Submitted URL: http://knq56nd8qx97b.xyz/
Effective URL: https://knq56nd8qx97b.xyz/enter.html
Submission: On December 16 via api from IE — Scanned from CA

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 104.21.112.1, located in and belongs to CLOUDFLARENET, US. The main domain is knq56nd8qx97b.xyz.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time knq56nd8qx97b.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 104.21.112.1 13335 (CLOUDFLAR...)
1 4.192.73.43 8075 (MICROSOFT...)
2 129.226.62.209 132203 (TENCENT-N...)
20 3
Apex Domain
Subdomains
Transfer
18 knq56nd8qx97b.xyz
knq56nd8qx97b.xyz
243 KB
2 ngt3zbvaiq9aa.xyz
lxyrae.ngt3zbvaiq9aa.xyz
2 KB
1 hmrh52eh9nz2k8.top
hmrh52eh9nz2k8.top
1 KB
20 3
Domain Requested by
18 knq56nd8qx97b.xyz 1 redirects knq56nd8qx97b.xyz
2 lxyrae.ngt3zbvaiq9aa.xyz knq56nd8qx97b.xyz
1 hmrh52eh9nz2k8.top knq56nd8qx97b.xyz
20 3

This site contains no links.

Subject Issuer Validity Valid
knq56nd8qx97b.xyz
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
52medhmvvqp51p.top
E5
2024-12-14 -
2025-03-14
3 months crt.sh
*.ngt3zbvaiq9aa.xyz
E6
2024-12-16 -
2025-03-16
3 months crt.sh

This page contains 2 frames:

Primary Page: https://knq56nd8qx97b.xyz/enter.html
Frame ID: F5475695BD7F5DF47C5874B9AAA75F80
Requests: 17 HTTP requests in this frame

Frame: https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: FFF6563EA31207BB7E46E7EB8FD11543
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://knq56nd8qx97b.xyz/ HTTP 307
    https://knq56nd8qx97b.xyz/ Page URL
  2. https://knq56nd8qx97b.xyz/enter.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

246 kB
Transfer

676 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://knq56nd8qx97b.xyz/ HTTP 307
    https://knq56nd8qx97b.xyz/ Page URL
  2. https://knq56nd8qx97b.xyz/enter.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://knq56nd8qx97b.xyz/ HTTP 307
  • https://knq56nd8qx97b.xyz/
Request Chain 14
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
knq56nd8qx97b.xyz/
Redirect Chain
  • http://knq56nd8qx97b.xyz/
  • https://knq56nd8qx97b.xyz/
42 KB
10 KB
Document
General
Full URL
https://knq56nd8qx97b.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2ec9ff8f9136a9-YYZ
content-encoding
zstd
content-type
text/html
date
Mon, 16 Dec 2024 12:48:41 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2Bc08lA6E%2BzWXd8nqOzNme7%2BYJhpV3Mon7uSJmap%2FIwxl645Kpu9ZDE0l3ZWkqxY8K27Ktiw0o7zSYz%2BAqsa0A1jLEGY0MH19oWTyK0Ch%2BMaW0OeW6bKjSGDJGNldZM6B3zMtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://knq56nd8qx97b.xyz/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request enter.html
knq56nd8qx97b.xyz/
5 KB
2 KB
Document
General
Full URL
https://knq56nd8qx97b.xyz/enter.html
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8eb4ce43985187690124cb5466bc663a322e5a4d61de7aec70ba78b430fcde

Request headers

Referer
https://knq56nd8qx97b.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2eca03ef9236a9-YYZ
content-encoding
zstd
content-type
text/html
date
Mon, 16 Dec 2024 12:48:42 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVNA5m0t3OH0%2BiobH2hn%2BHaIMPvqZAhQBnCKIIoWBOMHRKalYHWmtumYiNkUfjICJSLeQxsETMizU8HLvUMq%2BemyQ67wz5RKcFXbMkdJZxOtPZ7bdNbprOpzR8tn1aPdpPTtBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vue.min.js
knq56nd8qx97b.xyz/static/cdn/js/
92 KB
35 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/vue.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-16fc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzzlR24f9Z1Mo4cA3IsmJWG%2FSDdXfMdk35IdBnH%2BUzvQyUCqiC7DwWw7R48WMYjJWvZPCsrI%2FNXgOeA01ZHR8Fx0bewwolGwo9JgKL8qobL0%2BHeyfUsLbGHmZmJ55GG%2BrUQULA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9336a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
axios.min.js
knq56nd8qx97b.xyz/static/cdn/js/
17 KB
7 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/axios.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-45b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QR1lEssG8Xo3L9%2B8Z%2BHpN%2B1WTEdKb4T3G89W7J5EYZkKAV0%2FMJlQuMqd9DTN1IRixj4aCn%2FRNQWjrXvHi%2B9x2ArDs%2FTKbQziA%2B68TNY2XN9MH6wabR%2FZ2C1fw2rgMdeVsN4Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9436a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
crypto-js.min.js
knq56nd8qx97b.xyz/static/cdn/js/
46 KB
17 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQu0EJO1w1vDUID5guhdZkzdQsNIVLCjSQW03mH%2FfyOVJkK00enJ1t8Ukej0gh9Dz1SYqVWVOojrlHW0Peab4hhP2y%2BQudq0NLSHcXO6d1KSEqwLj7Lz0Lof7FlLxqpESGMoPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9536a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
index.css
knq56nd8qx97b.xyz/static/cdn/css/vant/
140 KB
44 KB
Stylesheet
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/css/vant/index.css
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac1d6d6a6d0441e007ccb5076eba4541bd1d076395b582a788178f7249e57a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-230ae"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPoZZxhjYDUJ9yiQxySAaaFZ3qjJ9jRbPUgRq1wMggadPpjwjDPKARmg94XGxv6ti9%2B0xvKJb1ntGv3ln%2F3mxVH1ECJHxhvDxufZeyMUgoBaP1aqfYHh%2BGyoyiqSRaM9XJYvhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9636a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
vant.min.js
knq56nd8qx97b.xyz/static/cdn/js/
271 KB
82 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/vant.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0959628d4f805ae4bfca66b98ec3fb4b494f35928075b4b50a7959ff25c4310

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-43bf4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oy2u6sRqC3ZQM9msp0vDrOXEwfECEJtbxSw3vIu2m2Fh2xn7ME%2FI19LGR8NxXMuE3jA92%2FFcor%2Ftj3mChkMsx%2FWlVmEO2Pr1XSCnhrJKTPPmkqSHp8nvm0yjLxIl%2FLh9VOZ%2FLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9736a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
vue-clipboard.min.js
knq56nd8qx97b.xyz/static/cdn/js/
13 KB
5 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/cdn/js/vue-clipboard.min.js
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7122add2d588267de45bc07c225bc54761a51516ed7c704342b639e48f501759

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-35b4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4WXkbhwPy%2FzyrNBXqqg5sSpOSaztWPVY3jnMljHhN0zb0cl9ykTznL%2FnIH%2FeIP%2Bv25D%2FcvDe3QeKj5n2DrxTNnqb5q34mroUTUJf7C76q7EEkORGewoEkVl%2FYf0Djycd1lTZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9836a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
enter.js
knq56nd8qx97b.xyz/static/js/
11 KB
5 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/static/js/enter.js?t=202409091529
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc193260f26c225727fcd99f9e28d3fdb06823516fdd4906acafcec9ef4828d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-2bcb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mud2K%2B9P%2FjVrrGGhpxXl%2B7RdCyG%2FPCE24sFVGP8lqGdOk5KejTKKpOGrBL%2Fhb9RXuzKyUzVzh7wUCN1FIx42Rmoe%2FLFowgWsDItgT4%2BKw3zwN%2BorkQochpkGoeUEAI48fCRmMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca06cf9936a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
/
hmrh52eh9nz2k8.top/
219 B
1 KB
Fetch
General
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/static/js/enter.js?t=202409091529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
a2525deca59f66bb3997c8660e0bc7f25c41b8e22d7a8b17140d8071e836b4a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/

