urlscan.io logo urlscan.io
SecurityTrails logo

4wkj0ee34kz97zd.xyz Open in urlscan Pro
172.67.215.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hij2iyokvmcagwz9b.xyz/
Effective URL: https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz
Submission: On November 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 172.67.215.57, located in United States and belongs to CLOUDFLARENET, US. The main domain is 4wkj0ee34kz97zd.xyz.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.
This is the only time 4wkj0ee34kz97zd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 4.192.73.43 8075 (MICROSOFT...)
1 4 172.67.208.171 13335 (CLOUDFLAR...)
2 154.91.84.84 399077 (TERAEXCH)
4 172.67.215.57 13335 (CLOUDFLAR...)
19 6
6    2606:4700:3031::ac43:d0ab (United States)

ASN13335 (CLOUDFLARENET, US)
hij2iyokvmcagwz9b.xyz
2    4.192.73.43 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hmrh52eh9nz2k8.top
4    172.67.208.171 (United States)

ASN13335 (CLOUDFLARENET, US)
hij2iyokvmcagwz9b.xyz
2    154.91.84.84 (Seychelles)

ASN399077 (TERAEXCH, US)
jbija.xa8dzac1ozztqp6vq.xyz
4    172.67.215.57 (United States)

ASN13335 (CLOUDFLARENET, US)
4wkj0ee34kz97zd.xyz
Domain Requested by
10 hij2iyokvmcagwz9b.xyz 1 redirects hij2iyokvmcagwz9b.xyz
4 4wkj0ee34kz97zd.xyz hij2iyokvmcagwz9b.xyz
4wkj0ee34kz97zd.xyz
2 jbija.xa8dzac1ozztqp6vq.xyz hij2iyokvmcagwz9b.xyz
4wkj0ee34kz97zd.xyz
2 hmrh52eh9nz2k8.top hij2iyokvmcagwz9b.xyz
4wkj0ee34kz97zd.xyz
19 4

This site contains no links.

Subject Issuer Validity Valid
hij2iyokvmcagwz9b.xyz
WE1		 2024-11-14 -
2025-02-12		 3 months crt.sh
52medhmvvqp51p.top
E6		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.xa8dzac1ozztqp6vq.xyz
E6		 2024-11-18 -
2025-02-16		 3 months crt.sh
4wkj0ee34kz97zd.xyz
WE1		 2024-11-05 -
2025-02-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz
Frame ID: E3468E5C2F60A40E56B0705D2A51E004
Requests: 15 HTTP requests in this frame

Frame: https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: BCED375DFE213B350F303E0AC503A1A0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hij2iyokvmcagwz9b.xyz/ Page URL
  2. https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Page Statistics

19
Requests

84 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

109 kB
Transfer

249 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hij2iyokvmcagwz9b.xyz/ Page URL
  2. https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hij2iyokvmcagwz9b.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d0ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8764ea46fa389dee279d149d4d984b5d11f8b4e5fc7eae9026fc637b3aa4ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e479a4f9d862eb5-LAX
content-encoding
zstd
content-type
text/html
date
Mon, 18 Nov 2024 11:25:57 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NiCfvKpXY%2FkQHgYSDI%2B61ki46JA0EMajOfmK2G39EqsoUZs5ObqLLQpstW8%2Fr4iENCqD4%2Ff9IsIacAV0hPwMc9AkD%2Fo9a6TF%2Be3SJ%2FZvPdu8nry1%2F3zLdf%2B95QUkX3phlIxU0TDGEktjO4IfV%2F%2ByqXBdIrA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=71833&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3978&recv_bytes=2329&delivery_rate=54394&cwnd=253&unsent_bytes=0&cid=317e32aeaac8d5af&ts=422&x=0"
common.js
hij2iyokvmcagwz9b.xyz/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/static/js/common.js?t=202409091529
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d0ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadb131196f7bf3c5702c6a43209470907e7638a486a0851700dc68b6acf5125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-1e7c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiPIX7ziGyhvMvxlbOhQ20eRsY94C7GgB0fpg6P3mc2sztIS%2BfDlxqE2ohynEpTdwOWzrXllq4xXZbp3KmZ8pueMZo4m7V2hie%2FUGSkYCmK4E7K6fAyckee3jd55YtoFSnS9Y1FU5EsiOf5kYxRwYZEzxqg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a528fe02eb5-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=76992&sent=17&recv=18&lost=0&retrans=0&sent_bytes=5600&recv_bytes=2747&delivery_rate=54394&cwnd=256&unsent_bytes=0&cid=317e32aeaac8d5af&ts=900&x=0"
date
Mon, 18 Nov 2024 11:25:57 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
vue.min.js
hij2iyokvmcagwz9b.xyz/static/cdn/js/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/static/cdn/js/vue.min.js
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d0ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-16fc7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cg1TiAHsEvKhJWRVewIRJRS84ULIJAg2yf%2B4l7%2B0pA4LtKpv37D3pTV%2FruyUSeNeUiC44%2FH8Yp%2FVifGFSgV5oIuQkrekDQj8SgxrDdTX4Ofn7ZJbchtk3sDYpQgl8aw9mfkS0xp47lIVtxTXYFL8wJEXvWg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a528fe32eb5-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71577&sent=39&recv=38&lost=0&retrans=0&sent_bytes=19609&recv_bytes=2747&delivery_rate=209796&cwnd=257&unsent_bytes=0&cid=317e32aeaac8d5af&ts=1228&x=0"
date
Mon, 18 Nov 2024 11:25:58 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
axios.min.js
hij2iyokvmcagwz9b.xyz/static/cdn/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/static/cdn/js/axios.min.js
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d0ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d389f625c1d774224d32527657e7398e57a65c718a07748f0ad7faecce8de3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-45b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWX3SFVo71Xgg1jeF6Sw2p1ZyqPh7JQFRLmtsRNT2cs1jRSIbvKsiBtOgz4xFLF11a0g1qFxdPCE0Kdf2srAB7IzlyVVnQAp9t1qAeLhYVS039XIxop64kR1u5de%2FFGk7xKNvWft1ElAFAPp8Ltvgd9cp4s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a528fe42eb5-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=72367&sent=29&recv=30&lost=0&retrans=0&sent_bytes=12551&recv_bytes=2747&delivery_rate=209796&cwnd=257&unsent_bytes=0&cid=317e32aeaac8d5af&ts=1060&x=0"
date
Mon, 18 Nov 2024 11:25:58 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
crypto-js.min.js
hij2iyokvmcagwz9b.xyz/static/cdn/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d0ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-b9d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivxKoWCYrzyQ1I2DzMjkc0s2aJ2hb29sBFzFrvw0jpMvs0ZsoGxwr%2ByXwHH9TymGo1hXffYjHlLB4%2FWA3tYQhQuibSwaNEt3VmicdsKDun%2BhFrAZovVtGRRuFPyYWWVMfzeHqBfVjX3KDZHc2Ytay1DaBb4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a528fe52eb5-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71577&sent=40&recv=38&lost=0&retrans=0&sent_bytes=20053&recv_bytes=2747&delivery_rate=209796&cwnd=257&unsent_bytes=0&cid=317e32aeaac8d5af&ts=1253&x=0"
date
Mon, 18 Nov 2024 11:25:58 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
collect_301.js
hij2iyokvmcagwz9b.xyz/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/static/js/collect_301.js?t=202409091529
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d0ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434620144df9c6f0572a9e55d35d51a97669b3846cd16cae57a0b803c4069eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-1e3e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiVd1h%2FslGQzLqxMtffzUq9PIXW2mMPTUvTNwjJRlxb0D0dcUiPFuI2AbkVxLaTu8LCM4bICzIeMzHlvFgxW1hpXNx70TJZHfrLF2MXfvwOYLBqfCu9RUwPLZdNprUKp9zk%2BY7zUzo3OU2w6DS5QytY1KYE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a528fe82eb5-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=76992&sent=23&recv=18&lost=0&retrans=0&sent_bytes=9150&recv_bytes=2747&delivery_rate=54394&cwnd=256&unsent_bytes=0&cid=317e32aeaac8d5af&ts=903&x=0"
date
Mon, 18 Nov 2024 11:25:57 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
/
hmrh52eh9nz2k8.top/ 		232 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/static/js/collect_301.js?t=202409091529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
aa69f1228dd629dff306251909ac0a62f218835d4e2315f65188b01739d2386c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

Etag
"a35cf2f727639683447742ddad099062"
Age
45
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
d831b855fcd4955291e37ced945e6f08
Date
Mon, 18 Nov 2024 11:25:59 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Mon, 18 Nov 2024 08:34:10 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE3[4],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE11[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,1]
X-Amz-Request-Id
000001933E6887A5901D193E3E858514
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
232
Server
openresty
main.js
hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame BCED
Redirect Chain
  • https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
172.67.208.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c98b18b49a009f9f4d7aa0b6822d99b1db8f1b24e11544b4b18535cc57f4f8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHs23wjzFGiDg710VEZe7OO8rHV7FlEvNl%2FM86%2FxrHWs%2BTmSw6tp1q7Ngib%2BGXrShyhErdSl%2BeID%2F9t36Z14kCrt%2BV7hKlQ7NxWltItMO0P2%2FBY%2BwG1Yf5Nkojsn62DsrgNw17uxotA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e479a590ceb2f57-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=75144&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4989&recv_bytes=5030&delivery_rate=8991&cwnd=12000&unsent_bytes=0&cid=15c025f38fee74ff&ts=1047&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 11:25:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbrCv6xqGwSu26PV%2Fj1x0oKEpTv%2BVpkmamgee6qSs03%2FNy9l5IEO%2F3Y1DRCEsx%2FsbnxZPb5fJBsT8VH1m8xzshGRUdYNMe3pzbqFfu8rx57si%2F3zJjnwSvQ6ekUZ3wBJV%2FKiYxJj2y4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a588c7d2f57-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=74884&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4252&recv_bytes=4736&delivery_rate=290&cwnd=12000&unsent_bytes=0&cid=15c025f38fee74ff&ts=967&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 11:25:58 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
hij2iyokvmcagwz9b.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hij2iyokvmcagwz9b.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67136182-eb0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTTuUxITMoXJ7JkLHYfhQWAzNqvPYR4zW5HeKoz6EpVez%2BdkLcX3%2F%2BPQGd5RsiP1G2N48EdFMzDy2vr873pzPmdaVJb8A937Gz6UIyu6CvIzKWak4Da6O6Xj2PRatHeWAbTjgfnd%2F2U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a589c862f57-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=75617&sent=32&recv=29&lost=0&retrans=0&sent_bytes=11035&recv_bytes=22268&delivery_rate=59781&cwnd=12000&unsent_bytes=0&cid=15c025f38fee74ff&ts=1304&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 11:25:58 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
8e479a4f9d862eb5
hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BCED 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8e479a4f9d862eb5
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZpJ8QkCFjZTnUl2y6VTrg8YZV6mxrwipeV0YDY3lT0VmU99FwHrxK%2FN0%2BCL90SZGWxBz2%2BRnGlHzhQ45mp7lg503QcShihJ68Fu40b2gAk3GZ5lihISxUzExwSSzmNEJwDT5Fu7R0w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a5a3d9a2f57-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=75617&sent=31&recv=29&lost=0&retrans=0&sent_bytes=9877&recv_bytes=22268&delivery_rate=59781&cwnd=12000&unsent_bytes=0&cid=15c025f38fee74ff&ts=1249&x=1", cfHdrFlush;dur=0
content-length
0
date
Mon, 18 Nov 2024 11:25:58 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
request
jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/request
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/static/cdn/js/axios.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
154.91.84.84 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://hij2iyokvmcagwz9b.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Access-Control-Allow-Methods
GET, POST, OPTIONS
CF-RAY
8e479a637dce20f5-HKG
Access-Control-Allow-Origin
*
X-Application-Context
fast-cloud-zull:prod:8801
Date
Mon, 18 Nov 2024 11:26:00 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin
Server
nginx/1.17.6
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
request
jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
154.91.84.84 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hij2iyokvmcagwz9b.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
POST GET, POST, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
8e479a61e92c043d-HKG
Connection
keep-alive
Date
Mon, 18 Nov 2024 11:26:00 GMT
Server
nginx/1.17.6
Transfer-Encoding
chunked
Vary
Origin
X-Application-Context
fast-cloud-zull:prod:8800
Primary Request /
4wkj0ee34kz97zd.xyz/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz
Requested by
Host: hij2iyokvmcagwz9b.xyz
URL: https://hij2iyokvmcagwz9b.xyz/static/js/collect_301.js?t=202409091529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
427355644694c798140f7008cc3a757323d9d79d70c65ffa26c90b659be6bb84

Request headers

Referer
https://hij2iyokvmcagwz9b.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e479a656f462b7e-LAX
content-encoding
zstd
content-type
text/html
date
Mon, 18 Nov 2024 11:26:00 GMT
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imRy1sAGgE9bwxtqvcWbLotdyg5ZnR8KfgfepO7k5G%2FckwHHhKvzCYsso4SEJYQkdWh42I9c9SuN3gtiA4N95HG6pGM3Jz49rM7FLA6T%2FQBUfiYIGy0t2oMV%2B%2Bbp2ONoEAxhF%2BAH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=71344&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4177&recv_bytes=4522&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=3b3db4e08948c030&ts=424&x=1" cfHdrFlush;dur=0
crypto-js.min.js
4wkj0ee34kz97zd.xyz/static/cdn/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4wkj0ee34kz97zd.xyz/static/cdn/js/crypto-js.min.js
Requested by
Host: 4wkj0ee34kz97zd.xyz
URL: https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-b9d8"
age
3823
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znuo9LMb7ZzQqcM4%2BaTblSTKnUdTK1%2BpmQpKfe2H%2B375KhyEd4EasU4XGTzLMkHcIu4pY6X%2FtD0pQYcz9d%2B57%2FUUMJiZ1miIHHTU35ZTIg3X%2B4pkDfhTx6ZLGI7v1P%2FuS6zdqAcn"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a68799f2b7e-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71362&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5545&recv_bytes=5230&delivery_rate=18811&cwnd=12000&unsent_bytes=0&cid=3b3db4e08948c030&ts=580&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 11:26:01 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
iframe.js
4wkj0ee34kz97zd.xyz/static/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4wkj0ee34kz97zd.xyz/static/js/iframe.js?t=202409101529
Requested by
Host: 4wkj0ee34kz97zd.xyz
URL: https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166d01f8aeab337307b72d120ee2c44e1d30de85aaeb722f26b56c6fc5621a19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-2b62"
age
3823
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ee4u8RkRQRQL1viQsiN3VHwzCigRPIPHEie9yeyUHIvnWi3yqRB%2Fpp4%2F8lrB81vKbc1KXnVvc8a5z2TqBvs3emVmf0q2rvWBNIG4VxsSrRmyKIGzmXEfowiRJWnMkEahKu5GCoLu"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a6879a32b7e-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71362&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6196&recv_bytes=5230&delivery_rate=18811&cwnd=12000&unsent_bytes=0&cid=3b3db4e08948c030&ts=580&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 11:26:01 GMT
content-type
application/javascript
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
/
hmrh52eh9nz2k8.top/ 		232 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmrh52eh9nz2k8.top/
Requested by
Host: 4wkj0ee34kz97zd.xyz
URL: https://4wkj0ee34kz97zd.xyz/static/js/iframe.js?t=202409101529
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
4.192.73.43 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
aa69f1228dd629dff306251909ac0a62f218835d4e2315f65188b01739d2386c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://4wkj0ee34kz97zd.xyz/

Response headers

Etag
"a35cf2f727639683447742ddad099062"
Age
47
Nginx-Hit
1
X-Ccdn-Req-Id-46b1
9bbc4fe2b1c7e01885e962ba1491f28b
Date
Mon, 18 Nov 2024 11:26:01 GMT
Content-Disposition
attachment
Content-Type
text/plain
X-Reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Last-Modified
Mon, 18 Nov 2024 08:34:10 GMT
X-Amz-Id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
X-Amz-Tagging-Count
0
Cloudservicediscount
CDN
X-Ccdn-Cachettl
60
X-Hcs-Proxy-Type
1
Via
EA-HKG-EDGE1-CACHE3[3],EA-HKG-EDGE1-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE11[2],EA-HKG-GLOBAL1-CACHE23[0,TCP_HIT,1]
X-Amz-Request-Id
000001933E6887A5901D193E3E858514
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
232
Server
openresty
favicon.ico
4wkj0ee34kz97zd.xyz/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://4wkj0ee34kz97zd.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1fe9bb70d664878f4704611ec4f086aeb4725e0a6d9c1555b9a0e1413a9989

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://4wkj0ee34kz97zd.xyz/?domain=hij2iyokvmcagwz9b.xyz

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"67136182-eb0"
age
3822
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niUpFs5F3O%2FbT42mbEimkQq1dH6ZR2CwfZGVfw0g33yeuFpirLJnBgCK%2Fu%2BZ2W%2BUwaP5SDKRZGMNllNSeVzRfmh9tdj3%2BwWCwaCDaPRmpXYTPKjfrmqRwBRnv16mY%2F5oc3otCYms"}],"group":"cf-nel","max_age":604800}
cf-ray
8e479a698a612b7e-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73880&sent=40&recv=25&lost=0&retrans=0&sent_bytes=28719&recv_bytes=6084&delivery_rate=138380&cwnd=24000&unsent_bytes=0&cid=3b3db4e08948c030&ts=752&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 11:26:01 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 07:36:34 GMT
vary
Accept-Encoding
server
cloudflare
request
jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/ 		0
0
request
jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jbija.xa8dzac1ozztqp6vq.xyz
URL
https://jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/request
Domain
jbija.xa8dzac1ozztqp6vq.xyz
URL
https://jbija.xa8dzac1ozztqp6vq.xyz/fast-endecode/main/request

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CryptoJS function| getApiUrlSync object| publicKey function| getDomain function| handleEncrypt function| handleDecrypt function| fromCode object| urls function| getconfigDown

1 Cookies

Domain/Path Name / Value
.hij2iyokvmcagwz9b.xyz/ Name: cf_clearance
Value: pqcKCmdc20menla6Psgv7fqej9FhIydyPx5vxeeFOFo-1731929158-1.2.1.1-jna5OjgFjjqSEjUVzmIzrvo8s1LI_61j0G1IQRlZslt9VIMzU8X78YtW0hZHkEOilSOtQfsWztQUWuPQpiQg0S7jrqWVcHAMTFcvygMM7lSS.H1..gqJpMOBC.f2u4B0Ky_2uwfjgvQg0tkv7.wFmvTtXdz_WlohklLfsThidlCvP2XAMDIYHVIKziwNf36k8EMiPOB7zB7TJvvBCjVNL9JkfZJgsPHqf1kyaaKKPYj.bpeqGkJ5v5qpEVTbZfqHfgbniw4tocvbf.GOEySIzH1fBxJ6QReMLqxG_FrjDWy5M2sthm9WCW6gLNd0RrLCX8yDgDsJpALALebWxCXe5ciqVsIFCwdn1FjwWUFLkMQjMQgZKscQDxl_wqSTH2Cf