urlscan.io logo urlscan.io
SecurityTrails logo

nljse9scnfxxge8g.xyz Open in urlscan Pro
2606:4700:3037::ac43:ab5e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2aq9dfmqby3.top/
Effective URL: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Submission: On October 16 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3037::ac43:ab5e, located in United States and belongs to CLOUDFLARENET, US. The main domain is nljse9scnfxxge8g.xyz.
TLS certificate: Issued by WE1 on October 2nd 2024. Valid for: 3 months.
This is the only time nljse9scnfxxge8g.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2606:4700:303... 13335 (CLOUDFLAR...)
2 206.238.197.151 399077 (TERAEXCH)
7 2606:4700:303... 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
11 2aq9dfmqby3.top
2aq9dfmqby3.top
342 KB
7 nljse9scnfxxge8g.xyz
nljse9scnfxxge8g.xyz
71 KB
2 gv86knght6r.top
api.gv86knght6r.top
3 KB
19 3
Domain Requested by
11 2aq9dfmqby3.top 1 redirects 2aq9dfmqby3.top
7 nljse9scnfxxge8g.xyz 2aq9dfmqby3.top
nljse9scnfxxge8g.xyz
2 api.gv86knght6r.top 2aq9dfmqby3.top
19 3

This site contains no links.

Subject Issuer Validity Valid
2aq9dfmqby3.top
WE1		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.gv86knght6r.top
ZeroSSL ECC Domain Secure Site CA		 2024-09-09 -
2024-12-08		 3 months crt.sh
nljse9scnfxxge8g.xyz
WE1		 2024-10-02 -
2024-12-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Frame ID: B8103B8A46D0AE3A5746C4E4DD0D3712
Requests: 16 HTTP requests in this frame

Frame: https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 68044FA4346585F1BC955DBF90EE2363
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://2aq9dfmqby3.top/ HTTP 307
    https://2aq9dfmqby3.top/ Page URL
  2. https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top Page URL

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

414 kB
Transfer

1510 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2aq9dfmqby3.top/ HTTP 307
    https://2aq9dfmqby3.top/ Page URL
  2. https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://2aq9dfmqby3.top/ HTTP 307
  • https://2aq9dfmqby3.top/
Request Chain 9
  • https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
2aq9dfmqby3.top/
Redirect Chain
  • http://2aq9dfmqby3.top/
  • https://2aq9dfmqby3.top/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6df5394c579be19f298c904a1c13e9571566f1f02814baf7e3f4f00f2d3195

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d3a5c8b8cfedc6e-FRA
content-encoding
zstd
content-type
text/html
date
Wed, 16 Oct 2024 19:12:38 GMT
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LsSwwHoWW3VIabm34Q7gv3NTpE%2BXbT9OuFWR7bb85%2B0lWMnRRVX5xmotPeh98uaHqsFWqXi1RB9%2FqEdH6Cio1ZyyrTOFEtxkAzl6R%2FCvWJtGTcxFRppvh%2BL2AL4H2PI%2Bwv7rP%2Fwri3uNOcoLWo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Redirect headers

Location
https://2aq9dfmqby3.top/
Non-Authoritative-Reason
HttpsUpgrades
speculation
2aq9dfmqby3.top/cdn-cgi/ 		128 B
625 B 		Other
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://2aq9dfmqby3.top
Referer
https://2aq9dfmqby3.top/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FuWY73FZvlGX87FZSoDJqm9Ae3hrLnfYXngTKJbBslXlhl5EzTdix23yFmUDMMOS23nPmPiailgHZN4L3XuqgNqKtNgs%2BMjdLM4iwkBoZKT207s2DPhz4UgSsL0JXEgRVXcBPW2jMirOaOxgSg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c8ffa6b4112-SIN
access-control-allow-origin
https://2aq9dfmqby3.top
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:38 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
chunk-vendors.css
2aq9dfmqby3.top/static/20240910122702/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/static/20240910122702/css/chunk-vendors.css
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://2aq9dfmqby3.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-2da4c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tIWuLYTxBPH4IVMdbuaS%2FeNRb4IYIA7pFdGrWFVMlXy51mXSM7KgzLIgzMiw3FeIsw9ky8R4TEIkVKwfTTyKgFQQi64cVWmiTNDDbEFJhFJAeAoOveNqYxrNzCIL7BOcNMqYjrybSkM8zT7Fto%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c8ffa6d4112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:38 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
share_301.css
2aq9dfmqby3.top/static/20240910122702/css/ 		149 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/static/20240910122702/css/share_301.css
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f875c04fd04a47b543c1027cac0c21629c6e789c0e4af50fd5d3d85280b2479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://2aq9dfmqby3.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-95"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwFXjUWq7lcwJi4udzRVBM1HdmIxmCa54F7ESKS4wdi6pm4BEfFdWksf%2BTkIeTyMc2UE51ji5YrUYfdh6%2FaUC4LNiqayPlW%2BUQQdhseupFFu9qqnbEoIusIEyiWntLl%2BnlDY2e%2F0g7PYhiqxLhc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c8ffa6e4112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:38 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
chunk-vendors.js
2aq9dfmqby3.top/static/20240910122702/js/ 		908 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/static/20240910122702/js/chunk-vendors.js
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd12f1373c7946ce9689de54788940ff53f66574310a8505427cf80d7eb8131

