cres.xfg958.com Open in urlscan Pro
43.252.172.21  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response cres.xfg958.com/	631 KB 463 KB	1346ms 671ms	Document text/html	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 583b2ab8ddb4ebf6d1ac7e64ecc8f3c621384b6d59417d26a404f80d0d546969 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 03 Jun 2024 12:45:16 GMT ETag W/"665aeae4-9dd9e" Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc Transfer-Encoding chunked Vary Accept-Encoding X-Cache-Status MISS
GET H/1.1	200 OK	hls.light.min.js Show response cres.xfg958.com/hls.js/1.0.0/	272 KB 72 KB	673ms 672ms	Script application/javascript	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/hls.js/1.0.0/hls.light.min.js Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash af9decb92b34c81fe8a8af4d98b6911be2990c6e39005012ea18000142c33555 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Origin https://cres.xfg958.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:16 GMT Content-Encoding gzip Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag W/"665aeae4-43e6b" X-Cache-Status MISS Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	main-c20fbb0.js Show response cres.xfg958.com/app/1.0.9-5/	2 MB 681 KB	1295ms 661ms	Script application/javascript	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 1d3427723be58b0fcf2e8fea0c92cd28131c4d613bc1163e1c831dcdb10f720b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:17 GMT Content-Encoding gzip Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag W/"665aeae4-24a93e" X-Cache-Status MISS Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	30a3533.js Show response cres.xfg958.com/app/1.0.9-5/	2 MB 508 KB	1306ms 659ms	Script application/javascript	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/app/1.0.9-5/30a3533.js Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 0650ec41d2e993f0a701bf6805c29e7b86efe73272c8cd2282986998ef7c4ad0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:17 GMT Content-Encoding gzip Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag W/"665aeae4-1dfb32" X-Cache-Status MISS Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET DATA	200 OK	truncated /	439 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b98620b2e7fdf95737aba4a0242633fa5a5058267a00cd3d98a01c121963d68e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	main-c20fbb0.js Show response cres.xfg958.com/app/1.0.9-5/	2 MB 0	0ms 0ms	Script application/javascript	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 1d3427723be58b0fcf2e8fea0c92cd28131c4d613bc1163e1c831dcdb10f720b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:17 GMT Content-Encoding gzip Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag W/"665aeae4-24a93e" X-Cache-Status MISS Vary Accept-Encoding Content-Type application/javascript
GET DATA	200 OK	truncated /	28 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 739212ab704da955263bbd4821f5f233122cd1ec630334ad0ccdb1b399db4ea4 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H/1.1	200 OK	encrypt.key Show response cres.xfg958.com/	16 B 266 B	326ms 325ms	XHR application/octet-stream	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/encrypt.key Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash e34e32542c5b611620e5ee094619a6f9211383ea5d41cf1f3f0116d1f16aee80 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:19 GMT Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag "665aeae4-10" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 16
GET H/1.1	200 OK	icon_64x64.a1b8f9.png cres.xfg958.com/app/1.0.9-5/icons/	6 KB 6 KB	316ms 316ms	Other image/png	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/app/1.0.9-5/icons/icon_64x64.a1b8f9.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 1c53475bfe3d0da0a9f97e8d33a36185c3276fc17382753956ca13f0b4a41ab3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:19 GMT Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag "665aeae4-183a" X-Cache-Status HIT Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6202
GET H/1.1	200 OK	favicon.ico cres.xfg958.com/	4 KB 4 KB	316ms 316ms	Other image/x-icon	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 59f9f64e9f02d3a220cca4c634f8452f0652a60e673942793174d2529f35fd25 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:20 GMT Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag "665aeae4-10be" X-Cache-Status HIT Content-Type image/x-icon Connection keep-alive Accept-Ranges bytes Content-Length 4286