Response headers

Etag
"0396e24cbabf1006175bdca56fbd4078"
Age
39
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
640898fc5f716dc63e8e1c7394b6d8fb
Date
Mon, 16 Dec 2024 12:48:43 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Mon, 16 Dec 2024 08:33:46 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE6-CACHE1[6],EA-HKG-EDGE6-CACHE2[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE24[4],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,4]
X-Amz-Request-Id
00000193CE9A3D0E90156E8EF69F09E5
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
219
Server
openresty
zb1.png
knq56nd8qx97b.xyz/static/img/
6 KB
7 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb1.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd85f4ff0e271ecdb9473b34e875ce82ebe82c1e3c09399286fd1a99fcc7caf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"67136182-18d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVj3wf1UzXB0UsmA4vy4qsWJ5hdeTMnJX5HQUFMJQ2O1tg7XApZ6zouyL98uwCPDnpZhYQ4TEWFRKupmQDtSO2LwC6mkrB7u0AC%2FrmeuoqPIpauytZyfZkBt1d1F5EJTpELY%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0a6f9a36a9-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
6359
date
Mon, 16 Dec 2024 12:48:43 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb2.png
knq56nd8qx97b.xyz/static/img/
3 KB
3 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb2.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379f832f36508310c768174d0afa2143f2d2913477b0054570ca8ef0b6d9b917

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"67136182-a2d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1uAePlPHxuPn2HyrHNEXdh%2FwPp%2F5SSZ0kXOVREZqKWY0d5FHYF8j%2BzQSTPu%2Ft6LKlvNUpajmLVlnl5R27qf9cMpKsk0er%2FoGdebDiSqGDpirdHTsgEHRFbecOT389WV654lcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0a6f9c36a9-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2605
date
Mon, 16 Dec 2024 12:48:43 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb3.png
knq56nd8qx97b.xyz/static/img/
4 KB
4 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb3.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dcba37e59c9b18bf3b18423d9bbdad9ece87dc558db3a86882fca9c1fc1569

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"67136182-e93"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BuPzVapuZ9Z%2B4ZbcUHwfTsjZaTp7JtHy4HeQtKbDPZFGc0xE7Myf97WOv3O4TAN3HLEeknMxrlMNR7h6o995X2Y0QyM8ZkZsxya%2Filbimx94k5Z%2Fl2U1haQoAYAhbfBRIOQtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0a6f9b36a9-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3731
date
Mon, 16 Dec 2024 12:48:43 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb4.png
knq56nd8qx97b.xyz/static/img/
4 KB
4 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb4.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad5196e9c615c673214814cf83d9ac81678f9ef38b1cd3ce92b17cd92bd57a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"67136182-f50"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jg7X6%2B3LTp%2FBF1GU19rWwkLaxcNEATR5owLqtc8dMXhf%2BFzGTDm6iR3yxvLS6VI0yfmquHYDBKzcJLGcHZOBQ6uQIxXQbgulUpuhmjkC8dn7hi7HmD2qQVmS6ibeq15iXsJcHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0a6f9e36a9-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3920
date
Mon, 16 Dec 2024 12:48:43 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
zb5.png
knq56nd8qx97b.xyz/static/img/
7 KB
7 KB
Image
General
Full URL
https://knq56nd8qx97b.xyz/static/img/zb5.png
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ecec350edbd7b0f13acd8e4a0c1d0718cec996fd7bbb8bdd601dcadbd6594a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"67136182-1b27"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkispevzvARiUqChfN2cg8fCGuiZ5ZkybXZwJKLMHeFvhO4kdXN612%2Fe7zlmevXIPrel3yQuNZ8P%2BTpXR6jyBOC%2FK6LklMyF1Tt%2BXsSrGIt7fm8LtvtrGNS7wD%2B2iZb4GNVD2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0a6f9d36a9-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
6951
date
Mon, 16 Dec 2024 12:48:43 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
main.js
knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame FFF6
Redirect Chain
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB
Script
General
Full URL
https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/enter.html
Protocol
H3
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a97bcb1da56cf5b6c7a1c6c29fcffa4d1cf519c590081ddca13adb84ffcff1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCEsfxir63Io4odTAURKgwVVt84f595cV3pZWOUNJpRNjZ2G6NH4V8aoXho%2BxWnegw0AluZaay5J%2F4dPHg8o%2FrYNx1%2B8B522XrOf9AxAaic97XeLwDvZvmS4ybpKYppSfLw0%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f2eca0abfa036a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oq6rqhlfFNdBM7dWoLL36yiyN7NxF3H20aJH2%2B2a4xOovEdgTL4%2FmxVP%2BV3e6UfqlSCBEfkOOQdhDi7b8fgFschEkCI067%2Fi0Hqeuv0rVhmkuj3DMqO4A8qaLBD6ZwaHp%2FM41w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0a7f9f36a9-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 12:48:42 GMT
vary
Accept-Encoding
server
cloudflare
8f2eca03ef9236a9
knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FFF6
0
957 B
XHR
General
Full URL
https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8f2eca03ef9236a9
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4t5OZ6szLT%2BPI1fxW3pcou23eSsHt7hrvB67dAK1iGfSG%2BuYVO%2BnHZ51RqvkgbGFDXqT4nZgwVsdoq1iwwiShlANFe8q3%2FGq9bnNv%2FSp8toy0lz%2Bs4izp5JkSruZNq2CPyDMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0b8fa136a9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 12:48:42 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
knq56nd8qx97b.xyz/
4 KB
4 KB
Other
General
Full URL
https://knq56nd8qx97b.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://knq56nd8qx97b.xyz/enter.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t32PuVDc5ovZWa1SCgVDKevT6Agl9JaFv%2FjfXT4rqjn32DTuWiyzNEiAsf3Ze6Wp84I67e68sRJiFVx0I0lo%2Bm8B51l2c1bqCILwCRhAt%2FrK%2FuZMB1AExclzeOF9zCC0hVMarQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2eca0d4fa236a9-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 12:48:43 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
server
cloudflare
vary
Accept-Encoding
request
lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/
2 KB
2 KB
XHR
General
Full URL
https://lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/request
Requested by
Host: knq56nd8qx97b.xyz
URL: https://knq56nd8qx97b.xyz/static/cdn/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
129.226.62.209 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
0ab0eab2ffcfbfe209002a5564c08587518f873eeef32a0b733d52853dc7c8c1

