ni18.cc Open in urlscan Pro
2606:4700:3030::6815:2b92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ni18.cc/
Submission: On October 21 via api (October 21st 2024, 1:32:24 pm UTC) from BE — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3030::6815:2b92, located in United States and belongs to CLOUDFLARENET, US. The main domain is ni18.cc.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.

This is the only time ni18.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::6815:2b92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.67.180.77 172.67.180.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::6815:486	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.162.26 172.67.162.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.196.233 172.67.196.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.214.245 172.67.214.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.140.219 172.67.140.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	8

1 2606:4700:3030::6815:2b92 (United States)

ASN13335 (CLOUDFLARENET, US)

ni18.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.180.77 (United States)

ASN13335 (CLOUDFLARENET, US)

ni18.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:486 (United States)

ASN13335 (CLOUDFLARENET, US)

www.58sj.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.162.26 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--bw-bp3d8ks19c.ytsp365.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.196.233 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--bw-bp3d8ks19c.ytsp365.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

xn--bw-bp3d8ks19c.ytsp365.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.214.245 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--bw-bp3d8ks19c.ytsp365.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.140.219 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--bw-bp3d8ks19c.ytsp365.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ni18.cc ni18.cc	55 KB
2	ytsp365.xyz xn--bw-bp3d8ks19c.ytsp365.xyz	2 KB
2	ytsp365.sbs xn--bw-bp3d8ks19c.ytsp365.sbs	2 KB
2	ytsp365.icu xn--bw-bp3d8ks19c.ytsp365.icu	2 KB
2	ytsp365.buzz xn--bw-bp3d8ks19c.ytsp365.buzz	2 KB
2	ytsp365.top xn--bw-bp3d8ks19c.ytsp365.top	2 KB
2	58sj.top www.58sj.top	25 KB
19	7

	Domain	Requested by
7	ni18.cc	ni18.cc
2	xn--bw-bp3d8ks19c.ytsp365.xyz	ni18.cc
2	xn--bw-bp3d8ks19c.ytsp365.sbs	ni18.cc
2	xn--bw-bp3d8ks19c.ytsp365.icu	ni18.cc
2	xn--bw-bp3d8ks19c.ytsp365.buzz	ni18.cc
2	xn--bw-bp3d8ks19c.ytsp365.top	ni18.cc
2	www.58sj.top	ni18.cc www.58sj.top
19	7

This site contains no links.

Subject Issuer	Validity	Valid
ni18.cc WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
58sj.top WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
ytsp365.top WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
ytsp365.buzz WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
ytsp365.icu WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
ytsp365.sbs WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
ytsp365.xyz WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ni18.cc/
Frame ID: A72D94D8E54CA6C8ED0255DD7679F4C2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

油条视频福利站发布

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

89 kB
Transfer

181 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ni18.cc/	4 KB 2 KB	408ms 362ms	Document text/html	2606:4700:3030::6815:2b92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ni18.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2b92 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0759e65794f9e518ae2a408160e5c759f9a54526c00eab450f8251f89ca3ac69` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d619cdd59789277-FRA content-encoding zstd content-type text/html date Mon, 21 Oct 2024 13:32:17 GMT last-modified Sat, 19 Oct 2024 10:14:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bF3bfqsjMMqy4%2B4AFtkOod%2Btty6f7lWfqxYtvxLd6Z3Tcyatq45NOa0sUXjtAOxk%2BfZMKsNTCaYIRfibl8G0qayrBTSxKszpQSdyEokxhB0JhQQuKWDKw5kwcYNmai6kS1Id72u"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=15272&sent=9&recv=12&lost=0&retrans=0&sent_bytes=3894&recv_bytes=2282&delivery_rate=247235&cwnd=247&unsent_bytes=0&cid=f1c2134ece9703c5&ts=359&x=0" vary Accept-Encoding
GET H3	200	css.css ni18.cc/css/	3 KB 2 KB	288ms 287ms	Stylesheet text/css	172.67.180.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ni18.cc/css/css.css Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.180.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `50b3809e34fe4694c036cbfd741b3f4af6f32106d7f18f1454cebdf619c3cd87` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/ Response headers content-encoding gzip cf-cache-status MISS etag W/"5b3ba39a-d8a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zwj0TqtzMpkMifp55zGkbj3nCBujkViNrRMTB6UF8djpaN6bnB8I9ua%2BlBP%2BQQAvYHdpJd%2BwqjHS8ou4I8jLW6FORpzC%2FoK3C%2BL9t%2B7lefmuVikQmSPlxMfK"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=124494&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5363&recv_bytes=5252&delivery_rate=220&cwnd=12000&unsent_bytes=0&cid=961e62797957d105&ts=570&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:17 GMT content-type text/css last-modified Tue, 03 Jul 2018 16:26:02 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cdfef96afb9-ATL server cloudflare
GET H3	200	jquery.min.js Show response ni18.cc/js/	82 KB 33 KB	401ms 401ms	Script application/javascript	172.67.180.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ni18.cc/js/jquery.min.js Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.180.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/ Response headers content-encoding gzip cf-cache-status MISS etag W/"5b3ba396-14938" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NyaWCFNWCvaLLqJmyqV8LpL8xwcGJ%2F0VuFx4kzuhF1I8lI2jl7DpKJtdUJo3qXcxfrKstsIMLRldoLnYgoWj9lgFF4qeO5iDkKy%2BLNnKUD913SymMt%2FS3D%2F"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=124494&sent=24&recv=12&lost=0&retrans=0&sent_bytes=16151&recv_bytes=5252&delivery_rate=220&cwnd=12000&unsent_bytes=0&cid=961e62797957d105&ts=646&x=1", cfExtPri, cfHdrFlush;dur=25 date Mon, 21 Oct 2024 13:32:17 GMT content-type application/javascript last-modified Tue, 03 Jul 2018 16:25:58 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cdfef98afb9-ATL server cloudflare
GET H3	200	uaredirect.js Show response ni18.cc/js/	819 B 1 KB	281ms 280ms	Script application/javascript	172.67.180.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ni18.cc/js/uaredirect.js Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.180.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e1cac245a9daa0ff3a9e12ad5ff809822d35742803f040960531fffff3131f8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"5b3ba396-333" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTtXGDfywt0ppivotfCD4HZikSElzH2svotBXSuoLJ%2BNx1IPjCtxnBwhFVAsJ8zbS2TvAVj1jPPQKxouxAiZBFbVWaAMorQy4Oy5LaqG%2FOFbWBBCaosJnwyY"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=124494&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4151&recv_bytes=5252&delivery_rate=220&cwnd=12000&unsent_bytes=0&cid=961e62797957d105&ts=564&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:17 GMT content-type application/javascript last-modified Tue, 03 Jul 2018 16:25:58 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cdfef9aafb9-ATL server cloudflare
GET H3	200	logos.png ni18.cc/images/	14 KB 15 KB	399ms 399ms	Image image/png	172.67.180.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ni18.cc/images/logos.png Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.180.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc798b85c0d94a1e9d255ae78650982d1f9a876ddecef49b7fc4187fde214c1a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/ Response headers content-encoding gzip cf-cache-status MISS etag W/"670ea6bb-37d7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEUANOAyzqf3IKmLnOHqhBBqpodTPOvgiCAkDPkHFnQgNj%2BZ9Q6IFi%2B53iR9rx2tW02BE7RSJPAyZ%2BFcNzft3Wu96gtRl3lt%2FaVJR44OaYy0ggt9nz35LE35"}],"group":"cf-nel","max_age":604800} expires Wed, 20 Nov 2024 13:32:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=124494&sent=16&recv=12&lost=0&retrans=0&sent_bytes=7187&recv_bytes=5252&delivery_rate=220&cwnd=12000&unsent_bytes=0&cid=961e62797957d105&ts=629&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:17 GMT content-type image/png last-modified Tue, 15 Oct 2024 17:30:35 GMT vary Accept-Encoding priority u=2,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cdfef9cafb9-ATL server cloudflare
GET H2	200	matomo.js Show response www.58sj.top/	66 KB 25 KB	533ms 34ms	Script application/javascript	2606:4700:3032::6815:486 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.58sj.top/matomo.js Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:486 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66f556e5-10784" age 32182 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZqlmTwdUi7XNpcoNp5eTw97LdZVTKWpu76jDqe1XODL7CyEHiT%2BywLCoWUHJspUOdzNp1lOUNzjOP9l6WE6TGiLIQiSbwqcbAztntJ%2F6U6zXdTzQ0107YnX7F4lGAf7BBoBkmGXGzYKesw%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 16:35:56 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=17994&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4007&recv_bytes=2220&delivery_rate=346143&cwnd=253&unsent_bytes=0&cid=4a564482218d3996&ts=31&x=0" date Mon, 21 Oct 2024 13:32:18 GMT content-type application/javascript last-modified Thu, 26 Sep 2024 12:43:17 GMT vary Accept-Encoding cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce6dab4d2ba-FRA server cloudflare
GET H3	200	aj1.js Show response xn--bw-bp3d8ks19c.ytsp365.top/ymff/	147 B 883 B	1285ms 380ms	Script application/javascript	172.67.162.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.top/ymff/aj1.js?0.11863343604376064 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.162.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41b393c3ba7c4e16cf0424b716244541c2138b8c430bf076ae28a07b704b7b26` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"670eaff7-93" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JaOwk5U4xRJdEN8VYfVqXDY%2FfJ3Lj%2FYQuxmR1ZRcHNkjOt%2BDm5q5XnThX1x8I99jiKV9Wjr2EZJSgi2cXLBEpNyLGASG5kFJLNZRsABb10oNzPA7mJPjQ3ERJaPSyA7OKvFOR9KG4hbm5motKOE3FA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20116&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4211&recv_bytes=4521&delivery_rate=662&cwnd=12000&unsent_bytes=0&cid=3f819ce772c2dc01&ts=381&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type application/javascript last-modified Tue, 15 Oct 2024 18:09:59 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce95825dbf4-FRA server cloudflare
GET H3	200	aj2.js Show response xn--bw-bp3d8ks19c.ytsp365.buzz/ymff/	147 B 881 B	447ms 383ms	Script application/javascript	172.67.196.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.buzz/ymff/aj2.js?0.1793260924387563 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.196.233 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `91b85df3679c9ee5c74649c6e521be3f5c2289f1a5e9b8be351fe2bb6007712d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"66c1cebc-93" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ckQHrdlg3krJXPNnUszJMZ8yWLuZbHePJ5B%2FvqL%2BkXfFMfZYuaawlRmjiS4S%2F24ufAHRHN3UIO6iGrlTSODy%2FGZN%2FYu0T2EuINMqJkfmHIwT%2Fs31yXe6ODPkaFBG6R9Ismq5XN9FeRUW8J676c6Joo%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=17248&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4474&delivery_rate=816&cwnd=12000&unsent_bytes=0&cid=e40a0054ea7f5f50&ts=404&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:18 GMT content-type application/javascript last-modified Sun, 18 Aug 2024 10:36:44 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce429952c35-FRA server cloudflare
GET H3	200	aj3.js Show response xn--bw-bp3d8ks19c.ytsp365.icu/ymff/	147 B 881 B	442ms 370ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.icu/ymff/aj3.js?0.38081304113891545 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a496a6e8fa7e3540386f0c46d01f90fdeaf8318f9a1925ed472b70e03988a9b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"66c1cebd-93" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AE4Fr68qWFhZE6KObz3rN%2Bd2DepVi441pPUKiFSo5RSU2zthf4Q56UXi7uIREyZuRWKkJG3MtdeECyIK2eS%2Btgz345TRqez%2Fxxs5mHqZ1m1NONP5H%2BlOYRAQm4VQj8AiD3CUcBmPcEfeRY0rmXMuiA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8682&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4478&delivery_rate=831&cwnd=12000&unsent_bytes=0&cid=e469bbc0517c3191&ts=393&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:18 GMT content-type application/javascript last-modified Sun, 18 Aug 2024 10:36:45 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce44aa43804-FRA server cloudflare
GET H3	200	aj4.js Show response xn--bw-bp3d8ks19c.ytsp365.sbs/ymff/	147 B 879 B	445ms 371ms	Script application/javascript	172.67.214.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.sbs/ymff/aj4.js?0.26037586396613555 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `600ca85b4a33010334ec77f6b1dc9e8008cac705d7c284717e6b798ae41389f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"66c1cebe-93" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbwOw6cxp%2B9DcCSUgPajcXta7SOi1F30jUoBZW661RFLzOKEGK4ZyrXxrUzWxoE7vF%2FLn1zZ7OtGgMHWeUMEvZ8qXiy68WMiz%2FZc0iCBtmSEuRtdwFFpwbwIAOTmokYkPH5VGdrCpCCn4P6fAXbuQQ%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=20999&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4154&recv_bytes=4477&delivery_rate=635&cwnd=12000&unsent_bytes=0&cid=a475453a2c9feb32&ts=392&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:18 GMT content-type application/javascript last-modified Sun, 18 Aug 2024 10:36:46 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce44c3d39f1-FRA server cloudflare
GET H3	200	aj5.js Show response xn--bw-bp3d8ks19c.ytsp365.xyz/ymff/	172 B 880 B	484ms 412ms	Script application/javascript	172.67.140.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.xyz/ymff/aj5.js?0.31927805505834517 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.219 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e18f995b5c6411adc91a8eb1d464c29c65548f41ba66678917e0bb38bc57220` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"66c1cebf-ac" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvoHpS13FliPEINZtuJ5WN1NoSyc3j2%2FSlAndfZFdp1CCJE%2FtwmMrqbfLwc9wfaaGsJg37NpAey%2BabpRKQyZninYl8ReOpuRsMrvI4u40tPvie1kVx%2Fq8%2FeSaVZHofSiH9%2BhqALVdsiKC2mgfXOYJg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8209&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4224&recv_bytes=4529&delivery_rate=868&cwnd=12000&unsent_bytes=0&cid=75e1e92ec670abd3&ts=420&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:18 GMT content-type application/javascript last-modified Sun, 18 Aug 2024 10:36:47 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce44dbd9273-FRA server cloudflare
GET H3	200	shaow_bg.png ni18.cc/images/	9 KB 2 KB	271ms 271ms	Image image/png	172.67.180.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ni18.cc/images/shaow_bg.png Requested by Host: ni18.cc URL: https://ni18.cc/css/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.180.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54b56c3f42adef2886d607eb0ec3bd0cae11020e78371b90a9da9ede536affa7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/css/css.css Response headers content-encoding gzip cf-cache-status MISS etag W/"5b3ba3a0-2209" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7ijxNZVmcfEkirmlR%2F40%2Be%2B69NAI0rk%2FwUt8DzHXP2RwGWd%2FsGGXi6i0LApKVJTzDznGaE%2FeN0NH5LUJlEcPnSAhoy9ZAa88hSzAT8iEMAjoYWXY1H6AJkj"}],"group":"cf-nel","max_age":604800} expires Wed, 20 Nov 2024 13:32:18 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=135711&sent=63&recv=38&lost=0&retrans=0&sent_bytes=57218&recv_bytes=6677&delivery_rate=52492&cwnd=43200&unsent_bytes=0&cid=961e62797957d105&ts=1219&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:18 GMT content-type image/png last-modified Tue, 03 Jul 2018 16:26:08 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619ce40ce0afb9-ATL server cloudflare
POST H2	204	matomo.php www.58sj.top/	0 457 B	410ms 409ms	Ping text/html	2606:4700:3032::6815:486 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.58sj.top/matomo.php?action_name=%E6%B2%B9%E6%9D%A1%E8%A7%86%E9%A2%91%E7%A6%8F%E5%88%A9%E7%AB%99%E5%8F%91%E5%B8%83&idsite=22&rec=1&r=166806&h=15&m=32&s=18&url=https%3A%2F%2Fni18.cc%2F&_id=7ee2c98bbe88c9a8&_idn=1&send_image=0&_refts=0&pv_id=jwdp9m&pf_net=47&pf_srv=361&pf_tfr=3&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: www.58sj.top URL: https://www.58sj.top/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:486 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Referer https://ni18.cc/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GlKJL2u5avEzU7Y8RbCgWzgmIGljirxBMBbcxb7731h1Neze%2B1sCYN%2B6HVmWEebO899H2SPL5Xj8WdmyYsQkJoBPyMnHJJ4sHIUOYKVNUM%2F8JoRvKl8mc5H3nhWyjNr8efRugBzBh5hKcFQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d619ce72b89d2ba-FRA access-control-allow-origin https://ni18.cc alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=28698&sent=32&recv=22&lost=0&retrans=0&sent_bytes=29784&recv_bytes=2734&delivery_rate=740990&cwnd=258&unsent_bytes=0&cid=4a564482218d3996&ts=438&x=0" date Mon, 21 Oct 2024 13:32:18 GMT content-type text/html; charset=UTF-8 server cloudflare
GET H3	200	tz1.js Show response xn--bw-bp3d8ks19c.ytsp365.top/ymff/	256 B 914 B	373ms 373ms	Script application/javascript	172.67.162.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.top/ymff/tz1.js?0.16534152712551764 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.162.26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a4513be297c17cf6238335dc356e160a458548598757abefd10f1127e2f3ede` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"670e4721-100" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MIXKGk9KvHMrp%2FNZZ4HASfjXeF0p8RIjoIDba7%2FE6ulVy2GsKzspJEK2XIBRbVxVpVWtOKdayFQstkNRCXE%2F57jypScOcDAXJYZDI8c6RMfTBS0DUn85k1ZvYyZS22soRtNvhoXljCVwu3voaE6PA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=19923&sent=17&recv=13&lost=0&retrans=0&sent_bytes=5165&recv_bytes=4938&delivery_rate=50051&cwnd=12000&unsent_bytes=0&cid=3f819ce772c2dc01&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type application/javascript last-modified Tue, 15 Oct 2024 10:42:41 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cebcfc2dbf4-FRA server cloudflare
GET H3	200	tz2.js Show response xn--bw-bp3d8ks19c.ytsp365.buzz/ymff/	256 B 914 B	356ms 356ms	Script application/javascript	172.67.196.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.buzz/ymff/tz2.js?0.5369491437758125 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.196.233 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `213c7e6cf9b9cb867dab0ed56fb0e7646dfca0017ac6f3709fa811e94315748c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"670e4724-100" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnOo%2B%2FrlT9TNgzw3ck9sM5cEeHdtlnqP1VRSPbUAG3Ms0mivp%2FN5S0LNq8%2F6Oxm0qhZEdIrbIWGpIc0r%2BWuM4gXWZDd5SAEkct3TPAlaM2eYjn8e0jVEvp5AcPJMvWD3hWrVXmNSewIl9kjpgiyJPj4%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=19534&sent=13&recv=12&lost=0&retrans=0&sent_bytes=5076&recv_bytes=4893&delivery_rate=25438&cwnd=12000&unsent_bytes=0&cid=e40a0054ea7f5f50&ts=1596&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type application/javascript last-modified Tue, 15 Oct 2024 10:42:44 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cebc9162c35-FRA server cloudflare
GET H3	200	tz3.js Show response xn--bw-bp3d8ks19c.ytsp365.icu/ymff/	256 B 918 B	358ms 358ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.icu/ymff/tz3.js?0.7920817629840409 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f55b203254c055e2ca72a1596eaa8daf1b909687c88977cc438a3d900b71d2b8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"670e4726-100" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9ryUi%2BhV3cE8eTEPge%2BFG8FCEvGqPcEjuWUC9u6mdjxsDBRETzXsrTsHbLZhUTOkiYnuQPaxNhB74JMUaY2Xw9fO%2BZ1qgsUdcu%2BqsahbG8VTCoWg3wkVXDaXiJMJEVRXWvU3hOE8dYzXOVBHqx9Eg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8468&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5108&recv_bytes=4894&delivery_rate=132953&cwnd=12000&unsent_bytes=0&cid=e469bbc0517c3191&ts=1592&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type application/javascript last-modified Tue, 15 Oct 2024 10:42:46 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cebcb443804-FRA server cloudflare
GET H3	200	tz4.js Show response xn--bw-bp3d8ks19c.ytsp365.sbs/ymff/	256 B 915 B	375ms 374ms	Script application/javascript	172.67.214.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.sbs/ymff/tz4.js?0.5122457447324213 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5b6b862f073b6f9db85551a24fd95708f7593be757d9d23eb61c419f49891feb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"670e4728-100" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwJNal5tleBfkq29yMqA6FUef%2FQ4Vsf%2BcthGRmH111cZffJ%2FD89LT7QtX7fiWlLNF%2FUFSlOIrggYP63jnRhdc6BbJfalXBZb7m9cfm9V2Zajd71u2YH8H%2BdFTMArR3Vr7HozgdjQnYxDbKEWL1Go6g%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=19481&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5104&recv_bytes=4893&delivery_rate=104605&cwnd=12000&unsent_bytes=0&cid=a475453a2c9feb32&ts=1608&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type application/javascript last-modified Tue, 15 Oct 2024 10:42:48 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cebcc6e39f1-FRA server cloudflare
GET H3	200	tz5.js Show response xn--bw-bp3d8ks19c.ytsp365.xyz/ymff/	258 B 912 B	413ms 413ms	Script application/javascript	172.67.140.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--bw-bp3d8ks19c.ytsp365.xyz/ymff/tz5.js?0.5623689620117178 Requested by Host: ni18.cc URL: https://ni18.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.140.219 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3da728381b60de91939710ff4607a959b2a9cf69c639b960d3ec6f8810df9f80` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://ni18.cc/ Response headers content-encoding zstd cf-cache-status MISS etag W/"670e472a-102" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gv%2BbXJqKeVjLgXAm9oPA2a0S1JlCVNFWnkVO4ZZu4WQ1ozyCISmBdqEW4ErndNhDTIa2YYozipFAoUV6kX76vOsVJ5n6GYt8JlVSlWYhISa0VqbqHPKKVqJUG1glNs1GtUEd0fttPgGsBQ2oAfD5Sg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 22 Oct 2024 01:32:19 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9944&sent=17&recv=13&lost=0&retrans=0&sent_bytes=5174&recv_bytes=4945&delivery_rate=41966&cwnd=12000&unsent_bytes=0&cid=75e1e92ec670abd3&ts=1610&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type application/javascript last-modified Tue, 15 Oct 2024 10:42:50 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d619cebcd249273-FRA server cloudflare
GET H3	404	favicon.ico ni18.cc/	479 B 985 B	291ms 290ms	Other text/html	172.67.180.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ni18.cc/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.180.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ni18.cc/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7vIzILzctcOSSUvWgwW1aznsmqNsOyrkAEN3FBvMpuMBQqKv%2BkrZt0nldLSFAVvFJ%2FOYaheKq9gKZde%2Bhohu7Fy6IuQLYGISnzonnUcZu9cQ1aA6KqtZNpT"}],"group":"cf-nel","max_age":604800} cf-ray 8d619ceec982afb9-ATL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=132012&sent=66&recv=40&lost=0&retrans=0&sent_bytes=58965&recv_bytes=7100&delivery_rate=6416&cwnd=43200&unsent_bytes=0&cid=961e62797957d105&ts=2927&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 21 Oct 2024 13:32:19 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ni18.cc/	1970-01-21 09:51:12	Name: _pk_id.22.0b05 Value: 7ee2c98bbe88c9a8.1729517538.
			ni18.cc/	1970-01-21 00:25:19	Name: _pk_ses.22.0b05 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ni18.cc/(Line 49) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.top/ymff/aj1.js?0.11863343604376064, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 49) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.top/ymff/aj1.js?0.11863343604376064, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 50) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.buzz/ymff/aj2.js?0.1793260924387563, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 51) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.icu/ymff/aj3.js?0.38081304113891545, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 52) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.sbs/ymff/aj4.js?0.26037586396613555, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 53) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.xyz/ymff/aj5.js?0.31927805505834517, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 73) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.top/ymff/tz1.js?0.16534152712551764, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 73) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.top/ymff/tz1.js?0.16534152712551764, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 74) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.buzz/ymff/tz2.js?0.5369491437758125, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 75) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.icu/ymff/tz3.js?0.7920817629840409, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 76) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.sbs/ymff/tz4.js?0.5122457447324213, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ni18.cc/(Line 77) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xn--bw-bp3d8ks19c.ytsp365.xyz/ymff/tz5.js?0.5623689620117178, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ni18.cc/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ni18.cc
www.58sj.top
xn--bw-bp3d8ks19c.ytsp365.buzz
xn--bw-bp3d8ks19c.ytsp365.icu
xn--bw-bp3d8ks19c.ytsp365.sbs
xn--bw-bp3d8ks19c.ytsp365.top
xn--bw-bp3d8ks19c.ytsp365.xyz
172.67.140.219
172.67.162.26
172.67.180.77
172.67.196.233
172.67.214.245
188.114.97.3
2606:4700:3030::6815:2b92
2606:4700:3032::6815:486
0759e65794f9e518ae2a408160e5c759f9a54526c00eab450f8251f89ca3ac69
213c7e6cf9b9cb867dab0ed56fb0e7646dfca0017ac6f3709fa811e94315748c
3a496a6e8fa7e3540386f0c46d01f90fdeaf8318f9a1925ed472b70e03988a9b
3da728381b60de91939710ff4607a959b2a9cf69c639b960d3ec6f8810df9f80
41b393c3ba7c4e16cf0424b716244541c2138b8c430bf076ae28a07b704b7b26
50b3809e34fe4694c036cbfd741b3f4af6f32106d7f18f1454cebdf619c3cd87
54b56c3f42adef2886d607eb0ec3bd0cae11020e78371b90a9da9ede536affa7
5b6b862f073b6f9db85551a24fd95708f7593be757d9d23eb61c419f49891feb
600ca85b4a33010334ec77f6b1dc9e8008cac705d7c284717e6b798ae41389f4
6a4513be297c17cf6238335dc356e160a458548598757abefd10f1127e2f3ede
8e18f995b5c6411adc91a8eb1d464c29c65548f41ba66678917e0bb38bc57220
8e1cac245a9daa0ff3a9e12ad5ff809822d35742803f040960531fffff3131f8
91b85df3679c9ee5c74649c6e521be3f5c2289f1a5e9b8be351fe2bb6007712d
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5
cc798b85c0d94a1e9d255ae78650982d1f9a876ddecef49b7fc4187fde214c1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f55b203254c055e2ca72a1596eaa8daf1b909687c88977cc438a3d900b71d2b8

ni18.cc Open in urlscan Pro 2606:4700:3030::6815:2b92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

25 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

89 kBTransfer

181 kBSize

2 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

13 Console Messages

Indicators

ni18.cc Open in urlscan Pro
2606:4700:3030::6815:2b92 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

89 kB
Transfer

181 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions