www.xn--12cgi5cya7e7aj4cfhg.xyz Open in urlscan Pro Puny
www.กันสาดหลังคา.xyz IDN
104.21.17.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn--12cgi5cya7e7aj4cfhg.xyz/
Effective URL:
https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Submission: On October 04 via automatic, source rescanner (October 4th 2021, 6:14:31 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 104.21.17.114, located in and belongs to CLOUDFLARENET, US. The main domain is www.xn--12cgi5cya7e7aj4cfhg.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 4th 2021. Valid for: a year.

This is the only time www.xn--12cgi5cya7e7aj4cfhg.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	104.21.17.114 104.21.17.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.52.65 104.22.52.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.175.198 172.67.175.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	145.239.131.51 145.239.131.51	16276 (OVH) (OVH)
12	5

7 104.21.17.114 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--12cgi5cya7e7aj4cfhg.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.xn--12cgi5cya7e7aj4cfhg.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.52.65 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.175.198 (United States)

ASN13335 (CLOUDFLARENET, US)

www.xn--12cgi5cya7e7aj4cfhg.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.131.51 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	xn--12cgi5cya7e7aj4cfhg.xyz 1 redirects xn--12cgi5cya7e7aj4cfhg.xyz www.xn--12cgi5cya7e7aj4cfhg.xyz	34 KB
3	ibb.co i.ibb.co	222 KB
2	statcounter.com secure.statcounter.com c.statcounter.com	14 KB
12	3

	Domain	Requested by
7	www.xn--12cgi5cya7e7aj4cfhg.xyz	www.xn--12cgi5cya7e7aj4cfhg.xyz
3	i.ibb.co	www.xn--12cgi5cya7e7aj4cfhg.xyz
1	c.statcounter.com	secure.statcounter.com
1	secure.statcounter.com	www.xn--12cgi5cya7e7aj4cfhg.xyz
1	xn--12cgi5cya7e7aj4cfhg.xyz	1 redirects
12	5

This site contains links to these domains. Also see Links.

Domain
ibb.co
www.xn--12cgi5cya7e7aj4cfhg.net
www.dobesttrading.com
diagnoseo.com
www.statcounter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-04` - `2022-10-03`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
ibb.co R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Frame ID: 01654123D0B85BFF74AFA5EE2FC2C1C2
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

กันสาดหลังคา – กันสาดหลังคา

Page URL History Show full URLs

https://xn--12cgi5cya7e7aj4cfhg.xyz/ HTTP 301
https://www.xn--12cgi5cya7e7aj4cfhg.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

270 kB
Transfer

412 kB
Size

3
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://ibb.co/DgTKrqH

Search URL Search Domain Scan URL

URL: https://www.xn--12cgi5cya7e7aj4cfhg.net/17143840/%E0%B9%81%E0%B8%9C%E0%B9%88%E0%B8%99%E0%B9%82%E0%B8%9E%E0%B8%A5%E0%B8%B5%E0%B8%84%E0%B8%B2%E0%B8%A3%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B9%80%E0%B8%99%E0%B8%95-%E0%B8%8A%E0%B8%99%E0%B8%B4%E0%B8%94%E0%B8%A5%E0%B8%B9%E0%B8%81%E0%B8%9F%E0%B8%B9%E0%B8%81-dstrong-
Title: แผ่นโพลีคาร์บอเนต (ชนิดลูกฟูก) D’Strong

Search URL Search Domain Scan URL

URL: https://www.dobesttrading.com/%E0%B9%82%E0%B8%9E%E0%B8%A5%E0%B8%B5%E0%B9%88%E0%B8%84%E0%B8%B2%E0%B8%A3%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B9%80%E0%B8%99%E0%B8%95-%E0%B8%A5%E0%B8%B9%E0%B8%81%E0%B8%9F%E0%B8%B9%E0%B8%81
Title: แผ่นโพลีคาร์บอเนต

