ru4856.j8s0uht5r4.buzz Open in urlscan Pro
104.17.208.40  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ru4856.j8s0uht5r4.buzz/	21 KB 6 KB	934ms 182ms	Document text/html	104.17.208.40 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ru4856.j8s0uht5r4.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.40 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d3e0e67511017917e62e1140f9adecf1f728cc5de85bfecacab56dd2c9c7cee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8467303c4c2a39ea-YYZ content-encoding br content-type text/html date Tue, 16 Jan 2024 14:53:31 GMT last-modified Sat, 13 Jan 2024 21:10:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTVOfQM7tknHGqrFZbS5y%2B8epmBYLTYRh0Fei4XYWiRBM159zk0YW1GzO2oL49PeoOtaaQTcR6GDLyz8bHq0IkDhzZsz0jQ18I7xyatJXsPVbit3QUdF9wsc4E%2F6tZimyjbAX5nbMP84"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.min.css registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/css/	38 KB 9 KB	1023ms 352ms	Stylesheet text/css	2408:870c:1000:7:3::3fb CNCGROUP-SH China...
General Check archive.org Show headers Download Go to Full URL https://registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/css/style.min.css Requested by Host: ru4856.j8s0uht5r4.buzz URL: https://ru4856.j8s0uht5r4.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2408:870c:1000:7:3::3fb , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN), Reverse DNS Software Tengine / Resource Hash cefdae7e3501a5fe9654ca674e4942e92da692de3ea3b1b6623b4ab42c3c27e1 Security Headers Name Value Strict-Transport-Security max-age=5184000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=5184000 date Tue, 26 Dec 2023 12:01:54 GMT x-content-type-options nosniff via cn5266.l1, kunlun2.cn5266, l2cn3048.l2, cache33.l2cn3048, registry.npmmirror.com-07, cache33.l2cn3048[0,0,200-0,H], cache33.l2cn3048[1,0], kunlun2.cn5266[0,0,200-0,H], kunlun10.cn5266[3,0] content-encoding gzip age 1824698 x-swift-cachetime 31354957 x-cache HIT TCP_MEM_HIT dirn:11:978601626 x-readtime 31.401 x-swift-savetime Thu, 28 Dec 2023 14:19:17 GMT request-id 8f7ccb30-a3e6-11ee-be56-7b9b8395b0c8 content-length 8130 x-xss-protection 1; mode=block server Tengine x-download-options noopen vary Origin, Accept, Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 ali-swift-global-savetime 1703592114 cache-control public, max-age=31536000 timing-allow-origin * eagleid 8ccff79e17054168121555734e
GET H2	200	vue.min.js Show response registry.npmmirror.com/vue/2.6.14/files/dist/	92 KB 39 KB	1334ms 664ms	Script application/javascript	2408:870c:1000:7:3::3fb CNCGROUP-SH China...
General Check archive.org Show headers Download Go to Full URL https://registry.npmmirror.com/vue/2.6.14/files/dist/vue.min.js Requested by Host: ru4856.j8s0uht5r4.buzz URL: https://ru4856.j8s0uht5r4.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2408:870c:1000:7:3::3fb , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN), Reverse DNS Software Tengine / Resource Hash 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Security Headers Name Value Strict-Transport-Security max-age=5184000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=5184000 date Thu, 28 Dec 2023 13:59:17 GMT x-content-type-options nosniff via cn5266.l1, kunlun10.cn5266, l2cn3048.l2, cache22.l2cn3048, npmmirror-x86-20220823002, cache22.l2cn3048[0,0,200-0,H], cache10.l2cn3048[0,0], kunlun10.cn5266[0,0,200-0,H], kunlun10.cn5266[4,0] content-encoding gzip age 1644855 x-swift-cachetime 31176708 x-cache HIT TCP_MEM_HIT dirn:11:90375149 x-readtime 22.816 x-swift-savetime Mon, 01 Jan 2024 17:47:29 GMT request-id 4a969830-a589-11ee-a230-693c9afeecf0 content-length 39383 x-xss-protection 1; mode=block server Tengine x-download-options noopen vary Origin, Accept, Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 ali-swift-global-savetime 1703771957 cache-control public, max-age=31536000 timing-allow-origin * eagleid 8ccff79e17054168121555737e
GET H2	200	request.min.js Show response registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/js/	7 KB 3 KB	1198ms 529ms	Script application/javascript	2408:870c:1000:7:3::3fb CNCGROUP-SH China...
General Check archive.org Show headers Download Go to Full URL https://registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/js/request.min.js?appid=WM2304142032207G Requested by Host: ru4856.j8s0uht5r4.buzz URL: https://ru4856.j8s0uht5r4.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2408:870c:1000:7:3::3fb , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN), Reverse DNS Software Tengine / Resource Hash 9fc65e4104b325889ef7636cc6a15c03b66769f3711d23f1d816d9bbc9915585 Security Headers Name Value Strict-Transport-Security max-age=5184000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=5184000 date Tue, 26 Dec 2023 12:01:54 GMT x-content-type-options nosniff via cn5266.l1, kunlun6.cn5266, l2cn3048.l2, cache24.l2cn3048, registry.npmmirror.com-07, cache24.l2cn3048[0,0,200-0,H], cache27.l2cn3048[1,0], kunlun6.cn5266[0,0,200-0,H], kunlun10.cn5266[3,0] content-encoding gzip age 1824698 x-swift-cachetime 30996865 x-cache HIT TCP_MEM_HIT dirn:11:86814181 x-readtime 24.037 x-swift-savetime Mon, 01 Jan 2024 17:47:29 GMT request-id 8f7ca420-a3e6-11ee-a854-87424a2e9185 content-length 2774 x-xss-protection 1; mode=block server Tengine x-download-options noopen vary Origin, Accept, Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 ali-swift-global-savetime 1703592114 cache-control public, max-age=31536000 timing-allow-origin * eagleid 8ccff79e17054168121555736e
GET H2	200	comment.min.js Show response registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/js/	7 KB 3 KB	1223ms 554ms	Script application/javascript	2408:870c:1000:7:3::3fb CNCGROUP-SH China...
General Check archive.org Show headers Download Go to Full URL https://registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/js/comment.min.js Requested by Host: ru4856.j8s0uht5r4.buzz URL: https://ru4856.j8s0uht5r4.buzz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2408:870c:1000:7:3::3fb , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN), Reverse DNS Software Tengine / Resource Hash 5f57c1ff1bcee3a1aab9d6a0a65f694de96de548f51c7f61a7b2ac3c30812161 Security Headers Name Value Strict-Transport-Security max-age=5184000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=5184000 date Tue, 26 Dec 2023 12:01:54 GMT x-content-type-options nosniff via cn5266.l1, kunlun7.cn5266, l2cn3048.l2, cache20.l2cn3048, registry.npmmirror.com-06, cache20.l2cn3048[0,0,200-0,H], cache24.l2cn3048[1,0], kunlun7.cn5266[0,-1,200-0,H], kunlun10.cn5266[4,0] content-encoding gzip age 1824698 x-swift-cachetime 30996865 x-cache HIT TCP_MEM_HIT dirn:9:159634248 x-readtime 24.622 x-swift-savetime Mon, 01 Jan 2024 17:47:29 GMT request-id 8f7cf240-a3e6-11ee-b869-6bc0ea6cb0fb content-length 3022 x-xss-protection 1; mode=block server Tengine x-download-options noopen vary Origin, Accept, Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 ali-swift-global-savetime 1703592114 cache-control public, max-age=31536000 timing-allow-origin * eagleid 8ccff79e17054168121555741e
GET		info ru4856.j8s0uht5r4.buzz/api/plugin/website/	0 0
GET H2	200	console-ban.min.js Show response registry.npmmirror.com/console-ban/5.0.0/files/dist/	3 KB 2 KB	270ms 268ms	Script application/javascript	2408:870c:1000:7:3::3fb CNCGROUP-SH China...
General Check archive.org Show headers Download Go to Full URL https://registry.npmmirror.com/console-ban/5.0.0/files/dist/console-ban.min.js Requested by Host: registry.npmmirror.com URL: https://registry.npmmirror.com/luopaieasyjs/1.0.67/files/tsc/js/request.min.js?appid=WM2304142032207G Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2408:870c:1000:7:3::3fb , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN), Reverse DNS Software Tengine / Resource Hash f777d390083acfd344b9a6bbe8eaaa3e96f478cf1b68bbbea837d950e2a3b84a Security Headers Name Value Strict-Transport-Security max-age=5184000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://ru4856.j8s0uht5r4.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=5184000 date Sun, 10 Dec 2023 19:18:46 GMT x-content-type-options nosniff via cn1416.l1, kunlun7.cn1416, l2cn3048.l2, cache16.l2cn3048, npmmirror-x86-2022012802003, cache16.l2cn3048[0,0,200-0,H], cache24.l2cn3048[1,0], kunlun10.cn5266[0,0,200-0,H], kunlun10.cn5266[2,0] content-encoding gzip age 3180887 x-swift-cachetime 29638063 x-cache HIT TCP_MEM_HIT dirn:11:510820418 x-readtime 89.363 x-swift-savetime Mon, 01 Jan 2024 18:31:03 GMT request-id f0a27ed0-9790-11ee-b446-53e7cf60ecf6 content-length 1199 x-xss-protection 1; mode=block server Tengine x-download-options noopen vary Origin, Accept, Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 ali-swift-global-savetime 1702235926 cache-control public, max-age=31536000 timing-allow-origin * eagleid 8ccff79e17054168131137132e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ru4856.j8s0uht5r4.buzz

