Submitted URL: http://qa2uczcugxm7n3.xyz/
Effective URL: https://qa2uczcugxm7n3.xyz/
Submission: On December 15 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 104.21.0.95, located in and belongs to CLOUDFLARENET, US. The main domain is qa2uczcugxm7n3.xyz.
TLS certificate: Issued by WE1 on November 12th 2024. Valid for: 3 months.
This is the only time qa2uczcugxm7n3.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 104.21.0.95 13335 (CLOUDFLAR...)
1 4.192.73.43 8075 (MICROSOFT...)
2 124.156.107.111 132203 (TENCENT-N...)
13 4
Domain Requested by
10 qa2uczcugxm7n3.xyz 1 redirects qa2uczcugxm7n3.xyz
2 chnaz.xj3p9o2itu8q3.xyz qa2uczcugxm7n3.xyz
1 hmrh52eh9nz2k8.top qa2uczcugxm7n3.xyz
0 vg8gmfsvsa5lk.xyz Failed qa2uczcugxm7n3.xyz
13 4

This site contains no links.

Subject Issuer Validity Valid
qa2uczcugxm7n3.xyz
WE1
2024-11-12 -
2025-02-10
3 months crt.sh
52medhmvvqp51p.top
E5
2024-12-14 -
2025-03-14
3 months crt.sh
*.xj3p9o2itu8q3.xyz
E6
2024-12-15 -
2025-03-15
3 months crt.sh

This page contains 2 frames:

Frame: https://vg8gmfsvsa5lk.xyz/?domain=qa2uczcugxm7n3.xyz
Frame ID: EEA7BEF416B4AE8071205628F0F8C952
Requests: 10 HTTP requests in this frame

Frame: https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 6CDDF0C2B21D7037B041EEE3AAA4A766
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://qa2uczcugxm7n3.xyz/ HTTP 307
    https://qa2uczcugxm7n3.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

81 kB
Transfer

187 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qa2uczcugxm7n3.xyz/ HTTP 307
    https://qa2uczcugxm7n3.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
qa2uczcugxm7n3.xyz/
Redirect Chain
  • http://qa2uczcugxm7n3.xyz/
  • https://qa2uczcugxm7n3.xyz/
2 KB
2 KB
Document
General
Full URL
https://qa2uczcugxm7n3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc7be910071c59b040b8937f9f1b47712958e38ea050755923c3fe8c7c056ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f25fdecbb159a18-FRA
content-encoding
zstd
content-type
text/html
date
Sun, 15 Dec 2024 11:11:16 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiJ9DP32y1egRnlE3ibhEFRxOolv0h3TF1dgoGTC32mZ9FVOu0wMpH3WaGCBqMGcM6dWt3SWOxNCt0CFfMvP8weJkxVFrQXgkvvUwnyK%2FUHITuxKKe7DVmpn8P5trBMCwQZPXyw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=1386&min_rtt=757&rtt_var=1339&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2355&delivery_rate=5505703&cwnd=254&unsent_bytes=0&cid=a6e9ff3f9c7bdc45&ts=420&x=0"

