urlscan.io logo urlscan.io
SecurityTrails logo

one.sayafx.top Open in urlscan Pro
2606:4700:3037::6815:4e70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one.sayafx.top/
Effective URL: https://one.sayafx.top/
Submission Tags: @phish_report
Submission: On December 22 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3037::6815:4e70, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.sayafx.top.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.
This is the only time one.sayafx.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2404:6800:400... 15169 (GOOGLE)
23 4
1    2606:4700:3035::ac43:dc65 (United States)

ASN13335 (CLOUDFLARENET, US)
one.sayafx.top
5    2606:4700:3037::6815:4e70 (United States)

ASN13335 (CLOUDFLARENET, US)
one.sayafx.top
9    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
fastly.jsdelivr.net
cdn.jsdelivr.net
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 jsdelivr.net
fastly.jsdelivr.net — Cisco Umbrella Rank: 102629
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
242 KB
8 gstatic.com
fonts.gstatic.com
383 KB
6 sayafx.top
one.sayafx.top
12 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
23 4
Domain Requested by
8 fonts.gstatic.com fastly.jsdelivr.net
8 fastly.jsdelivr.net one.sayafx.top
6 one.sayafx.top 1 redirects fastly.jsdelivr.net
static.cloudflareinsights.com
1 cdn.jsdelivr.net fastly.jsdelivr.net
1 static.cloudflareinsights.com one.sayafx.top
23 5

This site contains no links.

Subject Issuer Validity Valid
sayafx.top
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://one.sayafx.top/
Frame ID: 00F2D4372EBCCCF1D584AC1E858E0AC2
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - 月谣Moonpsalms

Page URL History Show full URLs

  1. http://one.sayafx.top/ HTTP 301
    https://one.sayafx.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

642 kB
Transfer

1112 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one.sayafx.top/ HTTP 301
    https://one.sayafx.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one.sayafx.top/
Redirect Chain
  • http://one.sayafx.top/
  • https://one.sayafx.top/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.4
Resource Hash
13ac88223ef704cb9b1dd9bc4991f31689cde3c487b37c2cd7eb0ca1217dc1f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8395fb501c715739-SYD
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 22 Dec 2023 05:31:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLLZIaRB6mb3NgyClv%2BUNNJT0%2Fd7pjS8XsPZ1o06wqOrl3iN%2BgG3oov4W0s%2Fn0FV4%2BzY14tfjKglk%2BJEBFsKheDdaMeGmpvSS1YiPJgtsUJg3vjJSNM9D9UFWtdVZr7NY29LXhNYp8Q35Fi2Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
x-powered-by
PHP/8.2.4
x-vercel-cache
MISS
x-vercel-id
syd1::iad1::r5tk9-1703223119490-8cef4b2054d5