URL

https://ru4856.j8s0uht5r4.buzz/api/plugin/website/info

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Vue string| scriptUrl object| urlParams string| appid string| serverUrl function| getFetch function| getPost function| getWebsiteInfo function| getHeadBannerItem function| getFooterBannerList function| getVideoBannerList function| clickBuriedTap function| getRandomFromArray function| shuffleArray function| getRandomElementsFromArray function| putCacheStorage function| matchCacheStorage function| getCurrentDate function| numberFormatting function| scrollPageTop function| diaplayTime function| addMetaData function| totalEquivalentColor function| isLightColor function| setRem function| addFivelaLid function| addBaiduHmid function| addAlpha function| consoleBan boolean| pcWidthStatus object| ConsoleBan

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

registry.npmmirror.com
ru4856.j8s0uht5r4.buzz
ru4856.j8s0uht5r4.buzz
104.17.208.40
2408:870c:1000:7:3::3fb
5f57c1ff1bcee3a1aab9d6a0a65f694de96de548f51c7f61a7b2ac3c30812161
6d3e0e67511017917e62e1140f9adecf1f728cc5de85bfecacab56dd2c9c7cee
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
9fc65e4104b325889ef7636cc6a15c03b66769f3711d23f1d816d9bbc9915585
cefdae7e3501a5fe9654ca674e4942e92da692de3ea3b1b6623b4ab42c3c27e1
f777d390083acfd344b9a6bbe8eaaa3e96f478cf1b68bbbea837d950e2a3b84a