvSSwIlvzyOBLfMrsykaZNKNmsDLF8Po2dd9jvo5qHukFw9sbPyzjJiqN1j3jkQ1Fk7ZzB8%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f59b9955fb884c7-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41135
server-timing
cfL4;desc="?proto=TCP&rtt=1232&min_rtt=1232&rtt_var=616&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=685&delivery_rate=0&cwnd=123&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Sat, 21 Dec 2024 17:52:16 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
kwxet.ymd08ddh1g3tfu2.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kwxet.ymd08ddh1g3tfu2.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.154.91.147 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hxegoh9u5342gmu9.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-RAY
8f59b991c8e284f9-HKG
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Dec 2024 17:52:15 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpa56iFi4gU%2FMM%2BXeATJGUEks0Cpm0YUhDgCnjwjG5Gjm4A4KmQUuqu4q%2BqjInT8ZxZ7W%2FNvqYt9Pt7qd5y5k%2BLPHP8Vy7AgKnmXze5IBvKBqfr7GVPKF3Z5lgwh8f26VNmgEyshAfs%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
server-timing
cfL4;desc="?proto=TCP&rtt=1101&min_rtt=1101&rtt_var=550&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=593&delivery_rate=0&cwnd=166&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Primary Request /
y36eyl3b182f8.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://y36eyl3b182f8.xyz/?domain=hxegoh9u5342gmu9.xyz
Requested by
Host: hxegoh9u5342gmu9.xyz
URL: https://hxegoh9u5342gmu9.xyz/static/js/collect_301.js?t=202409091529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae82b154fbb8d639d4cb05317c6a51d70d12e77a820150ec267020da13e0f3d

Request headers

Referer
https://hxegoh9u5342gmu9.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f59b996db34f5cd-AMS
content-encoding
zstd
content-type
text/html
date
Sat, 21 Dec 2024 17:52:16 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=welwpwknNvVtQPIWp%2FqCfxsvg4ujBwuyioqBZbIvPXYEW6wmVNgL8WOs9b0yzdNe%2FjsSPul9jte660pWWEuswtmSHwnwRssAxhmyGEpyMEQvPgYCJdUSIDhjGJztbzul%2Bmu%2BdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
crypto-js.min.js
y36eyl3b182f8.xyz/static/cdn/js/ 		0
0
iframe.js
y36eyl3b182f8.xyz/static/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
y36eyl3b182f8.xyz
URL
https://y36eyl3b182f8.xyz/static/cdn/js/crypto-js.min.js
Domain
y36eyl3b182f8.xyz
URL
https://y36eyl3b182f8.xyz/static/js/iframe.js?t=202409101529

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.hxegoh9u5342gmu9.xyz/ Name: cf_clearance
Value: gTk4QPOLw9wAASbMXNcEo9tG8LeglvQyd4iwbgTzmkk-1734803533-1.2.1.1-z9yk9OFIANS2NeERAVXyds2A0sF5bNGF0HvOd4gb0clcS94moWlDxtr2Y4UBTRoR._OF6K16frvSOGv2.L2A5k6CfuT2vgbeE3pw9dUcgid1.I5J7aaKv_g_b3l8EdyPoPDIxhvOy2OG3trrtOM6UjRAbig45EUjb7D1VsBbcPaZarNNBmLmBAygytuCY_ygaG9HBDKrh3dSlzYBYENROXCN..lWWoO2jHW.ycog9o7_lhghAb7QFUBD0wqJEf3SlILNfOywZ1P46xVZcAdEl5Go4PU.MPVXLsLVxdBV76bfy_1via3Ak0dby0PKTMkaQKwVoph7hv8qJ6KGeAuX7JnNjPHUvCXeIvhSgf6NrILzYwPW8mZpIv36I4tmZyj0