Redirect headers

Location
https://qa2uczcugxm7n3.xyz/
Non-Authoritative-Reason
HttpsUpgrades
common.js
qa2uczcugxm7n3.xyz/static/js/
8 KB
3 KB
Script
General
Full URL
https://qa2uczcugxm7n3.xyz/static/js/common.js?t=202409091529
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadb131196f7bf3c5702c6a43209470907e7638a486a0851700dc68b6acf5125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-1e7c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T1Ptrd11GnVNcU%2Fv%2BVBY2rY0FESkt8WuVf7SeAiYxvSqTaj9qqm8aYTge9g4Oz3AevKDOEA%2Fy6x%2BzJ%2BrmBq4LvMEHFLV0mcvFwFJWlvFpo2XfDr9MRepE22MPQ1%2B%2FGUeOtdz5CU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdef7cce9a18-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6991&min_rtt=735&rtt_var=12231&sent=14&recv=16&lost=0&retrans=0&sent_bytes=5639&recv_bytes=2771&delivery_rate=5505703&cwnd=257&unsent_bytes=0&cid=a6e9ff3f9c7bdc45&ts=848&x=0"
date
Sun, 15 Dec 2024 11:11:16 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
vue.min.js
qa2uczcugxm7n3.xyz/static/cdn/js/
92 KB
35 KB
Script
General
Full URL
https://qa2uczcugxm7n3.xyz/static/cdn/js/vue.min.js
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-16fc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wv%2FUvew8h8XQc6doaG0hwFseH9udDgLwscAtHm5yHup%2F%2B0H%2FcrdY3EVHRXjw1UGSm4pGC641shZnCPbBywGfXuB8B48yaM2TMybKo4n0tf6%2BxNf1sGo6sbD3cJHM4dtptPf5QsI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdef7ccf9a18-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=4426&min_rtt=735&rtt_var=7223&sent=18&recv=20&lost=0&retrans=0&sent_bytes=9206&recv_bytes=2771&delivery_rate=6589306&cwnd=257&unsent_bytes=0&cid=a6e9ff3f9c7bdc45&ts=850&x=0"
date
Sun, 15 Dec 2024 11:11:16 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
axios.min.js
qa2uczcugxm7n3.xyz/static/cdn/js/
17 KB
7 KB
Script
General
Full URL
https://qa2uczcugxm7n3.xyz/static/cdn/js/axios.min.js
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-45b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I19V9zhnNRMZaBUXkqSQfKKZULV7fm3ITQopR%2BR5WSRly9sEu9G81uK%2BHb9rKCe5vnPcjSf4ofBV5Z2%2BnRuatlaxjH8cds5ucz40cDBRkQHQSxLpgRHuEExr6PP%2Fue84evMkbkM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdef7cd09a18-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=3967&min_rtt=735&rtt_var=6337&sent=19&recv=21&lost=0&retrans=0&sent_bytes=9648&recv_bytes=2771&delivery_rate=6589306&cwnd=257&unsent_bytes=0&cid=a6e9ff3f9c7bdc45&ts=851&x=0"
date
Sun, 15 Dec 2024 11:11:16 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
crypto-js.min.js
qa2uczcugxm7n3.xyz/static/cdn/js/
46 KB
17 KB
Script
General
Full URL
https://qa2uczcugxm7n3.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxdSix1lYMRh%2Fh6g3RuZooddrEQ5O679RRla%2BoUH68kYZFEqueoB38evoDMerBVm75XG9guhGwQfa7EpIMoMmnDa5lX0B%2FH4kVREPtIWGFBsGrt5RXvexDkPfkguMuEFOiALzWw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdef7cd19a18-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1082&min_rtt=735&rtt_var=583&sent=52&recv=39&lost=0&retrans=0&sent_bytes=53156&recv_bytes=2771&delivery_rate=41287169&cwnd=257&unsent_bytes=0&cid=a6e9ff3f9c7bdc45&ts=858&x=0"
date
Sun, 15 Dec 2024 11:11:16 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
collect_301.js
qa2uczcugxm7n3.xyz/static/js/
8 KB
3 KB
Script
General
Full URL
https://qa2uczcugxm7n3.xyz/static/js/collect_301.js?t=202409091529
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434620144df9c6f0572a9e55d35d51a97669b3846cd16cae57a0b803c4069eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-1e3e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ej71otaCvVK8xQfPUJS3XFKQ4KmcXv6%2FTL1Cucgu6cDY0WNa5dHd6Lt7wRgmods1DQxi4YvhMWBbRIEv1iaqG49HTO%2BHi75eKvF0KAm7pAgptrYFj8a95wvioZS4UAYeOjDAg4c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdef7cd29a18-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1082&min_rtt=735&rtt_var=583&sent=53&recv=39&lost=0&retrans=0&sent_bytes=53599&recv_bytes=2771&delivery_rate=41287169&cwnd=257&unsent_bytes=0&cid=a6e9ff3f9c7bdc45&ts=858&x=0"
date
Sun, 15 Dec 2024 11:11:16 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
/
hmrh52eh9nz2k8.top/
215 B
1 KB
Fetch
General
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/static/js/collect_301.js?t=202409091529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
f561965916c7cc3be7fffbba5b24b9d8c6cdd174e08a9368bead90fbea28f976