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://2aq9dfmqby3.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-e3079"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FzMnU2Qv3B9HelEfog526TNfYYWEw3%2BFxXr%2FnsebHZRQGzEu6lB1BKxTWu1VQWvq6uLe%2BzX2S7DbCdW%2BctpdIiAW%2FZsZJpUTPYCv0vmYwHKTTl1MLcIPP8hqAY2FdJCeFghJ0HUQ1f0gZDu83s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c8ffa6f4112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:38 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
share_301.js
2aq9dfmqby3.top/static/20240910122702/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/static/20240910122702/js/share_301.js
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433fb24773212afcb801f725d6907f60eff1257fb9f6e4f02e4ffe5e251f977f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://2aq9dfmqby3.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-7207"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEFtthwnAPk1ravo7kVEV6eDsXUKTEVYW04OZ6L%2Ful0oAbMxkrcWCL7giDpqQKdL%2FehLw0wGPnzHDy7me3zck03jnM9ZA0qo9YLMq2aQxTJHRENCnXPcbws0z19gJvwdzYkUeSRgIDMKm76r5QU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c8ffa704112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:38 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
jsjiami.js
2aq9dfmqby3.top/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/static/cdn/js/jsjiami.js
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://2aq9dfmqby3.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-260b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PsEejOmIN6vcdYdfmmMpup13AmXZUJLiAa9EdVZI8IU6lrKoM6LWqWOSMDDNq%2B4ZmlRK5xL5tZCK9fbw7zKBfn%2BdcldTsUnzWgPsJhRnJqgivtN9FNf8TsWYFxctljOfoKdnetiiDr%2BCt82Tkug%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c8ffa714112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:38 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
request
api.gv86knght6r.top/fast-endecode/main/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.gv86knght6r.top/fast-endecode/main/request
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/static/20240910122702/js/chunk-vendors.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
206.238.197.151 Singapore, Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://2aq9dfmqby3.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
zstd
cf-cache-status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WCMLV0T2%2BJtv32Exbhe9sMnTLNnTX4JL%2BxXJ2D8U3v3%2BSrD8jokvIs%2FUo8C3cakkuGJBxa4%2BUrFrya3DbaNs3vMxCtMbbbq7CbKmQVysTzkMpq1mGrprFni4GSJHjSdBs22PEI%3D"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
Date
Wed, 16 Oct 2024 19:12:41 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Transfer-Encoding
chunked
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3a5ca038c56e5e-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8801
Server
nginx/1.17.6
request
api.gv86knght6r.top/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.gv86knght6r.top/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
206.238.197.151 Singapore, Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://2aq9dfmqby3.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-RAY
8d3a5c9d3c949b7e-HKG
Connection
keep-alive
Date
Wed, 16 Oct 2024 19:12:40 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGYOdcgpSMkkGOdPKvtfEMg71aUa8UcTyTu0OddhQtaHVOqSJiS2cR0Bq44nI2VC3Z0lXjd%2FOFsFP5mA%2F6mvL5ADTZb2RYdmVeUe8r31dkRoyF44GzOR1%2B%2Fw0qF1FBhPPzipCl0%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8801
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
main.js
2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 6804
Redirect Chain
  • https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Protocol
H3
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n68ix7nIO8E1LyiVlni46n8VonQpmsfWuLbAzkUiEIIkEy%2FAjU5aWfs5X%2B3wLGBb%2BzTvnKMKWpXoscF%2F9e1QXOePIuW6u%2F6VqQIwb%2FUe8ur4zOiJ2GrAOldnPRQWtaVQ7QK%2B4AWbTFbDdEn59lc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d3a5c9e7d734112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xDBhnmragrBKU8KG43eTba82OnPT6qrBCLGrD9bm4NQFVIQ4%2FTH0X96GwfkRdHoMAvFClFHzPSYrQVXWffEKmNuzQrxlOi8w%2FT7U6W66vvaEbYUdbgF6zwwDGu6VQTfcQr%2FNgobi8%2Boe6Qc79o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c9a4a084112-SIN
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:40 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
2aq9dfmqby3.top/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://2aq9dfmqby3.top/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBnvW3NnK%2BiMpKaANm%2FT%2FtbzEnGWeFXyWWvSbFwvA6IVKwe0Fsw3P%2FmWDw2AgTP5fZUbiXSjncHbmOTRYHIJbTHP7P9x94wmNCYgr83AjeQdOytjcFXrrVsGE09RuE23HlbSPLX6Y43NVbXupXI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5c9a4a094112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:40 GMT
content-type
image/x-icon
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
8d3a5c8b8cfedc6e
2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6804 		0
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/h/b/jsd/r/8d3a5c8b8cfedc6e
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:179c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQGTQLeL5rAbWBslHMUibg1IPYQV5r%2Bs5FZndwJc6mNgIwCpAJBCSnqe1VDFa2VhWPdrhSlLJrHbaFq6N33HQlB6OSWgokA%2BCkr11sMwLEx3KixKUEp0OXuvZhFmi3WS5MEO776WD3YMSYcyvP4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5ca0af144112-SIN
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Wed, 16 Oct 2024 19:12:41 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
Primary Request /
nljse9scnfxxge8g.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Requested by
Host: 2aq9dfmqby3.top
URL: https://2aq9dfmqby3.top/static/20240910122702/js/share_301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abbfac558fb4282e8654217cc5cde8b35ff461fd44136d17d97cdfec8bf7f70a

Request headers

Referer
https://2aq9dfmqby3.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d3a5ca1cd702c77-FRA
content-encoding
zstd
content-type
text/html
date
Wed, 16 Oct 2024 19:12:41 GMT
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2FdMkEw2cBNd3c%2FOks04DiH9jj6L8vOLeblYq9dRlw2l%2Bvbr2zKQjcgZC7QWajvnuGv0g%2Fx48lK8WsBpdykJ3rM3MSIOb%2FseHUw87ASM%2BoD0kjj8X1fDF7jnHkGpkTIsq%2FNK0FSZaHOpbKcXT3dWKAA6yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
speculation
nljse9scnfxxge8g.xyz/cdn-cgi/ 		128 B
604 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nljse9scnfxxge8g.xyz
Referer
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K97rE4RM6IAqoPGHDlPnfWVKyB%2B6LpmrUWWWlnazuUWq7BnrlJYAnxUKd0cGpuZPx1y%2BHjlaNKUyGYtBzLpKQaH2A0nSeSBT5iX3N%2Bb2HQw4V7GN5%2BxoHQct%2BeS5acjHGVpHsngt8AOnMuOMJ0WO7WgZJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5ca609a72c77-FRA
access-control-allow-origin
https://nljse9scnfxxge8g.xyz
alt-svc
h3=":443"; ma=86400
content-length
128
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:41 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
chunk-vendors.css
nljse9scnfxxge8g.xyz/static/20240910122702/css/ 		183 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/static/20240910122702/css/chunk-vendors.css
Requested by
Host: nljse9scnfxxge8g.xyz
URL: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd500b3049c4ebfa22af7517d67cf1ec88de5af30da1947e2b509edfd12191f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"66dfcb5a-2da4c"
age
538
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHB4sfnRQiqoAYnNJYxCxUruheP%2FmgGtHGRNOs1xKNiHbAakCRFVJEuKXaYqseoqTKdgD%2BasoYFAeWqhAmTyOJZNirCzVNKbZyckQy2vDiywyPhuPuZ89JSg7uRusrhsbCC%2BAIJyQwGlqTsBqEVpUsmzJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=186956
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:41 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d3a5ca609a92c77-FRA
server
cloudflare
iframe.css
nljse9scnfxxge8g.xyz/static/20240910122702/css/ 		217 B
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/static/20240910122702/css/iframe.css
Requested by
Host: nljse9scnfxxge8g.xyz
URL: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cefa674d5bc9b0d3d820a25ec183d385da7b4f6bcfbd04ae2c1c7f535c5494

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"66dfcb5a-da"
age
538
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5%2Ffoxcc6MFt4lhWwwEzyWdagU3Wxp3%2FNyXSur0QnOpgb9WWiOZgxRmQkcmGgS3U30IzmaDyM%2BpXC2vS1XCVFuyH38EO2gRjcZtoO2sR9GJg8JSq45zDtwleGsGXPn1Fez8SJ%2FRDeqcOLht%2FOegF%2BUOQ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=218
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:41 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d3a5ca609ab2c77-FRA
server
cloudflare
chunk-vendors.js
nljse9scnfxxge8g.xyz/static/20240910122702/js/ 		142 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/static/20240910122702/js/chunk-vendors.js
Requested by
Host: nljse9scnfxxge8g.xyz
URL: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-e3079"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TusicVjawv94ehtW0Lp1UQHw%2BvAbhS2j7ZGq5JDzjoPMk7GEj%2BrSOtlHmyb%2BqxDtOIvte%2FNsg1YgnndYPAud6jzV8gMTFlrcaw73MttqHSFeSzv4pc5yWq3%2BcDSAghNWrXpjY%2BVz6Rwkx50UMtm5nBMtAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5ca609ac2c77-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:43 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare
iframe.js
nljse9scnfxxge8g.xyz/static/20240910122702/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/static/20240910122702/js/iframe.js
Requested by
Host: nljse9scnfxxge8g.xyz
URL: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f2880b0734bc643b3310fc6a6d53bf4425b0ecea398ba6e2a4107fed590da3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top

Response headers

content-encoding
zstd
cf-bgj
minify
etag
W/"66dfcb5a-7474"
age
538
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJwJJdrSJTlU%2Fgdmv8AZdsBHO7trvVweo9ppFkIQC57Q%2F7TckZwXz7ZMQ73y3AsF7zHscp1hgMwNiBeFZyw97ERdSAnQ%2F4ZPJuyVE0ByGkEqYtXmv30KBrMayUVLbef0Z1JnLQj6ca82CWyX%2BhKce%2BX3gA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:41 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d3a5ca609ad2c77-FRA
server
cloudflare
jsjiami.js
nljse9scnfxxge8g.xyz/static/cdn/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nljse9scnfxxge8g.xyz/static/cdn/js/jsjiami.js
Requested by
Host: nljse9scnfxxge8g.xyz
URL: https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ab5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0149036c01f4cfee3a50f62969319f2f78b33176543d633a0e56f8ca96735bd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nljse9scnfxxge8g.xyz/?domain=2aq9dfmqby3.top

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66dfcb5a-260b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=am%2BMqzJxG97k6AocUnbnffTlx3Qt7u1JwMi9lGHRMv4lZO6woATcupYYysB2tAFBD0XomgOybqpBQY8%2BrF%2FTh3Qy5oqMjfKIxbkCm2TF0L3as6aA%2BGbGx6RoWqVAvRr6l6sGbUKCFiXBfWzUe%2FPYfa2fFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d3a5ca609af2c77-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 16 Oct 2024 19:12:42 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 04:30:18 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| encode_version string| fhljt object| __0x10133b function| _0x2379 function| isConsoleOpen

1 Cookies

Domain/Path Name / Value
.2aq9dfmqby3.top/ Name: cf_clearance
Value: Rl3cNrpLRtopUY_zPUtthLQbaHf.ZxIOLHFacopXqIU-1729105961-1.2.1.1-DizWv8tOkhH2csn_qq7JvA2_NlNUvFEgHb2EPqfJkgoZunKvQYqLwKw_BrKLmBua.hQdgOYewMTzXEWCx.nZktU1qrw2an9dP.1uqpiCrk.RTIVfoGjoTrBfdetspfzA8DSOhqI2Yc9TZrZnfYgaJm.KLdEK3PYauqPLW9qZicrYFUiY2XuJlL0rHvAVA23MimDy3n.Xxey7vCngpmimmxppxAK46uX4dVDIQNbToe8Rdm.KkdfpHZO9O_M7cWuFjsGVvXKte.TEg_.XpvzIqhlrOj.wFbLP6SNsGYBkEB5HDN1NWDJxnoJf5LT7HxQeSNaA3aVFH_hFxZTbxLw6Uc3KfEbms4B9XH3dNG2n5_tw7Zp4vF3naGbFjYrdz3G6