GET		speedtest rfsss.rfx604.cc/api/v1/	0 0
GET H/1.1	200 OK	speedtest Show response ser.ser023.com/api/v1/	84 B 936 B	1000ms 333ms	XHR application/json	154.86.17.40 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://ser.ser023.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.86.17.40 Hong Kong, Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash e32109fa8939ff4d7adbe3849f17c8b476f0d1ffb7f45e34ce92cd2c983bc946 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:22 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-DNS-Prefetch-Control off Connection keep-alive Content-Length 84 X-XSS-Protection 1; mode=block Server cdn-ddos-cc ETag W/"54-V+eqcD0lRIpszH1S7eJxS3nvIeE" X-Download-Options noopen X-Frame-Options SAMEORIGIN X-RateLimit-Remaining 49999 Access-Control-Allow-Methods OPTIONS,HEAD,PUT,POST,GET,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding X-RateLimit-Reset 1717419012 X-RateLimit-Limit 50000 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	speedtest Show response zyf.zyf985.cc/api/v1/	83 B 935 B	1049ms 382ms	XHR application/json	154.86.17.29 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://zyf.zyf985.cc/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.86.17.29 Hong Kong, Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 1293b2180d22f8e5abe67b0bdc3d35a37af99c51ea60a685dc50cd2fe7a01378 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:22 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-DNS-Prefetch-Control off Connection keep-alive Content-Length 83 X-XSS-Protection 1; mode=block Server cdn-ddos-cc ETag W/"53-mPrqyC0NBvwluZv8GZNOyX0I+m0" X-Download-Options noopen X-Frame-Options SAMEORIGIN X-RateLimit-Remaining 49998 Access-Control-Allow-Methods OPTIONS,HEAD,PUT,POST,GET,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding X-RateLimit-Reset 1717419545 X-RateLimit-Limit 50000 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	speedtest Show response jzg.jzg278.cc/api/v1/	83 B 935 B	1051ms 385ms	XHR application/json	154.86.17.38 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://jzg.jzg278.cc/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.86.17.38 Hong Kong, Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash a4d35aa6ef3f8d9d4c66c559addd0296c23f0ab43889612d0e078a613d40fba6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:22 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-DNS-Prefetch-Control off Connection keep-alive Content-Length 83 X-XSS-Protection 1; mode=block Server cdn-ddos-cc ETag W/"53-ovaVaCyNYrNW2B+i/Lou0lIAbbg" X-Download-Options noopen X-Frame-Options SAMEORIGIN X-RateLimit-Remaining 49999 Access-Control-Allow-Methods OPTIONS,HEAD,PUT,POST,GET,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding X-RateLimit-Reset 1717419558 X-RateLimit-Limit 50000 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	speedtest Show response mcv.okb041.com/api/v1/	83 B 935 B	1000ms 333ms	XHR application/json	154.86.17.40 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://mcv.okb041.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.86.17.40 Hong Kong, Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash b4fd5b8e61e2f136251fdc5e097446f70355a0ff6b4bf096b295758d31758a07 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:22 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-DNS-Prefetch-Control off Connection keep-alive Content-Length 83 X-XSS-Protection 1; mode=block Server cdn-ddos-cc ETag W/"53-FzFiozdnKwSWtr8n6rh7CntMNDo" X-Download-Options noopen X-Frame-Options SAMEORIGIN X-RateLimit-Remaining 49999 Access-Control-Allow-Methods OPTIONS,HEAD,PUT,POST,GET,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding X-RateLimit-Reset 1717418772 X-RateLimit-Limit 50000 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H3	200	speedtest Show response mnb.mnb630.com/api/v1/	83 B 817 B	670ms 637ms	XHR application/json	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mnb.mnb630.