Submitted URL: https://knq56nd8qx97b.xyz/
Effective URL: https://knq56nd8qx97b.xyz/enter.html
Submission: On December 16 via api from US — Scanned from US

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3030::6815:2001, located in United States and belongs to CLOUDFLARENET, US. The main domain is knq56nd8qx97b.xyz.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time knq56nd8qx97b.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 4.192.73.43 8075 (MICROSOFT...)
2 43.135.86.215 132203 (TENCENT-N...)
20 3
Apex Domain
Subdomains
Transfer
18 knq56nd8qx97b.xyz
knq56nd8qx97b.xyz
243 KB
2 ngt3zbvaiq9aa.xyz
lxyrae.ngt3zbvaiq9aa.xyz
2 KB
1 hmrh52eh9nz2k8.top
hmrh52eh9nz2k8.top
1 KB
20 3
Domain Requested by
18 knq56nd8qx97b.xyz 1 redirects knq56nd8qx97b.xyz
2 lxyrae.ngt3zbvaiq9aa.xyz knq56nd8qx97b.xyz
1 hmrh52eh9nz2k8.top knq56nd8qx97b.xyz
20 3

This site contains no links.

Subject Issuer Validity Valid
knq56nd8qx97b.xyz
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
52medhmvvqp51p.top
E5
2024-12-14 -
2025-03-14
3 months crt.sh
*.ngt3zbvaiq9aa.xyz
E6
2024-12-16 -
2025-03-16
3 months crt.sh

This page contains 2 frames:

Primary Page: https://knq56nd8qx97b.xyz/enter.html
Frame ID: FF93A60CDFCE80C23913E1F3CEE1CBE2
Requests: 17 HTTP requests in this frame

Frame: https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 111CB99F16BB997501918C2851D6208F
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://knq56nd8qx97b.xyz/ Page URL
  2. https://knq56nd8qx97b.xyz/enter.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

20
Requests

95 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

246 kB
Transfer

676 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://knq56nd8qx97b.xyz/ Page URL
  2. https://knq56nd8qx97b.xyz/enter.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
knq56nd8qx97b.xyz/
42 KB
10 KB
Document
General
Full URL
https://knq56nd8qx97b.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2dbb9f38ad78ed-EWR
content-encoding
zstd
content-type
text/html
date
Mon, 16 Dec 2024 09:44:06 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2ZFrjqhyFrcY%2FLt5Eg4%2FeIv8dRdvzDRJyHw2tk0cMOWfjLuZa8LDBwIQc1nW8E%2B2XTT7JM9DM1pbjAoG3swQx0OV%2FI1swD7zuoyk3BG20pt4guirnrU%2FEVlpZk57KyuEPl003d4mKYumUy20BDvPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request enter.html
knq56nd8qx97b.xyz/
5 KB
2 KB
Document
General
Full URL
https://knq56nd8qx97b.xyz/enter.html
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e9f1632d36b5616f4fe206c82a2f3a257560b9c223b4bf233c22c5b71a379a8