Search URL Search Domain Scan URL

URL: https://ibb.co/6NGyQ8x

Search URL Search Domain Scan URL

URL: https://www.xn--12cgi5cya7e7aj4cfhg.net/17143841/%E0%B9%81%E0%B8%9C%E0%B9%88%E0%B8%99%E0%B9%82%E0%B8%9E%E0%B8%A5%E0%B8%B5%E0%B9%88%E0%B8%84%E0%B8%B2%E0%B8%A3%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B9%80%E0%B8%99%E0%B8%95-%E0%B9%81%E0%B8%9C%E0%B9%88%E0%B8%99%E0%B8%95%E0%B8%B1%E0%B8%99-%E0%B9%80%E0%B8%81%E0%B8%A5%E0%B9%87%E0%B8%94%E0%B8%A1%E0%B8%B8%E0%B8%81%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%9A-dstrong-
Title: แผ่นโพลี่คาร์บอเนต แผ่นตัน เกล็ดมุก/เรียบ D’Strong

Search URL Search Domain Scan URL

URL: https://ibb.co/hHGsSxk

Search URL Search Domain Scan URL

URL: http://www.xn--12cgi5cya7e7aj4cfhg.net/
Title: www.กันสาดหลังคา.net

Search URL Search Domain Scan URL

URL: https://diagnoseo.com/seo-friendly-wordpress-theme/
Title: DiagnoSEO WordPress Theme

Search URL Search Domain Scan URL

URL: https://www.statcounter.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--12cgi5cya7e7aj4cfhg.xyz/ HTTP 301
https://www.xn--12cgi5cya7e7aj4cfhg.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xn--12cgi5cya7e7aj4cfhg.xyz/
Redirect Chain

https://xn--12cgi5cya7e7aj4cfhg.xyz/
https://www.xn--12cgi5cya7e7aj4cfhg.xyz/

18 KB
6 KB

1048ms
1009ms

Document
text/html

104.21.17.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.30 PleskLin
Resource Hash: df728f297339bd23d110f6c175c996693898450de6dca330b381972b6a7729a6

Request headers

:method: GET
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 04 Oct 2021 18:14:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.30 PleskLin
x-pingback: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/xmlrpc.php
link: <https://www.xn--12cgi5cya7e7aj4cfhg.xyz/index.php/wp-json/>; rel="https://api.w.org/", <https://www.xn--12cgi5cya7e7aj4cfhg.xyz/index.php/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.xn--12cgi5cya7e7aj4cfhg.xyz/>; rel=shortlink
x-cache-status: BYPASS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BwOUQIAremeQ96Frfsx9GjUiKKXPnXwnqEhlHQcrugoeFMtdUQlfqaqmLTC7wpi%2BebLXhk6woAPGf9xVaLoDSlOxxsLgWBRCwalnIrEXNYYIYzL7IvwBvtjYikmNnIZEEBIRtxrdpn4Jhp67F5Fq7Ys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699063c10de33a4d-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 04 Oct 2021 18:14:24 GMT
content-type: text/html
location: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoYZx9nYkwcvuHhsPuYlMSke6GtV16RX02D7fRIMmIAcmM5BinkaoxtRZpAV1Xyk8X%2FvV9t%2B3UUzrP8HpEQgqKnPkw8EGo3Obmw%2FhMIK2KbrEDmnUkR6By%2BNZr1A95FKwCErABmb6C1jqeRJ5Zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699063bd189c3a4d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.css
www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-content/themes/diagnoseo/css/ 34 KB
8 KB 838ms
837ms Stylesheet
text/css 104.21.17.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-content/themes/diagnoseo/css/main.css?ver=1
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3f9adcf0edcdc12a8e51350113ce963859bfe2460e80e654a11c2c3d9cb43631

Request headers

:path: /wp-content/themes/diagnoseo/css/main.css?ver=1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:56:16 GMT
server: cloudflare
etag: W/"615a8970-87c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoCXK5zkpbxEFk69IcgrhOq7a1oynoop5N3LGDV%2F%2Fcbp7nux15C9TpRUAR1mxzZRr8n4R4dkXWsZ6L8wr5T70iBOb%2FgSOidPkWoEwdTFJBE5HEXZ4PuiYT6NrCJOr7qxytbHX3uskFGH%2BpMYi1gObgVL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 699063c77ea73a4d-CDG