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c97b6f893730fb93e3d123a337750e0b94a2afb91ab05d6efbeda3198e2e7f0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 12:45:21 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff accept-encoding gzip, deflate, br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare etag W/"53-upgbMMYpq7lX0+aH3UOaB0kLJkg" x-download-options noopen x-ratelimit-remaining 49997 x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHSJXdJSrkHe8EZsFqUsQ5c%2FekkoQWFdXCCvZXpdSNYsYaxroKdvnJkbLS4KEdWx7nixJdQpDDoHbjdnESaWV6rigJnlHJmK4qlVMYpdaouxwmlDvfapOLxm20FGJCeo5Q%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * access-control-allow-methods GET,HEAD,POST,OPTIONS x-ratelimit-reset 1717418883 x-ratelimit-limit 50000 cf-ray 88dfc79fac64718b-FRA access-control-allow-headers token access-control-request-headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H3	200	speedtest Show response mnb.mnb631.com/api/v1/	83 B 826 B	569ms 536ms	XHR application/json	104.21.52.202 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mnb.mnb631.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.52.202 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02d67ec5b18c92f43c2826a7ad46ae95f465cdaa750f675fbd177ad51b8e5692 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 12:45:21 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff accept-encoding gzip, deflate, br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-dns-prefetch-control off alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare etag W/"53-zE+UJfKdnaYbE+KezoFd/ag5WS4" x-download-options noopen x-ratelimit-remaining 49999 access-control-allow-methods OPTIONS,HEAD,PUT,POST,GET,DELETE content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BL6Y%2F73oofAg0oai1QClnhvD%2FHhj5cUuAe2e8J1WoiCylBXJ8ZEAWAUO5lJ1G2XFz2DBFyAjqdrx8Tllo0L1psCsHAnbayMEitr8BmYeZK4kNopFaKTiZ0l%2BeHQsN3Qjbg%3D%3D"}],"group":"cf-nel","max_age":604800} x-frame-options SAMEORIGIN x-ratelimit-reset 1717419608 x-ratelimit-limit 50000 cf-ray 88dfc79fac74a02e-FRA access-control-allow-headers token vary Accept-Encoding access-control-request-headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	speedtest Show response jy.yalra.com/api/v1/	84 B 1 KB	547ms 504ms	XHR application/json	43.152.26.104 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://jy.yalra.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 0edbc42b7285975bcf6dc7f547f1671e83529df49f2009ea31837d32e999e07c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:21 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-Cache-Lookup Cache Miss X-DNS-Prefetch-Control off Connection keep-alive Content-Length 84 X-XSS-Protection 1; mode=block Server nginx ETag W/"54-XHOXZ7yRd3Pj4SjlAshlx0F445Y" X-Download-Options noopen X-RateLimit-Remaining 49999 X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Origin * Access-Control-Expose-Headers k,t,token,version,Referer,user-agent Access-Control-Allow-Methods GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH,CONNECT,TRACE X-RateLimit-Reset 1717419176 X-RateLimit-Limit 50000 X-NWS-LOG-UUID 9286401763691218915 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	speedtest Show response datest.rashges.com/api/v1/	84 B 953 B	817ms 261ms	XHR application/json	20.247.115.60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://datest.rashges.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.247.115.60 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software ****** / Resource Hash e32109fa8939ff4d7adbe3849f17c8b476f0d1ffb7f45e34ce92cd2c983bc946 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:21 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-Cache-Status MISS X-DNS-Prefetch-Control off Connection keep-alive Content-Length 84 X-XSS-Protection 1; mode=block Server ****** ETag W/"54-V+eqcD0lRIpszH1S7eJxS3nvIeE" X-Download-Options noopen X-Frame-Options SAMEORIGIN X-RateLimit-Remaining 49997 Access-Control-Allow-Methods OPTIONS,HEAD,PUT,POST,GET,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding X-RateLimit-Reset 1717419078 X-RateLimit-Limit 50000 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	speedtest Show response datest.ahqichi.com/api/v1/	83 B 952 B	773ms 280ms	XHR application/json	20.247.115.60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://datest.ahqichi.com/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.247.115.60 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software ****** / Resource Hash cc8bea86fda0067e0db49458b1d8db6419a8bb68ae6d4cc994710e6015c7eb21 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:21 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-Cache-Status MISS X-DNS-Prefetch-Control off Connection keep-alive Content-Length 83 X-XSS-Protection 1; mode=block Server ****** ETag W/"53-dYHdz3YtVNPf7Uaf/Wm2aNwxq5M" X-Download-Options noopen X-Frame-Options SAMEORIGIN X-RateLimit-Remaining 49999 Access-Control-Allow-Methods OPTIONS,HEAD,PUT,POST,GET,DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Vary Accept-Encoding X-RateLimit-Reset 1717419460 X-RateLimit-Limit 50000 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H2	200	speedtest Show response da.tpnzl.cc/api/v1/	83 B 701 B	967ms 324ms	XHR application/json	103.190.125.15 GIGABIT-MY Gigabi...
General Check archive.org Show headers Download Go to Full URL https://da.tpnzl.cc/api/v1/speedtest Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.190.125.15 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY), Reverse DNS Software ****** / Resource Hash 602faf7ec0749fed227979e8698488deb2251534ede8b8bd3e4072b180799981 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 12:45:20 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff accept-encoding gzip, deflate, br x-cache-status MISS x-dns-prefetch-control off content-length 83 x-xss-protection 1; mode=block server ****** etag W/"53-NA7ietnNpf6/GGNDDExFZmUnxF4" x-download-options noopen x-frame-options SAMEORIGIN x-ratelimit-remaining 49995 access-control-allow-methods OPTIONS,HEAD,PUT,POST,GET,DELETE content-type application/json; charset=utf-8 access-control-allow-origin * vary Accept-Encoding x-ratelimit-reset 1717418734 x-ratelimit-limit 50000 access-control-allow-headers token access-control-request-headers Origin, X-Requested-With, content-Type, Accept, Authorization
GET H/1.1	200 OK	icon_64x64.a1b8f9.png cres.xfg958.com/app/1.0.9-5/icons/	6 KB 0	0ms 0ms	Other image/png	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/app/1.0.9-5/icons/icon_64x64.a1b8f9.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 1c53475bfe3d0da0a9f97e8d33a36185c3276fc17382753956ca13f0b4a41ab3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:19 GMT Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag "665aeae4-183a" X-Cache-Status HIT Content-Type image/png Accept-Ranges bytes Content-Length 6202
GET H/1.1	200 OK	favicon.ico cres.xfg958.com/	4 KB 0	0ms 0ms	Other image/x-icon	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash 59f9f64e9f02d3a220cca4c634f8452f0652a60e673942793174d2529f35fd25 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:20 GMT Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag "665aeae4-10be" X-Cache-Status HIT Content-Type image/x-icon Accept-Ranges bytes Content-Length 4286
GET H/1.1	200 OK	dmCfg Show response jy.yalra.com/api/v1/sys/	609 B 2 KB	648ms 648ms	XHR application/json	43.152.26.104 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://jy.yalra.com/api/v1/sys/dmCfg?pid=DYP Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/main-c20fbb0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 5d9aa17b2a5b038b1db2db9b6ff8909b849d510f2be9769ca9377356fc5b6274 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer k 1 t 1 token version 1.0.9-5 Response headers Date Mon, 03 Jun 2024 12:45:22 GMT Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Accept-Encoding gzip, deflate, br X-Cache-Lookup Cache Miss X-DNS-Prefetch-Control off Connection keep-alive Content-Length 609 X-XSS-Protection 1; mode=block Server nginx ETag W/"261-RNvNSRxqTy8t4W6OVK57G0eYiBo" X-Download-Options noopen X-RateLimit-Remaining 49999 X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Origin * Access-Control-Expose-Headers k,t,token,version,Referer,user-agent Access-Control-Allow-Methods GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH,CONNECT,TRACE X-RateLimit-Reset 1717418925 X-RateLimit-Limit 50000 X-NWS-LOG-UUID 594100614264371528 Access-Control-Allow-Headers token Access-Control-Request-Headers Origin, X-Requested-With, content-Type, Accept, Authorization
OPTIONS H/1.1	204 No Content	dmCfg jy.yalra.com/api/v1/sys/	0 0	502ms 498ms	Preflight text/plain	43.152.26.104 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://jy.yalra.com/api/v1/sys/dmCfg?pid=DYP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers k,t,token,version Access-Control-Request-Method GET Origin https://cres.xfg958.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers token,t,k,version,content-type Access-Control-Allow-Methods GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH,CONNECT,TRACE Access-Control-Allow-Origin * Access-Control-Expose-Headers k,t,token,version,Referer,user-agent Access-Control-Max-Age 1728000 Connection keep-alive Content-Length 0 Content-Type text/plain charset=UTF-8 Date Mon, 03 Jun 2024 12:45:22 GMT Server nginx X-Cache-Lookup Cache Miss X-NWS-LOG-UUID 2915217261213257286
GET H/1.1	200 OK	version.js Show response cres.xfg958.com/	140 B 414 B	337ms 328ms	Script application/javascript	43.252.172.21 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://cres.xfg958.com/version.js Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/app/1.0.9-5/30a3533.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.252.172.21 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software cdn-ddos-cc / Resource Hash d14bf4c03625177dea9bdef519a425793fc0914add26a4aa7ebb93bbe123f6b1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 03 Jun 2024 12:45:23 GMT Last-Modified Sat, 01 Jun 2024 09:33:24 GMT Server cdn-ddos-cc ETag "665aeae4-8c" X-Cache-Status EXPIRED Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 140
OPTIONS H/1.1	204 No Content	getCaptcha jy.yalra.com/api/v1/users/	0 0	257ms 257ms	Preflight text/plain	43.152.26.104 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://jy.yalra.com/api/v1/users/getCaptcha?key=1717418723249573750&pid=DYP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers k,t Access-Control-Request-Method GET Origin https://cres.xfg958.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers token,t,k,version,content-type Access-Control-Allow-Methods GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH,CONNECT,TRACE Access-Control-Allow-Origin * Access-Control-Expose-Headers k,t,token,version,Referer,user-agent Access-Control-Max-Age 1728000 Connection keep-alive Content-Length 0 Content-Type text/plain charset=UTF-8 Date Mon, 03 Jun 2024 12:45:23 GMT Server nginx X-Cache-Lookup Cache Miss X-NWS-LOG-UUID 15118453539292819306
GET H2	200	speedtest.ceb Show response dztest.xhrsq.com/	1 KB 2 KB	88ms 27ms	XHR image/png	18.65.39.32
General Check archive.org Show headers Download Go to Full URL https://dztest.xhrsq.com/speedtest.ceb?dt=1717418723247 Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.32 -, , ASN (), Reverse DNS Software / Resource Hash 50bb90a59f097ce226e1b8e5e13213a2984fe7e49b60055b38bc56a9a78d011a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=15552000; includeSubDomains; preload date Mon, 03 Jun 2024 01:16:59 GMT via 1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop AMS1-P1 age 41305 x-envoy-upstream-healthchecked-cluster x-cache Hit from cloudfront content-length 1028 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 05 May 2022 07:53:32 GMT etag "8e39d3de2ed3ec5f091a3cbec231e0d6" x-frame-options SAMEORIGIN access-control-max-age 0 access-control-allow-methods GET content-type image/png access-control-allow-origin * x-rgw-object-type Normal vary Accept-Encoding accept-ranges bytes x-amz-cf-id ovRnXoohacy9GQy-zmkImaFjNYUruYRDspuB7gNH27X5PCtPi225wQ==
GET		speedtest.ceb dz.yeitaf.cn/	0 0
GET		speedtest.ceb dz.eijirv.cn/	0 0
GET		speedtest.ceb dz.jzddmcj.com/	0 0
GET H3	200	speedtest.ceb Show response cg.mdou.live/	1 KB 2 KB	136ms 100ms	XHR image/png	2606:4700::6812:15ef
General Check archive.org Show headers Download Go to Full URL https://cg.mdou.live/speedtest.ceb?dt=1717418723248 Requested by Host: cres.xfg958.com URL: https://cres.xfg958.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:15ef -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 50bb90a59f097ce226e1b8e5e13213a2984fe7e49b60055b38bc56a9a78d011a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 12:45:23 GMT strict-transport-security max-age=15552000; includeSubDomains; preload via 1.1 8011542e75fa08aaf8bfabb2c6804cea.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff age 1259215 x-amz-cf-pop HKG54-C1 x-envoy-upstream-healthchecked-cluster x-cache Hit from cloudfront second-cache MISS alt-svc h3=":443"; ma=86400 content-length 1028 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Monday, 08-Apr-2024 17:16:23 GMT server cloudflare etag "8e39d3de2ed3ec5f091a3cbec231e0d6" x-frame-options SAMEORIGIN vary Accept-Encoding access-control-allow-methods GET, POST, PUT, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=25920000 access-control-max-age 0 accept-ranges bytes cf-ray 88dfc7ac9d8dbba4-FRA x-amz-cf-id t5THOpp4GBaH0tMbBJh62jBqIl_eVMoIrI7ZiviZhjYm7xTp2iPPIQ== expires Sun, 30 Mar 2025 12:45:23 GMT
GET		getCaptcha jy.yalra.com/api/v1/users/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

