urlscan.io logo urlscan.io
SecurityTrails logo

ngttszrcwfw8k6hd.xyz Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1p9zfbbnz0rl.xyz/
Effective URL: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Submission: On October 22 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ngttszrcwfw8k6hd.xyz.
TLS certificate: Issued by WE1 on October 2nd 2024. Valid for: 3 months.
This is the only time ngttszrcwfw8k6hd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:303... 13335 (CLOUDFLAR...)
2 20.255.107.57 8075 (MICROSOFT...)
2 206.238.179.17 399077 (TERAEXCH)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
23 5
Domain Requested by
10 1p9zfbbnz0rl.xyz 1 redirects 1p9zfbbnz0rl.xyz
6 ngttszrcwfw8k6hd.xyz 1p9zfbbnz0rl.xyz
ngttszrcwfw8k6hd.xyz
2 qb8coon.n44jd98tnspk.xyz 1p9zfbbnz0rl.xyz
ngttszrcwfw8k6hd.xyz
2 hmrh52eh9nz2k8.top 1p9zfbbnz0rl.xyz
ngttszrcwfw8k6hd.xyz
0 qb8coon.hpiettq8ix4h.xyz Failed ngttszrcwfw8k6hd.xyz
23 5

This site contains no links.

Subject Issuer Validity Valid
1p9zfbbnz0rl.xyz
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
52medhmvvqp51p.top
E6		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.n44jd98tnspk.xyz
E6		 2024-10-22 -
2025-01-20		 3 months crt.sh
ngttszrcwfw8k6hd.xyz
WE1		 2024-10-02 -
2024-12-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Frame ID: 08CD26E962A86759F85AE63430A75059
Requests: 18 HTTP requests in this frame

Frame: https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Frame ID: 2D5ADB73FCD4B46B6D475F4835A71C31
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1p9zfbbnz0rl.xyz/ HTTP 307
    https://1p9zfbbnz0rl.xyz/ Page URL
  2. https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

23
Requests

78 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

679 kB
Transfer

2281 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1p9zfbbnz0rl.xyz/ HTTP 307
    https://1p9zfbbnz0rl.xyz/ Page URL
  2. https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1p9zfbbnz0rl.xyz/ HTTP 307
  • https://1p9zfbbnz0rl.xyz/
Request Chain 9
  • https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1p9zfbbnz0rl.xyz/
Redirect Chain
  • http://1p9zfbbnz0rl.xyz/
  • https://1p9zfbbnz0rl.xyz/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b40efad0efc90a92061da7a3ff5a7a81bedb57a09763aae7a5f52ec21d1cd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d6d30faef019401-LHR
content-encoding
zstd
content-type
text/html
date
Tue, 22 Oct 2024 23:15:47 GMT
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5fCHV82MvhYxrvrFd9AyVMwCVy8%2Fy9%2F5OGrAKb99HiQG2xh3L%2F2CsncNp4dXr3hH%2F51at%2FfSTgCX3OXOPYmUcfj%2Fflvb%2BxM3GxIrMgjCQszaxNep8rFCYxFOfFQla1jmbj9BcRkhGiA6ptoIoqD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29137&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4441&delivery_rate=551&cwnd=12000&unsent_bytes=0&cid=455c5046ef20cbd8&ts=545&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

Location
https://1p9zfbbnz0rl.xyz/
Non-Authoritative-Reason
HttpsUpgrades
chunk-vendors.css
1p9zfbbnz0rl.xyz/static/20241017204656/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/static/20241017204656/css/chunk-vendors.css
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-2da4c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uxhy6bSU5W3lvB4AuflWBLgiOayi3ZD1KpUHdighFuE%2Bn3gyUMoqVAAgNzAYpzyXMMXP5dPg%2Bup%2F9uZNWtHLUa0cxV18NTz0d2RnRwdo4hY8niEp0sc6IipuW0hyoupHpjQf1%2B1KmDGX57tR43a"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d31052f429401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=146241&sent=40&recv=27&lost=0&retrans=5&sent_bytes=27813&recv_bytes=6612&delivery_rate=363421&cwnd=12000&unsent_bytes=0&cid=455c5046ef20cbd8&ts=2696&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:49 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
share_301.css
1p9zfbbnz0rl.xyz/static/20241017204656/css/ 		149 B
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/static/20241017204656/css/share_301.css
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f875c04fd04a47b543c1027cac0c21629c6e789c0e4af50fd5d3d85280b2479