GET
H2 200 style.min.css
www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-includes/css/dist/block-library/ 79 KB
11 KB 949ms
948ms Stylesheet
text/css 104.21.17.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: cloudflare
etag: W/"612efc26-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knYyq6nYu7xihqbEvDLYnJ5Xz4XMnFLUP1BVzYiHEwailculjdf2l5Y40kZ72ZizknGWRoUyu6Uj%2BrjcbF1BulXt366322vjFOLRfe8ep%2BySWmcDsDx07ctW0n0kxIQIA8zxqcDu6VOz%2FcXYbiwaIWZf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 699063c77ea83a4d-CDG

GET
H2 200 email-decode.min.js Show response
www.xn--12cgi5cya7e7aj4cfhg.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
18ms Script
application/javascript 104.21.17.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xn--12cgi5cya7e7aj4cfhg.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.17.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 11:33:04 GMT
server: cloudflare
etag: W/"61544ef0-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLgwqIBFeXQQ%2Fz7nwAx10Xv5EJY6IF85vZSVz9GMW%2FicMpmNAZcTHOZUbT4muBA6mAKY6oxlWobJsHZtz2oFyvvWP7onHmiZPkUxvs%2FluNRzU5xRmaudzZ%2FYj1e4YV9IvSVfByydhEsX7DvDlkda0mfF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 699063c77eaa3a4d-CDG
vary: Accept-Encoding
expires: Wed, 06 Oct 2021 18:14:25 GMT

GET
H2 200 wp-embed.min.js Show response
www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-includes/js/ 1 KB
1 KB 584ms
584ms Script
application/javascript 104.21.17.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:25 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BHM5XYAPmR6TbetsmabOh8O8lkYRC%2F6WIHCc4qlWGRHSkxvmSaaKxJKoZK1LiYPQGM0QEV6TPf1Dlwz3%2FSEaVMgM%2Bz%2B2y93I5vfe5DH8WP7qDV2ef0cAFszTZz8kB2IJtf2rMtIV8Su8x%2FGljwe9%2F0O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 699063c77eab3a4d-CDG

GET
H2 200 wp-emoji-release.min.js Show response
www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-includes/js/ 18 KB
5 KB 1506ms
1505ms Script
application/javascript 104.21.17.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: cloudflare
etag: W/"60bfebf0-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBfT3gLjGvBwNb0OK0ePebsc7LPUs3XXrcKLdQZLJQkbSu8clxMBqHBvcKeP1cgsZdfAb08%2BXxLL1L4xGblbGqYKyCeeOgLsqNPHfUfMsAaX%2BjD3OVTEnI%2BNhA0Q%2FOWcDjbRiMhNEkcoYP7cCM5djuU9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 699063c78eb93a4d-CDG

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 38 KB
13 KB 54ms
20ms Script
application/x-javascript 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b96ebcd88975441922975f3ff294f65099b87f48367b9513a2b05472dfb621

Request headers

Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 09:31:44 GMT
server: cloudflare
age: 29245
etag: W/"61163c00-99a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 699063cdaaf2876a-DUS
expires: Mon, 04 Oct 2021 22:07:01 GMT

GET
H3 200 seo.ttf
www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-content/themes/diagnoseo/fonts/ 1 KB
2 KB 1162ms
1162ms Font
application/font-sfnt 172.67.175.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/wp-content/themes/diagnoseo/fonts/seo.ttf?ay24jn
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.175.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5a71a094e54dfd8922599a9ab91459a0da2b8e09fdcbde93c2737bfb5f79073b

Request headers

:path: /wp-content/themes/diagnoseo/fonts/seo.ttf?ay24jn
pragma: no-cache
origin: https://www.xn--12cgi5cya7e7aj4cfhg.xyz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.xn--12cgi5cya7e7aj4cfhg.xyz
referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Origin: https://www.xn--12cgi5cya7e7aj4cfhg.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
x-cache-status: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:56:16 GMT
server: cloudflare
etag: W/"615a8970-5a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oeicnGSk6iAQvMW2a52ZeD%2BMQ5nWng4ATjaSeRxah54SEAMG3Xsl%2BtgetcHMQwde4saICgm2Tl%2BYdSL6sAkWklCa4yx6u%2F1DJJH5cAOChc6twQFys2VUv2o2DjdDgbVrG1aLoUDEB4l%2Fp0TtOjk8iKN"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
cf-ray: 699063cd7ca0b7c9-CDG