Request headers

Referer
https://knq56nd8qx97b.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2dbba3c8ba78ed-EWR
content-encoding
zstd
content-type
text/html
date
Mon, 16 Dec 2024 09:44:07 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHPuNToBeB1mmiInqaBVqT2WDwiBCDLOtJHQKydMy4IhSajOe2V10LdKl%2FgH6OSczgj0osqU%2FRUDUDZ3raLf5v1WyJ5Qczn38QuBU3lXcnGuWjNoGCB6JD6f2geSOBsPUA3JXm%2B3baJGBqpe8V45rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vue.min.js
knq56nd8qx97b.xyz/static/cdn/js/
92 KB
35 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/vue.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-16fc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LR74lFmLry3dwepYK0l57O5hRG82MgvFOhYIEH1FCmhrLRlaBFLXnZEFBWOwtRWAyhFkhdykC60Wx7D%2BbM7XtSeBQxvEMPFRa9pS9EGPOLalA5Wyx1zd8%2F6u5WawYIyBFS23LNH4SUCUFt9Gj%2FdHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba708bf78ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:08 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
axios.min.js
knq56nd8qx97b.xyz/static/cdn/js/
17 KB
7 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/axios.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-45b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdeu5Lk2KFUTnMwKmdGcoZ2bfLAiSbC97ZWXbpR0Nowld2aJHmMiDhYU26Ji4g1%2BuDEdVY67%2Fi7b0PyHr2yi2PhrQHx1hnakpsno1vGlvy4TDC622QtAdUwJAs6ReMoP8ygkfldNzpnn%2B5mnAgHx2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba708c078ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:08 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
crypto-js.min.js
knq56nd8qx97b.xyz/static/cdn/js/
46 KB
17 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6mhZFMJDGS0g1dzxSm%2BPYuZvVAvc918%2BczZJ608sXgDJgK9%2BjuvGQEwYmJdCllfnP78YHNlNAL68lQpyahKfqo5IJNOpG4jAOwVS%2Ff8qqxslc23UTs0%2BE1XYT%2BVDQoI%2BPRqJtUHYjiyB%2FuYgWYyFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba718c278ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:08 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
index.css
knq56nd8qx97b.xyz/static/cdn/css/vant/
140 KB
44 KB
Stylesheet
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/css/vant/index.css
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac1d6d6a6d0441e007ccb5076eba4541bd1d076395b582a788178f7249e57a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-230ae"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8SinLK65Jr5kqIlFCfwv7%2FOsaU2wgxHsBdaeq8G64eFBOn7fiCPko0JmGfUDnfZGanpjLRPWICg7GBZm1%2BRvv2qqAmVrmB8Fjpc4Cq6Luu7v9wZjoEKBf2PvLQ1p3%2BWG5h7gIVgEtp1MpOM88LJuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba718c178ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:08 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
vant.min.js
knq56nd8qx97b.xyz/static/cdn/js/
271 KB
82 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/vant.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0959628d4f805ae4bfca66b98ec3fb4b494f35928075b4b50a7959ff25c4310

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-43bf4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oc9%2FwpVZWeUnLxBDhM14ubty37FAaWqwc4H95z5x7Bmaf3aDdT8ZpxBlMQJQT8cbJqfrFRVCVQMkm0hG5Zzf3TQZvgJuxtzzShOj0y0oC4j%2B7aHxDdDIQCK4ik11MbnxVewAFchHgoeHXE%2BSmkp9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba718c378ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:08 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
vue-clipboard.min.js
knq56nd8qx97b.xyz/static/cdn/js/
13 KB
5 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/vue-clipboard.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7122add2d588267de45bc07c225bc54761a51516ed7c704342b639e48f501759

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-35b4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eVv0MVLjWq6p5MXA8uFDRWQrIH%2FJPI%2FJU9PAaC2bYTHcXsA1wvaEEDcB3qrz77TsRe41QnPV8kY0aMDRgmU4uIxbZKJVeKnKntLgGqtBp25WhQCW3lXTfGu4wId%2FqSNYN%2FIkaTtObSpyMDV6WJlMKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba718c478ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:08 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
enter.js
knq56nd8qx97b.xyz/static/js/
11 KB
5 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/js/enter.js?t=202409091529
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc193260f26c225727fcd99f9e28d3fdb06823516fdd4906acafcec9ef4828d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-2bcb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFHDgk0XdEZYz7YdfVnyAa0BSmsDf4Luz6YwR2eljUnY4mfUqHw%2F2NJDnTzZdgYCfJiVKyfV5gWt0MldGH7kKaY8kzzYiszWUDLPFAwBOCSUoXea67zxZ%2Fj8D58cH3FXbSB%2BphQcJBJmAT4HULF9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbba718c578ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:07 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
/
hmrh52eh9nz2k8.top/
219 B
1 KB
Fetch
General
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/static/js/enter.js?t=202409091529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
a2525deca59f66bb3997c8660e0bc7f25c41b8e22d7a8b17140d8071e836b4a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/

Response headers

Etag
"0396e24cbabf1006175bdca56fbd4078"
Age
28
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
9c12aa8755cb69521dad5789f0330af7
Date
Mon, 16 Dec 2024 09:44:10 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Mon, 16 Dec 2024 08:33:46 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE1[6],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE34[7],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,2]
X-Amz-Request-Id
00000193CE9A3D0E90156E8EF69F09E5
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
219
Server
openresty
zb1.png
knq56nd8qx97b.xyz/static/img/
6 KB
7 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb1.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd85f4ff0e271ecdb9473b34e875ce82ebe82c1e3c09399286fd1a99fcc7caf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67136182-18d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4C6YPpan4kprUg9oEE5kIo44vZt9OgxfSiw7go%2B4rL%2BZR6XJD7DlNghGDmutSQ1ZHq%2F6nMsqSK80YAqhiiL5hZPacloAU2pEyID5OF8kMvr7Gr5MuImewxNTVos6rWijaxQsiWy6YAm8Qpj%2FZ2djA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb0d8d178ed-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
6359
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb2.png
knq56nd8qx97b.xyz/static/img/
3 KB
3 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb2.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379f832f36508310c768174d0afa2143f2d2913477b0054570ca8ef0b6d9b917

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67136182-a2d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dyLv5zkPwT%2F9MX9zaMqH4Iz00K2KbUkzllLAU9Rnm3lRvbP%2ByIg7uZo4iBdB5%2FWCtXaXOUamljfJt26cO3qpGAe3mexvl2uT3INMsU%2BrxrRVIakX4Y68inn0ez8V%2Fq7N%2BNj4C5dF241X%2FsFoWqEIgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb0d8cf78ed-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2605
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb3.png
knq56nd8qx97b.xyz/static/img/
4 KB
4 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb3.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dcba37e59c9b18bf3b18423d9bbdad9ece87dc558db3a86882fca9c1fc1569

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67136182-e93"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQ7LhuDzW5OmAzQXNmutMt1AOS8JZc5GrF%2FoPXxXhLXWNz%2Fnu2uTeigvnsGmWuXM4CO8LRD3Br1FQFHgOGGZf%2Fyv4vC9p%2FmCsvASuQDbTQd4ENysT6WmyrKDy%2Bo6rzoe3%2FeCHHboZz6J%2BEDMd%2Bb22Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb0d8d078ed-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3731
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb4.png
knq56nd8qx97b.xyz/static/img/
4 KB
4 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb4.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad5196e9c615c673214814cf83d9ac81678f9ef38b1cd3ce92b17cd92bd57a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67136182-f50"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3bdRmOoamyHWEyd%2FgaG9oYuVsVkOQ3AFXOXxlnUf3c18vcQ6tbJ6KBfSEuJ4oRftvBhvWH4Cy52GHytmXA%2BdkA3WIsyk88Q6GE%2ByXBTSmnB7pPVN7Y8%2F9TKSd52fSSYixviA%2BSAm%2BJw%2BPQu6XG%2F2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb0d8d278ed-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3920
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb5.png
knq56nd8qx97b.xyz/static/img/
7 KB
7 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb5.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ecec350edbd7b0f13acd8e4a0c1d0718cec996fd7bbb8bdd601dcadbd6594a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67136182-1b27"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpjKRobjlMdDmsRLWAd5Iu2NxfFkpx6TURv1SFV1dZsVO7dAJKDJyBmqcX0IoEdnTMZkte7XLQemib0GPvrVsHiedqJG5nfbDFOT1AbDI8IID3ovEcyW%2BXH%2FmCxq%2B4sOrOeffUgk4nESFpD3vWywcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb0d8d378ed-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
6951
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
main.js
knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 111C
Redirect Chain
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18829fc786029f0f2f40f08a18e3c86a1b50b213f5c6f4a4a88460926a099e67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XK5lV9qDs9IJxVNQqLpXiPYJY7H2MnSvuThZ5GMBYo4n0N8js7PdvOhiv82eD2dRDh1TukHUBSsIX%2B0W7IoV%2BYxbEePnmQ%2Bsja34SH0ZuT%2FynfGIiTPYx1wtVCbd4o4CUB0%2FtqdfRzHHdUtyV9w4IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f2dbbb108d678ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TY2ke9caHrZUEwePt86NI3ctgDAnxRXfkj9t6o%2B3p5%2BCs77mpgPx2rM8ZAbXRGuBl4r0N9h3bFnBNcfabHpyLOV%2FeJ8Iap5HkgnzxS3cA0HMrqDFl5kbFCGeTE4CpsfxbJ2ezraBuPUaHUnYxdnWFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb0d8d478ed-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 09:44:09 GMT
vary
Accept-Encoding
server
cloudflare
8f2dbba3c8ba78ed
knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 111C
0
971 B
XHR
General
Full URL
https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8f2dbba3c8ba78ed
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ugi5M3EN7vP6nvtQKfX9hCDlx%2FhXyZKrC8mr46KBFCk%2B46o2dqgfXqWPiCgzakTTiripgiQ5sC8TfmM1iCxsGE%2FarNqPfcYtD%2BQDzgIFeHnk1Ojcm6E3rqYLfHIqrCGh8L8nKB3vLMvH8Cp0RqjtKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb1d8d878ed-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 09:44:09 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
knq56nd8qx97b.xyz/
4 KB
4 KB
Other
General
Full URL
https://knq56nd8qx97b.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iEYkfPQgy7lTyfMYy%2BVA47rbEUV3OXUNQ5K3uAv%2B3EB7lKptHCiP4oC5cB6%2BYfvyomzBlYpNkwUcsr2r5I%2BHJIlzW0u%2FpnVcPwsXJ67J0u6wLHfS1updgrN%2Bmx6StZ1wD%2B3qaNMKNiwruGW0rS6kBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2dbbb3f8db78ed-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 09:44:10 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
request
lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/
2 KB
2 KB
XHR
General
Full URL
https://lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/request
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/static/cdn/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.135.86.215 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
486b084b5fc7d99ed5516b20ade3b054dac6698583f072f6b66a8c1dce9f47f7