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

Etag
"56c89268eee56f277875c14a9aabc8c4"
Age
22
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
a5350c84019a91db1474928f9c77e0f6
Date
Sun, 15 Dec 2024 11:11:18 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Sun, 15 Dec 2024 08:32:20 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE2[2],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE11[46],EA-HKG-GLOBAL1-CACHE23[42,TCP_MISS,44]
X-Amz-Request-Id
00000193C97299C490196DDE94863712
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
215
Server
openresty
main.js
qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 6CDD
Redirect Chain
  • https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB
Script
General
Full URL
https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f31a8914edb7e8067cc76b25690f0f52951a90558ac312e52925f48b23d1219
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyUToZxeK5ipy1NhfOkfIMzZ5pE4mHg6g%2Bpv2%2FSki6eiM2vSxHtuN8VtREE%2FODBx2QoVfOudvST0UBq%2FVLPM%2FKt6ZTPoZIXR3nWrIC%2B3SEhMkQvktC357Erp8TAY6%2FLKaJBNLgE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f25fdf25e00920e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12352&min_rtt=11229&rtt_var=2520&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5095&recv_bytes=4717&delivery_rate=44637&cwnd=12000&unsent_bytes=0&cid=a53d48ab89d84cba&ts=464&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 11:11:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEgaw0vo684fDNqEbXCS%2BdlefBhkBRLSX9Y8v1ATOZmNDkSk487X%2Br%2B2dK9gOzPsgssYvrOscC8ZoECiCbK557L4mgB8%2FgaMGcj1jznMzGi7AnYPufM%2FZeQlIjkN9FMdQ6%2Fb3MU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdf23df0920e-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=12168&min_rtt=11229&rtt_var=2870&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4309&recv_bytes=4426&delivery_rate=751&cwnd=12000&unsent_bytes=0&cid=a53d48ab89d84cba&ts=446&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 11:11:16 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8f25fdecbb159a18
qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6CDD
0
1 KB
XHR
General
Full URL
https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8f25fdecbb159a18
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2QrarBmq%2BDXJ9Jg1RbqyYkmd6qHt7EIGapj7YJhAhAaiFt14aePcpPLcwIb%2FB5JHlMXL7EVYL%2FyKU%2BROrpGe6ydGcsMwtO%2BUPor9bKGUpoMM14xafqc6Sz9wkLQ4cRtIeLMDOw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdf35ed3920e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12638&min_rtt=11229&rtt_var=1529&sent=25&recv=31&lost=0&retrans=0&sent_bytes=10202&recv_bytes=22355&delivery_rate=383866&cwnd=12000&unsent_bytes=0&cid=a53d48ab89d84cba&ts=639&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sun, 15 Dec 2024 11:11:17 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
qa2uczcugxm7n3.xyz/
4 KB
4 KB
Other
General
Full URL
https://qa2uczcugxm7n3.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.0.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://qa2uczcugxm7n3.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdAb%2FXWtxP26jl0rWLtomIF1GWEjs55OLIKDeGRiqoi0ELtjqtANFoZ5cK4QlXS1HdCqrjsU1Fkt69q64QnG6Jb%2BvIwUkDir7MajKYPrrgvEUslJfLCKxHN76hMZdz3%2Bvsoiy08%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f25fdf36ed4920e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11814&min_rtt=6047&rtt_var=2794&sent=27&recv=32&lost=0&retrans=0&sent_bytes=11427&recv_bytes=22398&delivery_rate=62047&cwnd=12000&unsent_bytes=0&cid=a53d48ab89d84cba&ts=1004&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 11:11:17 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
priority
u=1,i
request
chnaz.xj3p9o2itu8q3.xyz/fast-endecode/main/
2 KB
2 KB
XHR
General
Full URL
https://chnaz.xj3p9o2itu8q3.xyz/fast-endecode/main/request
Requested by
Host: qa2uczcugxm7n3.xyz
URL: https://qa2uczcugxm7n3.xyz/static/cdn/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
124.156.107.111 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
96e725bc1f07e24b0c5022e386bcf841eb88c5b792d190e3caefd6d357435212