GET
H2 200 header-slide-1-4743.jpg
i.ibb.co/fGL0Dcz/ 102 KB
102 KB 399ms
265ms Image
image/jpeg 145.239.131.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/fGL0Dcz/header-slide-1-4743.jpg
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 9e60fd136e18c00701b6a49e76bcb72b807de7786169d8d92a1e1a88b0ce4fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
last-modified: Mon, 04 Oct 2021 05:24:37 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 104466
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.jpg
i.ibb.co/52C1Zky/ 55 KB
56 KB 399ms
265ms Image
image/jpeg 145.239.131.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/52C1Zky/1.jpg
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: f34e7ea1c31430021de7f3b3b0f933ff134711f5cab089826c3db3613e5abfda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
last-modified: Mon, 04 Oct 2021 05:39:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 56582
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dobesttrading-com-logo-0531.png
i.ibb.co/HYc7jL0/ 64 KB
64 KB 149ms
16ms Image
image/png 145.239.131.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/HYc7jL0/dobesttrading-com-logo-0531.png
Requested by: Host: www.xn--12cgi5cya7e7aj4cfhg.xyz
URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 763c13d577497265a63355e7a86a832fad8c68e646399d5253b51b711494b26b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
last-modified: Mon, 04 Oct 2021 05:40:57 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 65651
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
582 B 149ms
148ms XHR
application/json 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12643443&u1=F9021C5820554FA4B05AE806EEFCFD4B&java=1&security=140cf1ed&sc_snum=1&sess=508215&sc_rum_e_s=2722&sc_rum_e_e=2826&sc_rum_f_s=0&sc_rum_f_e=2718&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.xn--12cgi5cya7e7aj4cfhg.xyz/&t=%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%AA%E0%B8%B2%E0%B8%94%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%87%E0%B8%84%E0%B8%B2%20%E2%80%93%20%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%AA%E0%B8%B2%E0%B8%94%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%87%E0%B8%84%E0%B8%B2&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 699063ce7d84876a-DUS
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.xn--12cgi5cya7e7aj4cfhg.xyz
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn--12cgi5cya7e7aj4cfhg.xyz/	1970-01-20 15:14:03	Name: sc_is_visitor_unique Value: rx12643443.1633371266.F9021C5820554FA4B05AE806EEFCFD4B.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 17:31:16	Name: is_unique Value: sc12643443.1633371266.0
.statcounter.com/	1970-01-20 15:14:28	Name: is_visitor_unique Value: 1633371266157326844

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/(Line 186) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.xn--12cgi5cya7e7aj4cfhg.xyz/(Line 186) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
i.ibb.co
secure.statcounter.com
www.xn--12cgi5cya7e7aj4cfhg.xyz
xn--12cgi5cya7e7aj4cfhg.xyz
104.21.17.114
104.22.52.65
145.239.131.51
172.67.175.198
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3f9adcf0edcdc12a8e51350113ce963859bfe2460e80e654a11c2c3d9cb43631
5a71a094e54dfd8922599a9ab91459a0da2b8e09fdcbde93c2737bfb5f79073b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
763c13d577497265a63355e7a86a832fad8c68e646399d5253b51b711494b26b
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9e60fd136e18c00701b6a49e76bcb72b807de7786169d8d92a1e1a88b0ce4fa7
d6b96ebcd88975441922975f3ff294f65099b87f48367b9513a2b05472dfb621
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df728f297339bd23d110f6c175c996693898450de6dca330b381972b6a7729a6
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f34e7ea1c31430021de7f3b3b0f933ff134711f5cab089826c3db3613e5abfda

www.xn--12cgi5cya7e7aj4cfhg.xyz Open in urlscan Pro Puny www.กันสาดหลังคา.xyz IDN 104.21.17.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

5 IPs

3 Countries

270 kBTransfer

412 kBSize

3 Cookies

9 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

www.xn--12cgi5cya7e7aj4cfhg.xyz Open in urlscan Pro Puny
www.กันสาดหลังคา.xyz IDN
104.21.17.114 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

270 kB
Transfer

412 kB
Size

3
Cookies

12 HTTP transactions
1 data transactions