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-95"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogQel3JP21Zs5pEyR2haD1xJsnLMHfyAFEuEBp6%2B5HK4TxK6kTuEPyiUSP%2FW1PKvZKwx4K9NjtnHAYrrJyAfJjsjFN92SlVdI5HE9j8qDhlu96mKOUEc5zxICPTFujoXyKFniyq3i0TZe4CYeUOT"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d31052f439401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=367018&sent=28&recv=19&lost=0&retrans=5&sent_bytes=14946&recv_bytes=6268&delivery_rate=5683&cwnd=12000&unsent_bytes=0&cid=455c5046ef20cbd8&ts=2183&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:49 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
chunk-vendors.js
1p9zfbbnz0rl.xyz/static/20241017204656/js/ 		909 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/static/20241017204656/js/chunk-vendors.js
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-e3513"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJ%2BnGWa6kBFpAwXjIVPYaZtIjct6PC7QErcliXsPvK0VUwwdFQymtfQuRd%2F91%2F2o86K3OgSbvlHfygNySw2bYnvbl8Qzqi0tH%2Ff3Wrfsr9JmtLGGil4S0TqnyLzStsT9udjZ2F9eCiv%2Bn%2Fvo275p"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d31053f4a9401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=146241&sent=39&recv=27&lost=0&retrans=5&sent_bytes=27125&recv_bytes=6612&delivery_rate=363421&cwnd=12000&unsent_bytes=0&cid=455c5046ef20cbd8&ts=2674&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:49 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
share_301.js
1p9zfbbnz0rl.xyz/static/20241017204656/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/static/20241017204656/js/share_301.js
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5391714d246bb1e38fedde92f9812017a8b9270c786246afe1f2c3291013360d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-7631"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGBGhMPdRQxPYVV7rtNiiMIbUoIzDCGbsIHmC4jAQcRFibnvjL5wj3e3LyUqpJWcyFc26xrXgR%2BU8cbZN3uABOg4683c%2FcukC17nbzDbaDD0I1XJTsCzPJHq2ZbjbMoaTTXC%2BmTezTnl13jrOOEN"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d31053f4b9401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=255417&sent=29&recv=22&lost=0&retrans=5&sent_bytes=15770&recv_bytes=6397&delivery_rate=10063&cwnd=12000&unsent_bytes=0&cid=455c5046ef20cbd8&ts=2443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:49 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
jsjiami.js
1p9zfbbnz0rl.xyz/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/static/cdn/js/jsjiami.js
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-260b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVXbEPqDPBjDqrWMcJcAjKZ2LvjCHIYYGtJ3oBdtf7vH0qHJcILTzIkw9oNisaP7etGB6HW3bMKT%2By6E%2BHWTGcFrtGmFqdmsJwX27awwClxMqR%2BFWFLVOQJG4wjTzqveZCq9Ax2MD1zvpzpZlRWp"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d31053f4d9401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=367018&sent=23&recv=19&lost=0&retrans=5&sent_bytes=10550&recv_bytes=6268&delivery_rate=5683&cwnd=12000&unsent_bytes=0&cid=455c5046ef20cbd8&ts=2174&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:49 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
/
hmrh52eh9nz2k8.top/ 		187 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/static/20241017204656/js/share_301.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.255.107.57 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
640c352ec9bae19742cc538d0cab5b62319733ba77a2cee2a8822e0638af70bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

