y1spqabax028myfn.xyz Open in urlscan Pro
172.67.195.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://y1spqabax028myfn.xyz/
Submission: On December 25 via api (December 25th 2024, 9:47:07 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 172.67.195.72, located in United States and belongs to CLOUDFLARENET, US. The main domain is y1spqabax028myfn.xyz.
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.

This is the only time y1spqabax028myfn.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	172.67.195.72 172.67.195.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	4.192.73.43 4.192.73.43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	162.209.218.74 162.209.218.74	40065 (CNSERVERS) (CNSERVERS)
1	172.67.167.174 172.67.167.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	4

10 172.67.195.72 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

y1spqabax028myfn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.192.73.43 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

hmrh52eh9nz2k8.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.209.218.74 (United States)

ASN40065 (CNSERVERS, US)

frkoxs.s4pxtjt82spivrbk.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.167.174 (United States)

ASN13335 (CLOUDFLARENET, US)

owz6qda8o6xjx.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	y1spqabax028myfn.xyz 1 redirects y1spqabax028myfn.xyz	343 KB
2	s4pxtjt82spivrbk.xyz frkoxs.s4pxtjt82spivrbk.xyz	3 KB
1	owz6qda8o6xjx.xyz owz6qda8o6xjx.xyz
1	hmrh52eh9nz2k8.top hmrh52eh9nz2k8.top	1 KB
13	4

	Domain	Requested by
10	y1spqabax028myfn.xyz	1 redirects y1spqabax028myfn.xyz
2	frkoxs.s4pxtjt82spivrbk.xyz	y1spqabax028myfn.xyz
1	owz6qda8o6xjx.xyz	y1spqabax028myfn.xyz
1	hmrh52eh9nz2k8.top	y1spqabax028myfn.xyz
13	4

This site contains no links.

Subject Issuer	Validity	Valid
y1spqabax028myfn.xyz WE1	`2024-12-21` - `2025-03-21`	3 months	crt.sh
52medhmvvqp51p.top E5	`2024-12-14` - `2025-03-14`	3 months	crt.sh
*.s4pxtjt82spivrbk.xyz E5	`2024-12-25` - `2025-03-25`	3 months	crt.sh
owz6qda8o6xjx.xyz WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://y1spqabax028myfn.xyz/
Frame ID: 945C5D351EDFB8B7E4CD8B977E263DD5
Requests: 9 HTTP requests in this frame

Frame: https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 6BC5B5E857EA544060EDA6A1A89ED9A2
Requests: 2 HTTP requests in this frame

Frame: https://owz6qda8o6xjx.xyz/
Frame ID: 3994302908E156F918BD34E4A23148C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

346 kB
Transfer

1149 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
y1spqabax028myfn.xyz/ 2 KB
2 KB 415ms
365ms Document
text/html 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b2dcd71e9b46dcb9514f1b904bba1e32928867679a1de3530c8d0545e7dbd2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f7c06b70ae3dcbd-FRA
content-encoding: zstd
content-type: text/html
date: Wed, 25 Dec 2024 21:46:51 GMT
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wj9LlFyxfxbpxyrhonvZWWtzmfL7oA6TVAH6TolnMSrxxSY4DtzdwCuutVsCej32Snv14Gdh2nIlw8FgvwQYD5uRoGjZNr28WYfMnFpYwFcE025DKsLUQfWKhW0EnOD0uG1Ff68gPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6066&min_rtt=5957&rtt_var=1029&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4175&recv_bytes=4485&delivery_rate=902&cwnd=12000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=371&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 chunk-vendors.css
y1spqabax028myfn.xyz/static/20241017204656/css/ 183 KB
54 KB 735ms
734ms Stylesheet
text/css 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/static/20241017204656/css/chunk-vendors.css
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67110986-2da4c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEuWAMiCiCpuOz25kHhvwXREq2HFdzxrf%2BX7uXJoeyLdQc3SV37%2FKX59BaOOWaCC%2BqQM1aJn3QPPJDKWs7fHPr4q%2BDyKI6WB%2BeKoW1pSx6Io5Li%2FpotzCtlMhCKcv6zTnzzk%2FvBcUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06b95f39dcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7655&min_rtt=5917&rtt_var=1491&sent=34&recv=26&lost=0&retrans=0&sent_bytes=22968&recv_bytes=6570&delivery_rate=1418775&cwnd=12000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=1109&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:52 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 iframe.css
y1spqabax028myfn.xyz/static/20241017204656/css/ 218 B
860 B 377ms
377ms Stylesheet
text/css 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/static/20241017204656/css/iframe.css
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d879d2b39e94be47a92f6f14497900cc4166c25b1975d78b9d60f81af8aaad3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67110986-da"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mTJndIf%2BfkUQEgaEpzCmI5KJQtMYMc%2FR3elhIRhpqvFI1xKJCL2ccrEAAS727XW1aU7kh469RNks973Ep%2Fx5dHXTtfb0%2B3mW6tFbP8AzGl2vCmf1UcwWYuomUp2Oo1fbJO4HqBHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06b95f3ddcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6055&min_rtt=5917&rtt_var=623&sent=21&recv=16&lost=0&retrans=0&sent_bytes=10390&recv_bytes=6138&delivery_rate=301494&cwnd=12000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=747&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:52 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 chunk-vendors.js Show response
y1spqabax028myfn.xyz/static/20241017204656/js/ 909 KB
261 KB 911ms
911ms Script
application/javascript 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/static/20241017204656/js/chunk-vendors.js
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67110986-e3513"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PgfaBvB%2FglHb4JJ9tWv37EwTTsVnYjXAshj28efCwm6WrSSr4ufV8LVbLCLg%2BxCca9kLi7GvbzEJ9Xzy0%2F5svmVMI%2BBqNlYGTvHfP5F6ycuiUP9mZt4LJ3JtzMRfnsJlmcSXfqAxLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06b95f3fdcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7654&min_rtt=5917&rtt_var=1120&sent=35&recv=27&lost=0&retrans=0&sent_bytes=23676&recv_bytes=6614&delivery_rate=21686&cwnd=12000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=1285&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:52 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 iframe.js Show response
y1spqabax028myfn.xyz/static/20241017204656/js/ 30 KB
11 KB 560ms
560ms Script
application/javascript 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/static/20241017204656/js/iframe.js
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce59445094e5cc09076e94d53854eacd071b9157969420604d64f674572ca208

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67110986-796f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmvj%2Fhm0yu%2B1pUF7XkGj9GRY02Qlooao2FnAIFjM%2BlEdv90Pm2eQyyu%2FohkTyA%2FL0dgih7dYjEe9k70Hz79aK7XOF2VEeFfOLbnlB%2FAeAEwvrAMp%2BCx0ud34v8m5UCvZimGBW0vCjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06b95f43dcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6485&min_rtt=5917&rtt_var=920&sent=23&recv=20&lost=0&retrans=0&sent_bytes=11297&recv_bytes=6311&delivery_rate=14398&cwnd=12000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=924&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:52 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 jsjiami.js Show response
y1spqabax028myfn.xyz/static/cdn/js/ 10 KB
4 KB 371ms
370ms Script
application/javascript 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/static/cdn/js/jsjiami.js
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67110986-260b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHO8ZpfulJ8bl%2BsJZcVdT%2BnR0dgW6lcl8Rvs2VK0HXFSvV9pHbY0R8ocWvki5szjXAosDkR8ltMUYQLC%2F1yf5coNFhF%2BrJJvhElmIm2AoQzeb2WYUmqLiHoeQLu21NquDIbpIyzZFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06b95f46dcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6055&min_rtt=5917&rtt_var=623&sent=16&recv=16&lost=0&retrans=0&sent_bytes=5982&recv_bytes=6138&delivery_rate=301494&cwnd=12000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=746&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:52 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H/1.1 200
OK / Show response
hmrh52eh9nz2k8.top/ 231 B
1 KB 786ms
195ms XHR
text/plain 4.192.73.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://hmrh52eh9nz2k8.top/
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/static/20241017204656/js/iframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: openresty /
Resource Hash: 24158bf3d0147a4fc41689b02a566e210ce38a5b8c04cb657ceafff0fab83bcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