rfsss.rfx604.cc

URL

https://rfsss.rfx604.cc/api/v1/speedtest

Domain

dz.yeitaf.cn

URL

https://dz.yeitaf.cn/speedtest.ceb?dt=1717418723248

Domain

dz.eijirv.cn

URL

https://dz.eijirv.cn/speedtest.ceb?dt=1717418723248

Domain

dz.jzddmcj.com

URL

https://dz.jzddmcj.com/speedtest.ceb?dt=1717418723248

Domain

jy.yalra.com

URL

https://jy.yalra.com/api/v1/users/getCaptcha?key=1717418723249573750&pid=DYP

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| endPlay function| copy function| getQuery function| formatParams function| ajax function| jsonp object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| _open function| getPlayKey object| app object| $nuxt boolean| webpSupported function| Hls boolean| initing function| version_callback

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cg.mdou.live
cres.xfg958.com
da.tpnzl.cc
datest.ahqichi.com
datest.rashges.com
dz.eijirv.cn
dz.jzddmcj.com
dz.yeitaf.cn
dztest.xhrsq.com
jy.yalra.com
jzg.jzg278.cc
mcv.okb041.com
mnb.mnb630.com
mnb.mnb631.com
rfsss.rfx604.cc
ser.ser023.com
zyf.zyf985.cc
dz.eijirv.cn
dz.jzddmcj.com
dz.yeitaf.cn
jy.yalra.com
rfsss.rfx604.cc
103.190.125.15
104.21.52.202
154.86.17.29
154.86.17.38
154.86.17.40
18.65.39.32
188.114.97.3
20.247.115.60
2606:4700::6812:15ef
43.152.26.104
43.252.172.21
02d67ec5b18c92f43c2826a7ad46ae95f465cdaa750f675fbd177ad51b8e5692
0650ec41d2e993f0a701bf6805c29e7b86efe73272c8cd2282986998ef7c4ad0
0edbc42b7285975bcf6dc7f547f1671e83529df49f2009ea31837d32e999e07c
1293b2180d22f8e5abe67b0bdc3d35a37af99c51ea60a685dc50cd2fe7a01378
1c53475bfe3d0da0a9f97e8d33a36185c3276fc17382753956ca13f0b4a41ab3
1d3427723be58b0fcf2e8fea0c92cd28131c4d613bc1163e1c831dcdb10f720b
50bb90a59f097ce226e1b8e5e13213a2984fe7e49b60055b38bc56a9a78d011a
583b2ab8ddb4ebf6d1ac7e64ecc8f3c621384b6d59417d26a404f80d0d546969
59f9f64e9f02d3a220cca4c634f8452f0652a60e673942793174d2529f35fd25
5c97b6f893730fb93e3d123a337750e0b94a2afb91ab05d6efbeda3198e2e7f0
5d9aa17b2a5b038b1db2db9b6ff8909b849d510f2be9769ca9377356fc5b6274
602faf7ec0749fed227979e8698488deb2251534ede8b8bd3e4072b180799981
739212ab704da955263bbd4821f5f233122cd1ec630334ad0ccdb1b399db4ea4
a4d35aa6ef3f8d9d4c66c559addd0296c23f0ab43889612d0e078a613d40fba6
af9decb92b34c81fe8a8af4d98b6911be2990c6e39005012ea18000142c33555
b4fd5b8e61e2f136251fdc5e097446f70355a0ff6b4bf096b295758d31758a07
b98620b2e7fdf95737aba4a0242633fa5a5058267a00cd3d98a01c121963d68e
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc8bea86fda0067e0db49458b1d8db6419a8bb68ae6d4cc994710e6015c7eb21
d14bf4c03625177dea9bdef519a425793fc0914add26a4aa7ebb93bbe123f6b1
e32109fa8939ff4d7adbe3849f17c8b476f0d1ffb7f45e34ce92cd2c983bc946
e34e32542c5b611620e5ee094619a6f9211383ea5d41cf1f3f0116d1f16aee80