Etag
"5994967eb7fe9545e2a46c64267e4d93"
Age
14131
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
43b5d9ea32ec3405c7a83cbad1dd6eb7
Date
Tue, 22 Oct 2024 23:15:52 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Tue, 22 Oct 2024 19:20:17 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE4[2],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE17[4],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,3]
X-Amz-Request-Id
00000192B5AC463190169B20FE0D8C58
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
187
Server
openresty
request
qb8coon.n44jd98tnspk.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qb8coon.n44jd98tnspk.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
206.238.179.17 Singapore, Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1p9zfbbnz0rl.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-RAY
8d6d3121d8405ddc-HKG
Connection
keep-alive
Date
Tue, 22 Oct 2024 23:15:53 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M79hmcVOPcYha2w%2BcQZH6iZFAAxRo5HLsvSbHege0O1r%2BKRoBZxOP3znqGZkiGiMMOyI4tHpEejm%2FU8OhfsI2wc92vpLr%2BIcX23JIjKIozyAea3XTTzuVMG82TEz9eO4tRybSHs%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
server-timing
cfL4;desc="?proto=TCP&rtt=1791&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=601&delivery_rate=0&cwnd=198&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
request
qb8coon.n44jd98tnspk.xyz/fast-endecode/main/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qb8coon.n44jd98tnspk.xyz/fast-endecode/main/request
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/static/20241017204656/js/chunk-vendors.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
206.238.179.17 Singapore, Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://1p9zfbbnz0rl.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
zstd
cf-cache-status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W5Rq747tAGhAcTD5wdd5t9GKPgFlGDy%2Bw5eq8RDfbZRzQS13T8ZqaDXJpt5luG2RB%2FM97IzD90um8m5iP%2FngoLujWWfF8oY9SnHLC8u5xkpgstGNh%2BhvcOQnP02rKlM66HKC9LE%3D"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=2181&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=693&delivery_rate=0&cwnd=228&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Tue, 22 Oct 2024 23:15:54 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d6d3128a9bf5de0-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8801
Server
nginx/1.17.6
main.js
1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/ Frame 2D5A
Redirect Chain
  • https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
Protocol
H3
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b20f54df4da72af355b5b70bc53cf758f5cd7e2e61e2fb70c8e1f1dd546626
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkQ77REKWCXfnHUZ0LLfOkznop%2Bu%2FUNwxP9InMd0hBOL%2FRPmn85wK7asuq00Brrt6c40pPF82htpLprQnV8LCvt9ESfv2r87RaEe7sc6QB2zr9pLlMotTohcd4MdunINPSMQnr9wy3UFBXn4mbjF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d6d311c5fdf9401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29406&sent=322&recv=85&lost=0&retrans=6&sent_bytes=358402&recv_bytes=10006&delivery_rate=19357&cwnd=171900&unsent_bytes=0&cid=455c5046ef20cbd8&ts=5392&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pm%2F8QSamNOBdIEH720TX%2FTELYI%2FTDwTxEiDgTLr%2Fo5WA8bdsIkGblfavV9hw%2BjuM2i1Q%2FAHXwRh6rbj9R1RwezCdDPxwjuWI8C7q3Dbg6PsAEsQg3Z3E7TF%2FMUfyX%2BHppqAias7i5OXC6%2BRBrw%2Fj"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d311c1fbf9401-LHR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=29746&sent=320&recv=84&lost=0&retrans=6&sent_bytes=357649&recv_bytes=9701&delivery_rate=4220209&cwnd=171900&unsent_bytes=0&cid=455c5046ef20cbd8&ts=5355&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:52 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
1p9zfbbnz0rl.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://1p9zfbbnz0rl.xyz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67110986-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xpP%2B5MQxQvU%2BhbjRzjrmBnO58MQi0L7m5Y%2F4WQ1PZJRpWCAgUNfWTKmNs7S0eOXXJ8qcVxH0PujGNJA8C3Oipbh%2FTHH%2BWUhJU0ShycveMlrtIcY2hlMxxJshojlii37tNKggp2D2lsRBoEdu6vAC"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d311c1fc29401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29624&sent=340&recv=102&lost=0&retrans=6&sent_bytes=364591&recv_bytes=27309&delivery_rate=21920&cwnd=171900&unsent_bytes=0&cid=455c5046ef20cbd8&ts=5866&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:52 GMT
content-type
image/x-icon
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i
8d6d30faef019401
1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2D5A 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8d6d30faef019401
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c270 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9LvMixy2rEG0TC4jOytnHSK35GjkFjGtmw6KhR3rG3yBImnNNdzLbTcvjSxtJFCTQbDmuGgXMnXNp2cuM%2FEHdxTwf1HjQ%2FN4SGZThdjbf6O%2FeKV8JyvUrP7Qu81Fc9qDgMqdqyfqwPTB8FSvpRS"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d311d18659401-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29268&sent=338&recv=101&lost=0&retrans=6&sent_bytes=363347&recv_bytes=27264&delivery_rate=113763&cwnd=171900&unsent_bytes=0&cid=455c5046ef20cbd8&ts=5538&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 22 Oct 2024 23:15:52 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
ngttszrcwfw8k6hd.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Requested by
Host: 1p9zfbbnz0rl.xyz
URL: https://1p9zfbbnz0rl.xyz/static/20241017204656/js/share_301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7173e986df7dd6b2663bab35457fdede953ee4e139c12f5d7c81594b5b345b1