Etag: "ef8cf450b05c9ca2966172ee0f3675c8"
Age: 38
Nginx-Hit: 1
X-Ccdn-Req-Id-46b1: c782db8c64419054edb48ce125487f8d
Date: Wed, 25 Dec 2024 21:46:53 GMT
Content-Disposition: attachment
Content-Type: text/plain
X-Reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified: Wed, 25 Dec 2024 20:34:09 GMT
X-Amz-Id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count: 0
Cloudservicediscount: CDN
X-Ccdn-Cachettl: 60
X-Hcs-Proxy-Type: 1
Via: EA-HKG-EDGE2-CACHE5[2],EA-HKG-EDGE2-CACHE1[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE12[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,1]
X-Amz-Request-Id: 00000193FF872525901444161E78880A
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 231
Server: openresty

OPTIONS
H/1.1 200 request
frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/ Frame 0
0 752ms
253ms Preflight 162.209.218.74
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/request
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 162.209.218.74 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://y1spqabax028myfn.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
CF-RAY: 8f7c06cb5cb50982-HKG
Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Dec 2024 21:46:54 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQrUbmzSF9Z1EElETHYrbVMOzZ6Qp2IwvW2BWiBclQNSkMKK9w27yvsJ2%2FFtGxG3B%2FX%2Fv4mX89xzdxm01V5zHV1DseFpc115aD63LnKfgxNDYYKc5tb4x3Czpaaf3Eg545NStiqHZWM%3D"}],"group":"cf-nel","max_age":604800}
Server: nginx/1.17.6
Vary: Origin
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
server-timing: cfL4;desc="?proto=TCP&rtt=953&min_rtt=953&rtt_var=476&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=595&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

POST
H/1.1 200 request Show response
frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/ 2 KB
3 KB 565ms
264ms XHR
application/json 162.209.218.74
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://frkoxs.s4pxtjt82spivrbk.xyz/fast-endecode/main/request
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/static/20241017204656/js/chunk-vendors.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 162.209.218.74 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: eba38865ac843bb526b9989bc9161f22534cd97fffa97002e5231574319d763a

Request headers

Referer: https://y1spqabax028myfn.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

Transfer-Encoding: chunked
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding: zstd
cf-cache-status: DYNAMIC
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4B3GzS43Du%2BKaSoHoM13B5Tecvdh5gSMjJte9cBCIwZBwLqf%2FWFPWFa9skD7XLwHkImAu%2FLy3n9oDRThtKVq89tLuGiylGQRof8ye%2FgTK3%2BSr%2Fkjj6Dng%2BPMUhBwMiktMnGN6k2N64%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY: 8f7c06cedd5cdd9a-HKG
Access-Control-Allow-Origin: *
alt-svc: h3=":443"; ma=86400
X-Application-Context: cloud-module-endecode:41134
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=1197&rtt_var=598&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=687&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date: Wed, 25 Dec 2024 21:46:55 GMT
Content-Type: application/json;charset=UTF-8
Vary: Origin
Server: nginx/1.17.6