Request headers

Referer
https://knq56nd8qx97b.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fR52FEa1MpV0Xh549Vaa8FM1T2R9EIcaA5gmwUX4dXKjAk3dlNusqTSqGuLS7jAjvTiwd5%2BU4QYkJ9S%2F8OnA33SdDvuaCvy0mxPUnyi7JtYIy%2FSiHAJ%2FdRiPk0RFkm4ECni3B6x4zFc%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f2dbbc64edb098f-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41136
server-timing
cfL4;desc="?proto=TCP&rtt=1648&min_rtt=1648&rtt_var=824&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=679&delivery_rate=0&cwnd=68&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Mon, 16 Dec 2024 09:44:12 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.135.86.215 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://knq56nd8qx97b.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8f2dbbc0f80b24c7-HKG
Connection
keep-alive
Content-Length
0
Date
Mon, 16 Dec 2024 09:44:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vte4GiYC%2F3w7lxe41rp7Zh3sp6EY1Eno9QLX%2BlrlmgK7H3k3Io4grHp66x8ZO%2B6gfHz7YVqxjSFSHfHMtuC%2BGVYgv4fqUUJ2igcIPuoXPxNkPHYBOT%2F1Xtv%2FtiA90HMkRzFDX7k8f28%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1161&min_rtt=1161&rtt_var=580&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=587&delivery_rate=0&cwnd=87&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Vue function| axios object| CryptoJS object| vant object| VueClipboard object| publicKey function| handleEncrypt function| handleDecrypt function| fromCode

1 Cookies

Domain/Path Name / Value
.knq56nd8qx97b.xyz/ Name: cf_clearance
Value: gN0fcr0qWcSKxZCQgxPYDrjUShHX9_ltCNZXCGAHgdg-1734342249-1.2.1.1-RYM3MP1L8fXmW3vWbEBzBuWidLK7RS7rw60j8DH59N08uPvakCy6MsSh596z_fu5BQo5HeGKM0QjQJ7xKBl6XsvTajsaUD27sp3YfiiBiN74E9CaqSkGcfmEi9SVVY2pnfxQNa_HrUH.PDkUX04LJA9jg9nCBTSL5.5k8M_TF5G1tHVqyHP.Qv4Njl2AG7F3XqdxVj6cCc_Cq26H65wuMORxuwRpms9a1yTRycYJjjRqoZpR6hP2MAWlHfl_OLNJEXVdrdmtk.UxSfnLgjWoxLzPpeTVQRn7Fv4ymmHhbx_YiduSjg0pETH4gN0lgnLJKitGKwtXkmt5vKohAwBhrHceRnGkgrnnLqtUjEFPFdIdo1HgCRWLl.5Jz768UHUx