Redirect headers

CF-RAY
8395fb4ebab6725d-AKL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 22 Dec 2023 05:31:59 GMT
Expires
Fri, 22 Dec 2023 06:31:59 GMT
Location
https://one.sayafx.top/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnuClk35mmq5E6EFP6jpl4bLHVZKVnyIuex0qB752Dpm8vZNBCpVPKorAbyAUW50Sv4mjB%2FD%2FfoJg7dvU8o8x4WuFwbwWPh%2BxOiU0B9vCgRRYLWwKSozXDE81CcGh2%2BNvWHP3Uz%2BUPxasUOTjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
app.css
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/ 		209 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0cdcca3b31c89c706de95c6a1d760618446336bb6fd12c3ed1c109979d29258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
3904438
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47954
x-served-by
cache-fra-eddf8230036-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"34351-S/1VjhjGkugmd1vwB/mFiz+hKmU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://one.sayafx.top/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 22 Dec 2023 05:32:00 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8395fb54bef41c51-AKL
app@1b381f3c.a4f2dc4618121eac37e2.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@1b381f3c.a4f2dc4618121eac37e2.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4437ed593908dc660b313f1ea76620d287c3cf8173ea5b881360c997c8880837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
4486462
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25890
x-served-by
cache-fra-etou8220061-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"10d3a-AKRPa1MlxW+mpkO1j/FqZEHY0k8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
app@28a13772.98a11cc0c1cf2495c3d8.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@28a13772.98a11cc0c1cf2495c3d8.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cac8c406652bf4eab35614372a1c70e737e4d071cbe6de6a4ec1a564a774a333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
2008467
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34270
x-served-by
cache-fra-etou8220056-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"16cad-+p/6KkJlRpwANqGiIanwVWl7AjU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
app@34e3d95a.2f8dbf552095a86a7f1b.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@34e3d95a.2f8dbf552095a86a7f1b.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b26c6c5f9ab39ff1b7b718b4336aeffb23d8c65250985c978809c3880865c46a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
5018681
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17258
x-served-by
cache-fra-eddf8230100-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"c6bd-Gh0x3xiIsmFeT6tnuAlK1VTJSpY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
app@798ab416.9ed46bb752b71a3c13a4.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		115 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@798ab416.9ed46bb752b71a3c13a4.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81a581af5cb8421701dcf66c1153457f3f2ac671879e1d799032cb1462ef2243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
3114061
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33981
x-served-by
cache-fra-etou8220106-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"1cca6-NPZnLWW4s5JzMV7CNmianuF/jzw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
app@9c50beac.30955a99f08c9574cd14.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@9c50beac.30955a99f08c9574cd14.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8a5c02fed181fc33185d931fe1621026f1149ece07ad3c95ff6d7dadca5a91b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
3301213
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22280
x-served-by
cache-fra-etou8220094-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"fa29-hY7rV87lqUasUM/5NhzQnLf+DTg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
app@f0256996.956ea71aa357ba3fdc28.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@f0256996.956ea71aa357ba3fdc28.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e551d383c4e9232c1ad54ac51a65b13cd2fdc219996efcb3b435bed8808eaf64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
4396739
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25392
x-served-by
cache-fra-etou8220041-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"11694-WZV00iZn5Rayp0Ie3mB8gZaOd5Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
webpack-runtime.93708ab3e9cb84dcc01a.js
fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/ 		2 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/webpack-runtime.93708ab3e9cb84dcc01a.js
Requested by
Host: one.sayafx.top
URL: https://one.sayafx.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad068067164df712e0cda81b6c5a761700e7a6aee3cc208dfd234c8e32251399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
3286822
x-jsd-version
1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
802
x-served-by
cache-fra-eddf8230078-FRA, cache-akl10331-AKL
x-jsd-version-type
version
etag
W/"616-lwZyjijEYxXStOOzazBJoHMvs4s"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v38/ 		113 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsoutlined/v38/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58674c4c1237be27b4e85a12800a6ebccd163ccfa6a797fd8bd104dde01c1d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 21 Dec 2023 12:26:11 GMT
x-content-type-options
nosniff
age
61549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115340
x-xss-protection
0
last-modified
Thu, 17 Dec 2020 02:36:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 12:26:11 GMT
ProductSans-Regular.woff2
cdn.jsdelivr.net/gh/186526/jsdelivr@1.1.8/static/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/186526/jsdelivr@1.1.8/static/ProductSans-Regular.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ff653eb5499e6f0f8ad434675827d84205a345f49d4e2f67df08a5f4b8f7315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
age
705015
x-jsd-version
1.1.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
37420
x-served-by
cache-fra-etou8220055-FRA, cache-akl10325-AKL
x-jsd-version-type
version
etag
W/"922c-O2im5O/Fz65HgRTWuBrlxoWnq2E"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.118.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.118.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c13b8192fb7fd9fe96c5c11016b12fa774b24ea8a9239beb0fe29378f7708dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 21 Dec 2023 02:52:18 GMT
x-content-type-options
nosniff
age
95982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30852
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:18:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 02:52:18 GMT
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.117.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.117.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7a5c244fcedf11f25b9cd35fcb590eb9d30de665a41cd695b4982c7a467eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Dec 2023 14:55:39 GMT
x-content-type-options
nosniff
age
570981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35340
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:11:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 14:55:39 GMT
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.116.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.116.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a65e222ee150a2b103b0e35f5d3b58c8ea539f0ade3da807d0fea8ed3f1b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 20:38:56 GMT
x-content-type-options
nosniff
age
204784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35832
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:18:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 20:38:56 GMT
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.114.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.114.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f798b5d968b8524810ae566d5affa1a8d3baf15991c77b6c042c75ace0ffe32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 20 Dec 2023 16:50:36 GMT
x-content-type-options
nosniff
age
132084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39520
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:17:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 16:50:36 GMT
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.119.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.119.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8999b5a143c7b6dda2c068420926f7393c289e86d4b95ad60225128217a138c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 21 Dec 2023 01:36:08 GMT
x-content-type-options
nosniff
age
100552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51416
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:11:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 01:36:08 GMT
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.115.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.115.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce01a6d465d72faf87abf4130b0f5b2bf6a1680cbc2dd873214430b26f284f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 20:43:18 GMT
x-content-type-options
nosniff
age
290922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37640
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:18:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 20:43:18 GMT
k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.108.woff2
fonts.gstatic.com/s/notosanssc/v12/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanssc/v12/k3kXo84MPvpLmixcA63oeALhLOCT-xWNm8Hqd37g1OkDRZe7lR4sg1IzSy-MNbE9VH8V.108.woff2
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced29ce931bb6e08bfb9fe11bcfcd52b8acab3f0b03acdeaff45c1ae6b92c9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fastly.jsdelivr.net/
Origin
https://one.sayafx.top
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 22 Dec 2023 05:32:00 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44288
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:31:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 05:32:00 GMT
/
one.sayafx.top/sayafx/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://one.sayafx.top/sayafx/
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@798ab416.9ed46bb752b71a3c13a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 22 Dec 2023 05:32:01 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id
syd1::iad1::r5tk9-1703223121330-ed8557954825
server
cloudflare
age
0
x-powered-by
PHP/8.2.4
x-vercel-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH0YG1zqWSK69SCynZgUkNXXRdXpaNQA9uZ7CnuAAOU6iUf%2BGBYAyPh2abLpLhaQi4aUGNW4INlRhl7qzTk2XCq0CANBi2SIuCveRmHRFXo4mvClG2As5dJ1jm7ruqLWilJqGa2eNfHycf523g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cache-control
public, max-age=0, must-revalidate
cf-ray
8395fb5c4a885739-SYD
alt-svc
h3=":443"; ma=86400
/
one.sayafx.top/E5/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://one.sayafx.top/E5/
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@798ab416.9ed46bb752b71a3c13a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 22 Dec 2023 05:32:01 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id
syd1::iad1::mfxxr-1703223121343-4276e17939f2
server
cloudflare
age
0
x-powered-by
PHP/8.2.4
x-vercel-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaCSMntuuQH67HycWpegl92DLb6WOzPXuwPEVm4mvmfZwDmHj84pYzRpw4hZjSdTy%2BsKEO7zi5Rmo1hXTHk6lJ%2BrDYEyU7nqqbf0JePAUX4bHJRKrFOCuF3OkACieX2jjtT8Z5k0WvMNPK0dUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cache-control
public, max-age=0, must-revalidate
cf-ray
8395fb5c4a8c5739-SYD
alt-svc
h3=":443"; ma=86400
/
one.sayafx.top/CN/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://one.sayafx.top/CN/
Requested by
Host: fastly.jsdelivr.net
URL: https://fastly.jsdelivr.net/gh/186526/renexmoe-cdn@v1.3/js/app@798ab416.9ed46bb752b71a3c13a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.sayafx.top/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 22 Dec 2023 05:32:01 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id
syd1::iad1::l9njm-1703223121346-1aa3ece40307
server
cloudflare
age
0
x-powered-by
PHP/8.2.4
x-vercel-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUTnCw76E05TXjhHwsk0RQAGL%2FCA0vaCG0VXqdf1EtHTvVqfBK2MhdZDuh7IiEPFBvWuP6sUm38re5K%2FBcDFG0zFYp7F4TArpkKdnBfsXsmaI16KZEKPSM2LGU7Nvht%2FhbNgAOWOfr1fYCd%2BKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cache-control
public, max-age=0, must-revalidate
cf-ray
8395fb5c4a8f5739-SYD
alt-svc
h3=":443"; ma=86400
rum
one.sayafx.top/cdn-cgi/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://one.sayafx.top/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://one.sayafx.top/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