Request headers

Referer
https://1p9zfbbnz0rl.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d6d312aba98889e-LHR
content-encoding
zstd
content-type
text/html
date
Tue, 22 Oct 2024 23:15:55 GMT
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVAlXQWIrjaYfu7PIc9SiTj73yy0aUMbjiUN6G7B9Gb9y53aAMif5EO631FB%2B1cFj%2F2DG2BH4bbXK2FeInykmtHWl5bZAUDQ7wWsXP2sim%2FSVaGImcBGnUkiZxTlzd3Vqg3qmKT0qUIByD2Q6wei1ZCmbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28365&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4147&recv_bytes=4477&delivery_rate=561&cwnd=12000&unsent_bytes=0&cid=f10e80ea49d30222&ts=515&x=1" cfExtPri cfHdrFlush;dur=0
chunk-vendors.css
ngttszrcwfw8k6hd.xyz/static/20241017204656/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ngttszrcwfw8k6hd.xyz/static/20241017204656/css/chunk-vendors.css
Requested by
Host: ngttszrcwfw8k6hd.xyz
URL: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd500b3049c4ebfa22af7517d67cf1ec88de5af30da1947e2b509edfd12191f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"67110986-2da4c"
age
1885
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=we%2FJ7wRNOJBH%2BE777XzZYSkXrW2BHZ7uf3e%2Fec17k6QVW%2BnQC1uic98GIBGqkc3CRqpcOgndvQaFyWeydcAqYOhWtB5shZ2IYCqdg6yHkCLmyNjzme1QoQwlSkygHIMdim%2FF78lnMT9KfdN0evFG11UCMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=186956
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27935&sent=14&recv=16&lost=0&retrans=0&sent_bytes=5927&recv_bytes=6290&delivery_rate=70477&cwnd=12000&unsent_bytes=0&cid=f10e80ea49d30222&ts=561&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 23:15:55 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d6d312deca6889e-LHR
server
cloudflare
iframe.css
ngttszrcwfw8k6hd.xyz/static/20241017204656/css/ 		217 B
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ngttszrcwfw8k6hd.xyz/static/20241017204656/css/iframe.css
Requested by
Host: ngttszrcwfw8k6hd.xyz
URL: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cefa674d5bc9b0d3d820a25ec183d385da7b4f6bcfbd04ae2c1c7f535c5494