Request headers

Referer
https://knq56nd8qx97b.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
zstd
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EImJsF4H7MMeU2N50nC30l02uLMLA8sP4Tqrox1K1NqWQOCNWdhGM6GVmTqBUhJL0cSlnbXFQ4Q9ebEN5SZgqQQ%2FIO6NvlRvCRXU3DsBfKdkG71gtOsUocvBg6l%2FXLduYPPmUHKYWh0%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
8f2eca177a622410-HKG
Access-Control-Allow-Origin
*
alt-svc
h3=":443"; ma=86400
X-Application-Context
cloud-module-endecode:41135
server-timing
cfL4;desc="?proto=TCP&rtt=2413&min_rtt=2413&rtt_var=1206&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=677&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
Date
Mon, 16 Dec 2024 12:48:44 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
request
lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/ Frame
0
0
Preflight
General
Full URL
https://lxyrae.ngt3zbvaiq9aa.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
129.226.62.209 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://knq56nd8qx97b.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8f2eca13fa22dd9d-HKG
Connection
keep-alive
Content-Length
0
Date
Mon, 16 Dec 2024 12:48:44 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjavnTaws%2FQQwakt7r7pac6h0pZVE28Ihisu0PLH2h0IA4ei4f82lSS%2FmZauadPjrApa8W6zbwW1zyW4x90%2B7YeHyYkHvOvrV%2FFziSJKbFQA%2B5%2B1hiA3TIB%2BzW%2BGFu9YNadC%2Fja9t8Y%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Vary
Origin
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1216&min_rtt=1216&rtt_var=608&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=585&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Vue function| axios object| CryptoJS object| vant object| VueClipboard object| publicKey function| handleEncrypt function| handleDecrypt function| fromCode

1 Cookies

Domain/Path Name / Value
.knq56nd8qx97b.xyz/ Name: cf_clearance
Value: 8dYA0YFGMtbT6VgEb.TathyHagUhx8JZFZ8CQqSUWS4-1734353322-1.2.1.1-bZiUHRnPCMg0B6MUm0kBtXjfuoz06sQD4aewpPkE9liqg_X4iwJfqmag9HwyjodsblH8sPiaPkHxea.beDLy5cTFJk3A_Mvn6c14h1IcjVh_IwcjyaU3A0iMdhWHptqFU_K8_.Wm4IAbVROHT_e2UCGGGaWH6ELJAZ9ZcQU1SVXrlW0nwJlsByTTZhTRHQ55.HeUvpKcuOI8RpA6PRH1puliGWk8kiDSp226QGKtZodd0lwOlTjd_yE3LqPN8PDRCMLDfwoAD3nJ83sI0VgCILaiuvLmQj5ItH.JyCz74vXj6Mj4BWag0xfjzabs2hvtCA1VQ7F9xqT0nqizn4.49N_rhXyPxEr0g95vpSmuQeiNllvurIdWGSNRogFImYYo