Request headers

Referer
https://qa2uczcugxm7n3.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jnYNf0RZQJw3w3gWzUAd9JkukorN68AU8U3Gxgtnk3xFNlzDfscD%2BYqfcbM1PGGlyVSMhGxoSquxRXRmTj3UrMqz44efOCEJcQrSeIq7ogvhxYHzGj%2BDq2IruU62n4hvTARUoKED3Y%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f25fe07a8b5dd89-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41136
server-timing
cfL4;desc="?proto=TCP&rtt=1530&min_rtt=1530&rtt_var=765&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=683&delivery_rate=0&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Sun, 15 Dec 2024 11:11:20 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
chnaz.xj3p9o2itu8q3.xyz/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://chnaz.xj3p9o2itu8q3.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
124.156.107.111 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://qa2uczcugxm7n3.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8f25fe024a0fe666-HKG
Connection
keep-alive
Content-Length
0
Date
Sun, 15 Dec 2024 11:11:19 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcR0q1ZuSghntxvDuTPQNru5kSk%2BC84aQJYBsWZnBw1K9l4k1%2BpypPMJy%2FBnLypYep53Fzk4oHgy1xQYf9R35o74f%2FwdrPtb4d6MZ1pg9qOtlGekau06RDoVJY0gRPZIkASxcK8l1lk%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=2149&min_rtt=2149&rtt_var=1074&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=591&delivery_rate=0&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
/
vg8gmfsvsa5lk.xyz/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vg8gmfsvsa5lk.xyz
URL
https://vg8gmfsvsa5lk.xyz/?domain=qa2uczcugxm7n3.xyz

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _0x47e7 function| _0x462b function| _0x299481 function| _0x194304 function| _0x42abbc function| _0x47f0b8 object| domainList object| publicKey function| handleEncrypt function| handleDecrypt function| fromCode function| Vue function| axios object| CryptoJS

1 Cookies

Domain/Path Name / Value
.qa2uczcugxm7n3.xyz/ Name: cf_clearance
Value: lVj5BWyBjQp9q27VHHA5MXC8mxDmx.LTslDD6F8LrSU-1734261077-1.2.1.1-kUb20zz71PY0MglO9Y86QmIR4e469ZtlUXV.cAi4sRJyOKcYKcJbwJioGXFXyBW_qOJ8pRVEWfDVU5Bw.Ox5wzNn19F56Hx5e.DYeVKzqYQmomm9G6T9tB2ClQUEjgA3376.6hqDLeBlTBb1anKyoRcq5YbTRGsAtfsZweunWv7rWbz6rQaHS0rmDHtxG2L6r0.XHubtcSQn3XZUNVZp0CT1ZstojEdkjV_WRMOwPMtChuiJsItfvx7R45mDT8DxClMa_VTY7.CsH2DQ8JGjZ9JhIiU_DcSt8uukaQlxqfqW3wfUdVryPN0EcXzKKnNn_XDp_m89BZfG_sTZ1mEqJcVrh_yvnHn3eIMgLlV2zZ3AG72Bimbkfb3WBzq6wNCi