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"67110986-da"
age
1885
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MkoRfDs3rQQwt9PKFqrcWjS%2FQE1NMdCqKjFMrEOv8gkyOao6R%2F%2BfdPJpIGckEA0ZDCgCwpxxTEKSYwzN6KLg85ZetG8YPgxpKnInhhgH6Uy%2B19D287EIPh7JYnmsy%2BHjOwbLAPbHSO7PhH991LdY1iIkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=218
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27935&sent=25&recv=16&lost=0&retrans=0&sent_bytes=17927&recv_bytes=6290&delivery_rate=70477&cwnd=12000&unsent_bytes=0&cid=f10e80ea49d30222&ts=563&x=1", cfExtPri, cfHdrFlush;dur=23
date
Tue, 22 Oct 2024 23:15:55 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d6d312deca7889e-LHR
server
cloudflare
chunk-vendors.js
ngttszrcwfw8k6hd.xyz/static/20241017204656/js/ 		909 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngttszrcwfw8k6hd.xyz/static/20241017204656/js/chunk-vendors.js
Requested by
Host: ngttszrcwfw8k6hd.xyz
URL: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892920a8ece44344335391b6dd5272c108d8302eea8b84108ee068aefc2721d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"67110986-e3513"
age
1885
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FzJOIvitr7D2Pysjh1TOdrioI85UgsxmiSh59NlFf3a6pFZpH8ut%2BLkFK5SJv1jXg2TkI5GqOG4lTluCkrftwCYMoKSa0%2BElzuHIqeGgVYEiW9K1cmaZ9yxtsK0Dz04dxGkLpyIzkzwBxofDLIERIySgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=931091
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27935&sent=25&recv=16&lost=0&retrans=0&sent_bytes=17927&recv_bytes=6290&delivery_rate=70477&cwnd=12000&unsent_bytes=0&cid=f10e80ea49d30222&ts=567&x=1", cfExtPri, cfHdrFlush;dur=19
date
Tue, 22 Oct 2024 23:15:55 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d6d312deca8889e-LHR
server
cloudflare
iframe.js
ngttszrcwfw8k6hd.xyz/static/20241017204656/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngttszrcwfw8k6hd.xyz/static/20241017204656/js/iframe.js
Requested by
Host: ngttszrcwfw8k6hd.xyz
URL: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce59445094e5cc09076e94d53854eacd071b9157969420604d64f674572ca208

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"67110986-796f"
age
1885
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJVQwC%2B67SRRG%2BpFWay1%2FEWPxweREIoZpyyxXZeUEtgkh6sRG3%2BOs5xnfD9gaPjKovY1iOLMNdotidTlZTTmLkNAyNe%2Bz1NAAFpKaA1Sq%2BReKf%2F4LxOo4ucE%2B%2BnMkLr5EvbJetxtOUzVAWthZ%2BtjmKFgvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27935&sent=25&recv=16&lost=0&retrans=0&sent_bytes=17927&recv_bytes=6290&delivery_rate=70477&cwnd=12000&unsent_bytes=0&cid=f10e80ea49d30222&ts=561&x=1", cfExtPri, cfHdrFlush;dur=26
date
Tue, 22 Oct 2024 23:15:55 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d6d312deca9889e-LHR
server
cloudflare
jsjiami.js
ngttszrcwfw8k6hd.xyz/static/cdn/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngttszrcwfw8k6hd.xyz/static/cdn/js/jsjiami.js
Requested by
Host: ngttszrcwfw8k6hd.xyz
URL: https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a6921034f04de2d2d73d289f6abb048d95b2137807984c2b363d72a7eea2cb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://ngttszrcwfw8k6hd.xyz/?domain=1p9zfbbnz0rl.xyz

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"67110986-260b"
age
1885
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFQKLynX7Q%2BcTpxLqV6OwIHelsuYERfSAXPP5uBizw%2BahBOhf3qEc51uikIDKsRX49nKfrSASHXApRltimX00791ig0yHVoT7zes3jLSrE0txDQunkvwWqIa3p9eZqLIk7cfFsZqwgThKj19dYYIhAcz6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=9739
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27935&sent=25&recv=16&lost=0&retrans=0&sent_bytes=17927&recv_bytes=6290&delivery_rate=70477&cwnd=12000&unsent_bytes=0&cid=f10e80ea49d30222&ts=562&x=1", cfExtPri, cfHdrFlush;dur=25
date
Tue, 22 Oct 2024 23:15:55 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:56:38 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d6d312decaa889e-LHR
server
cloudflare
/
hmrh52eh9nz2k8.top/ 		187 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: ngttszrcwfw8k6hd.xyz
URL: https://ngttszrcwfw8k6hd.xyz/static/20241017204656/js/iframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.255.107.57 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
640c352ec9bae19742cc538d0cab5b62319733ba77a2cee2a8822e0638af70bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://ngttszrcwfw8k6hd.xyz/

Response headers

Etag
"5994967eb7fe9545e2a46c64267e4d93"
Age
14135
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
929c56a32000046a9b4528cff300a3c5
Date
Tue, 22 Oct 2024 23:15:56 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Tue, 22 Oct 2024 19:20:17 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE1[3],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,0],EA-HKG-GLOBAL1-CACHE17[4],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,3]
X-Amz-Request-Id
00000192B5AC463190169B20FE0D8C58
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
187
Server
openresty
request
qb8coon.n44jd98tnspk.xyz/fast-endecode/main/ Frame 		0
0
request
qb8coon.n44jd98tnspk.xyz/fast-endecode/main/ 		0
0
request
qb8coon.hpiettq8ix4h.xyz/fast-endecode/main/ Frame 		0
0
request
qb8coon.hpiettq8ix4h.xyz/fast-endecode/main/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
qb8coon.n44jd98tnspk.xyz
URL
https://qb8coon.n44jd98tnspk.xyz/fast-endecode/main/request
Domain
qb8coon.n44jd98tnspk.xyz
URL
https://qb8coon.n44jd98tnspk.xyz/fast-endecode/main/request
Domain
qb8coon.hpiettq8ix4h.xyz
URL
https://qb8coon.hpiettq8ix4h.xyz/fast-endecode/main/request
Domain
qb8coon.hpiettq8ix4h.xyz
URL
https://qb8coon.hpiettq8ix4h.xyz/fast-endecode/main/request

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| encode_version string| fhljt object| __0x10133b function| _0x2379 function| isConsoleOpen function| a0_0x33be function| a0_0x1077 function| a0_0x3afc48 object| webpackJsonp function| a1_0x430c function| _0x31f837 function| a1_0x5b86 object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

1 Cookies

Domain/Path Name / Value
.1p9zfbbnz0rl.xyz/ Name: cf_clearance
Value: QAYF9A4i3Mt8YAjUJoMZvpSyEcxKTqIDC6.NMD3jC_A-1729638952-1.2.1.1-t2IlpxHqRfkWxy7NcdbZymBz1qNQ19xvw.K8ocs8q5QsRqUlUH1liF7350NgU2uC_XFnocwOZ_dWNmDqv9MKoaana9vwLGOFAW43VS9VRLc0zWM0XtYA_aN9WoqzV2DiS.wTrV0T4OWa130Abi43SheeVzrmZr8dA_m_HIBShDbdsFnawR7In_HwzNP.2vd.3IrnTZxHfkjybGfs56EbnGcDmkB4a4.D_75mP_zcoNyjimnkXWBBbtFMaTByHuVP06tZa019BsnYbuhb_U5W1Ri6rdQsQUitrcgNaDp1eXV086FybZI0Wn3Yl79FwzOO5.nA.qYG3jtA.nvGabCKjmjz5QJBKHgjD4132fJcSdssGenL73wflupkJI460eXh3yuroa0aXSTYMlTkHnmmqzXxWsh1xUPLnAcXohRVFV4