date
Fri, 22 Dec 2023 05:32:01 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://one.sayafx.top
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8395fb5eba17a97d-SYD

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture undefined| MorePage object| webpackJsonp function| Pjax object| regeneratorRuntime boolean| listenerStatus function| ToggleListener object| mdui object| renexmoe object| __cfBeacon number| _mduiEventId object| FPConfig

1 Cookies

Domain/Path Name / Value
one.sayafx.top/ Name: darkmode
Value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fastly.jsdelivr.net
fonts.gstatic.com
one.sayafx.top
static.cloudflareinsights.com
2404:6800:4006:809::2003
2606:4700:3035::ac43:dc65
2606:4700:3037::6815:4e70
2606:4700::6810:3965
2a04:4e42:600::485
0f7a5c244fcedf11f25b9cd35fcb590eb9d30de665a41cd695b4982c7a467eab
13ac88223ef704cb9b1dd9bc4991f31689cde3c487b37c2cd7eb0ca1217dc1f0
3c13b8192fb7fd9fe96c5c11016b12fa774b24ea8a9239beb0fe29378f7708dc
4437ed593908dc660b313f1ea76620d287c3cf8173ea5b881360c997c8880837
4ff653eb5499e6f0f8ad434675827d84205a345f49d4e2f67df08a5f4b8f7315
58674c4c1237be27b4e85a12800a6ebccd163ccfa6a797fd8bd104dde01c1d23
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
81a581af5cb8421701dcf66c1153457f3f2ac671879e1d799032cb1462ef2243
8999b5a143c7b6dda2c068420926f7393c289e86d4b95ad60225128217a138c0
8a65e222ee150a2b103b0e35f5d3b58c8ea539f0ade3da807d0fea8ed3f1b55d
a8a5c02fed181fc33185d931fe1621026f1149ece07ad3c95ff6d7dadca5a91b
ad068067164df712e0cda81b6c5a761700e7a6aee3cc208dfd234c8e32251399
b26c6c5f9ab39ff1b7b718b4336aeffb23d8c65250985c978809c3880865c46a
cac8c406652bf4eab35614372a1c70e737e4d071cbe6de6a4ec1a564a774a333
ce01a6d465d72faf87abf4130b0f5b2bf6a1680cbc2dd873214430b26f284f74
ced29ce931bb6e08bfb9fe11bcfcd52b8acab3f0b03acdeaff45c1ae6b92c9f2
e0cdcca3b31c89c706de95c6a1d760618446336bb6fd12c3ed1c109979d29258
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e551d383c4e9232c1ad54ac51a65b13cd2fdc219996efcb3b435bed8808eaf64
f798b5d968b8524810ae566d5affa1a8d3baf15991c77b6c042c75ace0ffe32e