GET
H3

200

main.js Show response
y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 6BC5
Redirect Chain

https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
5 KB

13ms
13ms

Script
application/javascript

172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Protocol

Server

172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970fffede2aa789ae6e25d8ec834b6e2619a20b905b52366547e177a515f2db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xUFopaN8m2Yx1b2DtoJaIobP0q9zBN5YZgrmh%2FSzlbbYeBHrk0D3Q1vEx5urSg6NwS0hmJah7eQWZA3xptP9lBzsvU2YJ3GI2IpwvmP2%2BuE1XC5oA8VIi1t1DCCH6KakwIJUmkt%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f7c06c7dc3cdcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6485&min_rtt=5879&rtt_var=282&sent=318&recv=91&lost=0&retrans=0&sent_bytes=353158&recv_bytes=10233&delivery_rate=62066&cwnd=84000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=2705&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiq71YfRB%2FiWBfuZfo2zPuwlcNGH3R8ihtK%2B2GxFNjEML2mj4eGa3bf6zqqXnkqQRBlhL0FU5jM7R4Z5i59pLHRFD%2BfwNytYii4CLLysTtyLuJTqFR9H4y2wp6iWiTgXNEOChVnoLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06c7cc15dcbd-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=6533&min_rtt=5879&rtt_var=249&sent=316&recv=89&lost=0&retrans=0&sent_bytes=352402&recv_bytes=9901&delivery_rate=11822420&cwnd=84000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=2692&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:54 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 favicon.ico
y1spqabax028myfn.xyz/ 4 KB
4 KB 372ms
372ms Other
image/x-icon 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://y1spqabax028myfn.xyz/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"67110986-eb0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=da6hQHbmctj1uPuKNyxAfb6LKBxxjyLeGLs2rnmOBEdA%2Fd4fFV4%2FwUHP9w84F%2FUE6eIKdjzsOGIAmfKLMdA2mxWSMD5tE%2Fwa%2BAe9jCDNwIegIBqKqmbCtiuUAEHvycAC2DyUL6LkwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06c7cc16dcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6376&min_rtt=5879&rtt_var=349&sent=330&recv=108&lost=0&retrans=0&sent_bytes=359506&recv_bytes=27527&delivery_rate=73268&cwnd=84000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=3052&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 25 Dec 2024 21:46:54 GMT
content-type: image/x-icon
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
vary: Accept-Encoding
priority: u=1,i

POST
H3 200 8f7c06b70ae3dcbd Show response
y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6BC5 0
1 KB 17ms
14ms XHR
text/plain 172.67.195.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8f7c06b70ae3dcbd
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52D3ybjnMUJbuIow%2BnMCFqVEJqkYcsZ58qr%2F5PgFkLcFYjaWEuleyv%2Br5fhVkhOVnQH%2BkSNL%2FeVZ%2FSdugzsRZG8Y0DLBGs%2FeyBF2C16ErMoRSBHTFpOxAmbf0gpxoEVq0NlyRFqbfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7c06c83cd8dcbd-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6429&min_rtt=5879&rtt_var=324&sent=328&recv=107&lost=0&retrans=0&sent_bytes=358273&recv_bytes=27482&delivery_rate=368021&cwnd=84000&unsent_bytes=0&cid=8dedf4cf131985d5&ts=2766&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Wed, 25 Dec 2024 21:46:54 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 /
owz6qda8o6xjx.xyz/ Frame 3994 0
0 394ms
382ms Document
text/html 172.67.167.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://owz6qda8o6xjx.xyz/
Requested by: Host: y1spqabax028myfn.xyz
URL: https://y1spqabax028myfn.xyz/static/20241017204656/js/chunk-vendors.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.167.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://y1spqabax028myfn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f7c06cff8f99b95-FRA
content-encoding: zstd
content-type: text/html
date: Wed, 25 Dec 2024 21:46:55 GMT
last-modified: Thu, 17 Oct 2024 12:56:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjvacuShT5PeZ8kmLVvSNa7fEcDyko0flIPZjqp3qlh3TydrnmpnO6rpZwboBFxGDQfhMugKTyQkTB2ozoVs7Mh4CdjambLuD6W45Gtg%2FAHpZB9nSA7FMbldyaghv7IgfmHh9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6740&min_rtt=5821&rtt_var=1772&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4495&delivery_rate=904&cwnd=12000&unsent_bytes=0&cid=a0e46671412ac213&ts=388&x=1" cfExtPri cfHdrFlush;dur=0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.y1spqabax028myfn.xyz/	1970-01-21 10:44:59	Name: cf_clearance Value: nfqsWaiyYYxKNCik3ETTpJ3bgtVV9C1sPzvBBhwd97U-1735163214-1.2.1.1-wW2RmWhhwfAo3RYl0mqa9bcMFr.jd63YLAaJXOEsL2.w9eCgoa_vm7ji_M_r1McBsuNWUv_Fs1ZTfilySim_mQsOhkWihgsol7rCNlXAkPXNlBLjraF6C7xONR6UfHvgU4lqskx_4J847wQdR2aMwedoQRIF.qjeK32fhofChu4oPfYx9sIMtshb5DSrJaqpZkuKlW7fJY.JP7eDia8FKS86Xh_lr.hl6YoYMREIoaM8s8EMtfzbVj5OrlT_NNDdt_D897vNCOm8Ntmc8phFpBT_G7oNdlFxJEuYmry_EZl95T_0UIJ3KJV5f.pjx2aH2zZy7_VlhJwhYE2GhDJOoiWcILO9M.Y_Kk0orUb5EcZI2bTkf32UHC_y5ANAKOmf
			.owz6qda8o6xjx.xyz/	1970-01-21 10:44:59	Name: cf_clearance Value: rm83mFuRJPPY7sZA9D0DGUApbOcrQR0f.REDncInA04-1735163217-1.2.1.1-glGoeYy64UraY8SLgaKX0puojbixebqJZXCyd6OD0Xe6xqmj62LupLqAxuBVtR1x6Orzv62l03Zvw47raVNAShmf0Z1p.vBpwLjTCQ0auUmdIeJTxg9YEz8hpnx2M9v6aRyUaqIjBYxHkfhLq_asY9iB3GuidcmgmMbm.A3Vh1ilTg7Bxd.pCyq_KWyyamqvgN3PwaDadlLes1pwmDV98cls6PQIeuQCWOTRyPYTGffQ6ivKEoQBZR2HRTXTKjR65lvuURYhf5fJi3XEppaL3UYfS0a.SsxGBGK1IDlJMgWT1cQI2SYbEZXNk53JtGz8AnOFDJeoxx3fPgNP9vAE4MraVfaTBh82c0Ph257QH.yhFNnW2mxCp_hVCW9GhJezI_qQq8ZKM0aGpFh7.x2vwA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

frkoxs.s4pxtjt82spivrbk.xyz
hmrh52eh9nz2k8.top
owz6qda8o6xjx.xyz
y1spqabax028myfn.xyz
162.209.218.74
172.67.167.174
172.67.195.72
4.192.73.43
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8
24158bf3d0147a4fc41689b02a566e210ce38a5b8c04cb657ceafff0fab83bcd
503d6086cf782a0d9afa6f9be4e44629b8313172035cb0e3248e30b4d8f580f8
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989
85b2dcd71e9b46dcb9514f1b904bba1e32928867679a1de3530c8d0545e7dbd2
970fffede2aa789ae6e25d8ec834b6e2619a20b905b52366547e177a515f2db5
ce59445094e5cc09076e94d53854eacd071b9157969420604d64f674572ca208
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c
d879d2b39e94be47a92f6f14497900cc4166c25b1975d78b9d60f81af8aaad3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba38865ac843bb526b9989bc9161f22534cd97fffa97002e5231574319d763a

y1spqabax028myfn.xyz Open in urlscan Pro 172.67.195.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

346 kBTransfer

1149 kBSize

2 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

Indicators

y1spqabax028myfn.xyz Open in urlscan Pro
172.67.195.72 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

346 kB
Transfer

1149 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions