urlscan.io logo urlscan.io
SecurityTrails logo

hdz.mafra1niiy.xyz Open in urlscan Pro
2606:4700:3031::ac43:8ed5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://billingbankonlines.com/
Effective URL: https://hdz.mafra1niiy.xyz/
Submission: On May 17 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3031::ac43:8ed5, located in United States and belongs to CLOUDFLARENET, US. The main domain is hdz.mafra1niiy.xyz.
TLS certificate: Issued by R3 on May 17th 2021. Valid for: 3 months.
This is the only time hdz.mafra1niiy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 81.177.140.169 8342 (RTCOMM-AS)
1 3 190.115.26.222 262254 (DDOS-GUAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
6 mafra1niiy.xyz
hdz.mafra1niiy.xyz
343 KB
3 cppay.top
cppay.top
31 KB
1 billingbankonlines.com
billingbankonlines.com
411 B
9 3
Domain Requested by
6 hdz.mafra1niiy.xyz cppay.top
hdz.mafra1niiy.xyz
3 cppay.top 1 redirects cppay.top
1 billingbankonlines.com
9 3

This site contains no links.

Subject Issuer Validity Valid
cppay.top
R3		 2021-05-14 -
2021-08-12		 3 months crt.sh
*.mafra1niiy.xyz
R3		 2021-05-17 -
2021-08-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hdz.mafra1niiy.xyz/
Frame ID: E8D950A66F9F9C5E421104174346365C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://billingbankonlines.com/ Page URL
  2. https://cppay.top/d/5f91a47825ba5 Page URL
  3. https://cppay.top/check-unique/index?unique_code=114dc5164bc2914562ef359fbb8ff285&link_type=pa... HTTP 302
    https://hdz.mafra1niiy.xyz/ Page URL

Page Statistics

9
Requests

89 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

374 kB
Transfer

1689 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://billingbankonlines.com/ Page URL
  2. https://cppay.top/d/5f91a47825ba5 Page URL
  3. https://cppay.top/check-unique/index?unique_code=114dc5164bc2914562ef359fbb8ff285&link_type=partner&code=5f91a47825ba5&u=&url=https%3A%2F%2Fhdz.mafra1niiy.xyz%3F&upgrade=5e1d82292ac79 HTTP 302
    https://hdz.mafra1niiy.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
billingbankonlines.com/ 		96 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
http://billingbankonlines.com/
Protocol
HTTP/1.1
Server
81.177.140.169 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
405e4ddc4912879ad6941c87155f16c7aa0cbd54dc24bb00a88626ec34913618

Request headers

Host
billingbankonlines.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Mon, 17 May 2021 14:07:48 GMT
Content-Type
text/html
Content-Length
109
Connection
keep-alive
Server
Jino.ru/mod_pizza
Last-Modified
Sun, 16 May 2021 15:55:49 GMT
ETag
"b0e9fd3-60-5c27482c677cc"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
5f91a47825ba5
cppay.top/d/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cppay.top/d/5f91a47825ba5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.26.222 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Host
cppay.top
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://billingbankonlines.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Referer
http://billingbankonlines.com/

Response headers

Server
nginx
Date
Mon, 17 May 2021 14:07:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=15768000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Encoding
gzip
fp21.min.js
cppay.top/frontend/web/js/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cppay.top/frontend/web/js/fp21.min.js
Requested by
Host: cppay.top
URL: https://cppay.top/d/5f91a47825ba5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.115.26.222 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
cppay.top
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://cppay.top/d/5f91a47825ba5
Connection
keep-alive
Referer
https://cppay.top/d/5f91a47825ba5
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Mon, 17 May 2021 14:07:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Aug 2019 12:05:02 GMT
Server
nginx
ETag
"5d554a6e-7309"
Strict-Transport-Security
max-age=15768000; includeSubdomains; preload
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29449
Primary Request /
hdz.mafra1niiy.xyz/
Redirect Chain
  • https://cppay.top/check-unique/index?unique_code=114dc5164bc2914562ef359fbb8ff285&link_type=partner&code=5f91a47825ba5&u=&url=https%3A%2F%2Fhdz.mafra1niiy.xyz%3F&upgrade=5e1d82292ac79
  • https://hdz.mafra1niiy.xyz/?
1008 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hdz.mafra1niiy.xyz/?
Requested by
Host: cppay.top
URL: https://cppay.top/d/5f91a47825ba5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8ed5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be90a7e876e99ff8c709f4764d7b5b356b3ea8a6beec47d4b2eb9bb9da594ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:method
GET
:authority
hdz.mafra1niiy.xyz
:scheme
https
:path
/?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://cppay.top/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Referer
https://cppay.top/d/5f91a47825ba5

Response headers

date
Mon, 17 May 2021 14:07:50 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000;
cf-cache-status
DYNAMIC
cf-request-id
0a1c40a1bd00004a97f588b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4SlFv6gmnfoHskHKEJSx6z0OtXD%2Ba68NlPEmmzrsKpjDZDj1hIq3vroma46ahV1F3fFJb6RlT%2FW4iSt0O9jRcFW1%2BbLYX25DxeURXjM5PJjPVkHBBNmAiw0Kjx%2F0SrY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
650d6a15fd7b4a97-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Server
nginx
Date
Mon, 17 May 2021 14:07:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://hdz.mafra1niiy.xyz?
Set-Cookie
aff476=6249ad0d55d91679a00fb2cac7f1dd53f6603c396c614e460995f09d7cb1ad87a%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22aff476%22%3Bi%3A1%3Bs%3A13%3A%225f91a47825ba5%22%3B%7D; expires=Sat, 19-Jun-2021 14:07:49 GMT; Max-Age=2851200; path=/; HttpOnly userHash=e7e9e246994dbe63508eb96b43c5312915200385a9f389876f4059d663de11a0a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22userHash%22%3Bi%3A1%3Bs%3A32%3A%22abaf5c7bcc40ec54c21c881817c855be%22%3B%7D; expires=Sat, 19-Jun-2021 14:07:49 GMT; Max-Age=2851200; path=/; HttpOnly
Strict-Transport-Security
max-age=15768000; includeSubdomains; preload
X-Content-Type-Options
nosniff
app.99ce3636dd7856ed0ddedbf3e7190ffe.css
hdz.mafra1niiy.xyz/static/css/ 		193 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hdz.mafra1niiy.xyz/static/css/app.99ce3636dd7856ed0ddedbf3e7190ffe.css
Requested by
Host: hdz.mafra1niiy.xyz
URL: https://hdz.mafra1niiy.xyz/?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ed5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad0351417b1a75b4010c7c584206f3da0a4e44c34892fd9df4e1bd0a619f888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/css/app.99ce3636dd7856ed0ddedbf3e7190ffe.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hdz.mafra1niiy.xyz
referer
https://hdz.mafra1niiy.xyz/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hdz.mafra1niiy.xyz/?
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 17 May 2021 14:07:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2023
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a1c40a221000005fd382da000000001
last-modified
Sun, 16 May 2021 18:59:01 GMT
server
cloudflare
etag
W/"60a16b75-30300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nsClksSrFVMkMM0HKvr%2BJSfb%2BPbhuNAyjt1utzHsdIBVRdvREBupScXEKt6jn5fT2pZ41eRjQ26VAYVucgIGFeS3o1iX7Js9zhMRUKjEputkyecy32RtXaA%2FkeAMTtc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
650d6a169ff205fd-FRA
loading_spinner2.gif
hdz.mafra1niiy.xyz/static/img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hdz.mafra1niiy.xyz/static/img/loading_spinner2.gif
Requested by
Host: hdz.mafra1niiy.xyz
URL: https://hdz.mafra1niiy.xyz/?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ed5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/img/loading_spinner2.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hdz.mafra1niiy.xyz
referer
https://hdz.mafra1niiy.xyz/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hdz.mafra1niiy.xyz/?
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 17 May 2021 14:07:50 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2023
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16338
cf-request-id
0a1c40a222000005fd1da05000000001
last-modified
Sun, 16 May 2021 18:59:01 GMT
server
cloudflare
etag
"60a16b75-3fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ypjw4b2eKkOWeKCldY65EW8reThaJn3EgIps8jPtRUMqeA%2FQiDEV2G8vDamY%2FdkghaWPDSSfshWSThfcmpEcIsiD%2BzGFQrdwzlerpvzMMB%2BHxDRTRaYhUdbME32HXQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
650d6a169ff605fd-FRA
manifest.2ae2e69a05c33dfc65f8.js
hdz.mafra1niiy.xyz/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hdz.mafra1niiy.xyz/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by
Host: hdz.mafra1niiy.xyz
URL: https://hdz.mafra1niiy.xyz/?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ed5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
308ba6a9c5db6287e54ba88d5add52a30fe1b1b9ded29c54aee610325f44852f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/js/manifest.2ae2e69a05c33dfc65f8.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hdz.mafra1niiy.xyz
referer
https://hdz.mafra1niiy.xyz/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hdz.mafra1niiy.xyz/?
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 17 May 2021 14:07:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2023
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a1c40a221000005fde0059000000001
last-modified
Sun, 16 May 2021 18:59:01 GMT
server
cloudflare
etag
W/"60a16b75-13e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c0EIAjnx%2F5UyqTe0CaS69WLsGRx9N%2BQEFeFgJAnU80d5WqFBdbJCPHdkuLtM1CBHY%2Fae5S5PfMlpg8a3GgtI7NHrUW76CB7lCnZ8Ywz4wPWmm2Lsy721bl1VylGivZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
650d6a169fef05fd-FRA
vendor.dfd24671875ed0425bb9.js
hdz.mafra1niiy.xyz/static/js/ 		1016 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hdz.mafra1niiy.xyz/static/js/vendor.dfd24671875ed0425bb9.js
Requested by
Host: hdz.mafra1niiy.xyz
URL: https://hdz.mafra1niiy.xyz/?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ed5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eed5c4da22fb3eaea1e77afcaf4c8b901c485da71712fcdaba575026386cb6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/js/vendor.dfd24671875ed0425bb9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hdz.mafra1niiy.xyz
referer
https://hdz.mafra1niiy.xyz/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hdz.mafra1niiy.xyz/?
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 17 May 2021 14:07:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2023
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a1c40a224000005fd152e9000000001
last-modified
Sun, 16 May 2021 18:59:01 GMT
server
cloudflare
etag
W/"60a16b75-fe1e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TAbX9074ZthS%2B5VcYmgnaBPRRMv8%2FxB13JW%2F%2F%2F36QmS9Ryfyz0fulxs2sGLc51%2BjwYbLHqENgLzJA%2Bhpxsg5JhNEQZWA6QA5s8y9OoohOJOt2RDuxyrm2VLirbSQWgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
650d6a169feb05fd-FRA
app.097e2cdbe29a4580ba06.js
hdz.mafra1niiy.xyz/static/js/ 		428 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hdz.mafra1niiy.xyz/static/js/app.097e2cdbe29a4580ba06.js
Requested by
Host: hdz.mafra1niiy.xyz
URL: https://hdz.mafra1niiy.xyz/?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8ed5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91030d5ffbabe97b4c1318ab64d73cece63a16a87450a45caa0d826e805c91cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:path
/static/js/app.097e2cdbe29a4580ba06.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hdz.mafra1niiy.xyz
referer
https://hdz.mafra1niiy.xyz/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hdz.mafra1niiy.xyz/?
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 17 May 2021 14:07:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2023
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a1c40a222000005fdda368000000001
last-modified
Sun, 16 May 2021 18:59:01 GMT
server
cloudflare
etag
W/"60a16b75-6ae2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gCM4GDiM9ZJLWze5pfRsMWF6Y0B2sFDz5LENAIkcKJnoRoeQYgulmK0igeDYK2dNNOjPZJiJ7NBZYxjj3Y51ZFtUb6eWX8TI1yBRjGng%2FtG8543bxZdDSyNF2XkSbM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
650d6a169ffa05fd-FRA

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _0x1d69 function| _0x1ad5 function| webpackJsonp object| _0x6536 function| _0x17ed function| _0x33dd7f function| _0xe8748b object| _0x3661 function| _0x3b94 function| _0x10dbc4 function| _0x263213 object| __core-js_shared__

0 Cookies