xfcms201.buzz - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3034::6815:52f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is xfcms201.buzz.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.

This is the only time xfcms201.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3034::6815:52f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:9c2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
6	4

3 2606:4700:3034::6815:52f2 (United States)

ASN13335 (CLOUDFLARENET, US)

xfcms201.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:9c2a (United States)

ASN13335 (CLOUDFLARENET, US)

util88.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	xfcms201.buzz xfcms201.buzz	4 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 6836 s4.histats.com — Cisco Umbrella Rank: 6819	5 KB
1	util88.buzz util88.buzz	19 KB
6	3

	Domain	Requested by
3	xfcms201.buzz	xfcms201.buzz
1	s4.histats.com	s10.histats.com
1	s10.histats.com	xfcms201.buzz
1	util88.buzz	xfcms201.buzz
6	4

This site contains links to these domains. Also see Links.

Domain
github.com
wohejiule.buzz
nanrencjg60.buzz
taubockduebfa88.buzz
91huisuo.buzz
chaojifuli73.buzz

Subject Issuer	Validity	Valid
xfcms201.buzz WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
util88.buzz WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
s10.histats.com E5	`2024-06-09` - `2024-09-07`	3 months	crt.sh
histats.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xfcms201.buzz/
Frame ID: 3819DCD98D4255A70D6A568204A65284
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最新地址发布页-女仆公馆系列资源站

Page Statistics

6
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

28 kB
Transfer

172 kB
Size

7
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/caonacb/all/wiki
Title: https://github.com/caonacb/all/wiki

Search URL Search Domain Scan URL

URL: https://wohejiule.buzz/
Title: https://wohejiule.buzz

Search URL Search Domain Scan URL

URL: https://nanrencjg60.buzz/cjg
Title: https://nanrencjg60.buzz/cjg

Search URL Search Domain Scan URL

URL: https://taubockduebfa88.buzz/hhok
Title: https://taubockduebfa88.buzz/hhok

Search URL Search Domain Scan URL

URL: https://91huisuo.buzz/
Title: https://91huisuo.buzz

Search URL Search Domain Scan URL

URL: https://chaojifuli73.buzz/
Title: https://chaojifuli73.buzz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
xfcms201.buzz/ 3 KB
2 KB 514ms
486ms Document
text/html 2606:4700:3034::6815:52f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xfcms201.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:52f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc0c8610e043a0d0568c7959960d2aa46ad2d8c049b09706b4ee8249de21d5d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache_control: no-cache,no-store,must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a8a583719cdbb5c-FRA
content-encoding: br
content-type: text/html
date: Thu, 25 Jul 2024 07:12:57 GMT
expires: 0
last-modified: Fri, 19 Jul 2024 08:33:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSvsahDKy416aHaxahb5ojoJ4ZsC2NuMF7kt2J0n0cVL%2FcXGniftjfeOCxQLV1VXgu7cK%2BCkeoGuXgKkT4k8LSDFtgq7Ur4Kls76ecrQD%2FI3u9hPUk4s2%2BesYXWPcP4Tfdmuuv%2FEEwruL5SO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 react.min.css
util88.buzz/js/react/css/ 156 KB
19 KB 806ms
774ms Stylesheet
text/css 2606:4700:3035::ac43:9c2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://util88.buzz/js/react/css/react.min.css
Requested by: Host: xfcms201.buzz
URL: https://xfcms201.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:9c2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179a8b86c8d2695422b6b65b629a057a4fc4fe4d1aeac93fe321e9e5e04beeba

Request headers

Referer: https://xfcms201.buzz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 07:12:58 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 24 Feb 2024 05:14:27 GMT
server: cloudflare
etag: W/"65d97b33-26e42"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqRGD136x4VxwwzJbUA867mxSl4UK9x1q%2BP5ryh%2FMeU48sZhYm4zvV4t0ts6486B06NjH1DiRrsoVsei%2BktQnNkS%2FtQp1k%2BoDR1sT9VUFh%2Bj%2F4dLn%2BQhWDI9MhaDtZCQHRRTKgR4Dluf4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
cf-ray: 8a8a583a58010374-FRA
access-control-allow-headers: *
expires: Thu, 25 Jul 2024 19:12:58 GMT

GET
H3 200 email-decode.min.js Show response
xfcms201.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:3034::6815:52f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xfcms201.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xfcms201.buzz
URL: https://xfcms201.buzz/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:52f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xfcms201.buzz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 07:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2024 17:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6696a9e8-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9uikXWjq9fN8ZTkREOSshq7iHoE07C%2F9TFF5eo%2F4OZ1tAEKsK6cvGI%2FVvzoYsOIi5PrC7TV7Tef1wnROobOzlkDX1pT8uJtUYGT0b0XMnbNzF8GO%2FRPl3KihI8Rkg1GgAFTerCmkq6xuohmu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a8a583a2d29bb5c-FRA
expires: Sat, 27 Jul 2024 07:12:57 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 56ms
23ms Script
text/javascript 2606:4700:10::6814:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: xfcms201.buzz
URL: https://xfcms201.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://xfcms201.buzz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 07:12:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 40745
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8a8a583f7b039746-FRA
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 48 B
182 B 300ms
99ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4850483&@f16&@g1&@h1&@i1&@j1721891578821&@k0&@l1&@m%E6%9C%80%E6%96%B0%E5%9C%B0%E5%9D%80%E5%8F%91%E5%B8%83%E9%A1%B5-%E5%A5%B3%E4%BB%86%E5%85%AC%E9%A6%86%E7%B3%BB%E5%88%97%E8%B5%84%E6%BA%90%E7%AB%99&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:-156004778&@b3:1721891579&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fxfcms201.buzz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 4ac0dc6db4035706a64bc070d10945b2f5ba37ea3459c330351f43fc4886428e

Request headers

Referer: https://xfcms201.buzz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 07:12:59 GMT
Connection: close
Content-Length: 48
Content-Type: text/html;charset=UTF-8

GET
H3 404 favicon.ico
xfcms201.buzz/ 548 B
567 B 465ms
465ms Other
text/html 2606:4700:3034::6815:52f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xfcms201.buzz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:52f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xfcms201.buzz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 07:12:59 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B09gyGNVmhHjzG3Dw9ij2dycsjT1Jxb07iPC1tX0bHvZejZh7%2FCSgPoQHCm64MzB%2Bxi763I%2FrizTXA1%2FBw2gyX9crFdS%2BPf%2BkjcTR9hVIdVsXEGgnm%2FaJi5ZZJAmDcH5Y2UfJxazxMNbqKzJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8a8a58419fd8bb5c-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstCfa4850483 Value: 1721891578821
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstCla4850483 Value: 1721891578821
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstCmu4850483 Value: 1721891578821
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstPn4850483 Value: 1
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstPt4850483 Value: 1
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstCnv4850483 Value: 1
xfcms201.buzz/	1970-01-21 07:03:47	Name: HstCns4850483 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xfcms201.buzz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s10.histats.com
s4.histats.com
util88.buzz
xfcms201.buzz
149.56.240.128
2606:4700:10::6814:1247
2606:4700:3034::6815:52f2
2606:4700:3035::ac43:9c2a
179a8b86c8d2695422b6b65b629a057a4fc4fe4d1aeac93fe321e9e5e04beeba
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
4ac0dc6db4035706a64bc070d10945b2f5ba37ea3459c330351f43fc4886428e
abc0c8610e043a0d0568c7959960d2aa46ad2d8c049b09706b4ee8249de21d5d
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

xfcms201.buzz Open in urlscan Pro 2606:4700:3034::6815:52f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

28 kBTransfer

172 kBSize

7 Cookies

6 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

7 Cookies

1 Console Messages

Indicators

xfcms201.buzz Open in urlscan Pro
2606:4700:3034::6815:52f2 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

28 kB
Transfer

172 kB
Size

7
Cookies

6 HTTP transactions
0 data transactions