0242now.xyz Open in urlscan Pro
2606:4700:3037::ac43:ba03 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://narasaku.com/login.php
Effective URL:
https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Submission Tags: krdprod
Submission: On August 03 via api (August 3rd 2022, 6:55:26 am UTC) from JP — Scanned from JP

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3037::ac43:ba03, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0242now.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2022. Valid for: a year.

This is the only time 0242now.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	2606:4700:303... 2606:4700:3030::ac43:a25a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:d435	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:3b94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:edf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:ba03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3034::6815:1398	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	9

14 2606:4700:3030::ac43:a25a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

narasaku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:d435 (United States)

ASN13335 (CLOUDFLARENET, US)

qh88.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b94 (United States)

ASN13335 (CLOUDFLARENET, US)

tien96.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:edf (United States)

ASN13335 (CLOUDFLARENET, US)

0242.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:ba03 (United States)

ASN13335 (CLOUDFLARENET, US)

0242now.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1398 (United States)

ASN13335 (CLOUDFLARENET, US)

total.ebooktom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	narasaku.com 2 redirects narasaku.com	299 KB
2	0242now.xyz 0242now.xyz	86 KB
2	qh88.pro qh88.pro	34 KB
1	ebooktom.com total.ebooktom.com	629 B
1	0242.com 0242.com	967 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2902 Failed	252 B
1	tien96.com tien96.com	482 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1111	8 KB
37	8

	Domain	Requested by
14	narasaku.com	2 redirects narasaku.com
2	0242now.xyz	0242.com 0242now.xyz
2	qh88.pro	narasaku.com
1	total.ebooktom.com	0242now.xyz
1	0242.com	narasaku.com
1	api.ipify.org	narasaku.com 0242now.xyz
1	tien96.com	narasaku.com
1	use.fontawesome.com	narasaku.com
37	8

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-22`	a year	crt.sh
*.qh88.pro GTS CA 1P5	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.tien96.com E1	`2022-07-09` - `2022-10-07`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Frame ID: 36472D429099ED112A8FAD6C212079A4
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Code

Page URL History Show full URLs

http://narasaku.com/login.php HTTP 301
https://narasaku.com/login.php Page URL
https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c3... Page URL
https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c3... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

54 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

911 kB
Transfer

1849 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/?Open=normal&googlePartner=360&googleVIP=73499
Title: Đến với【SoDo0242 】 để có những khoảnh khắc tuyệt vời!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://narasaku.com/login.php HTTP 301
https://narasaku.com/login.php Page URL
https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Page URL
https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://narasaku.com/login.php HTTP 301
https://narasaku.com/login.php

Request Chain 12

https://narasaku.com/uploads/images/503996.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/3daf0f492a9581504659465c48ff6303.jpg

Request Chain 13

https://narasaku.com/uploads/images/5039961.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/605b91d9a675674d6aea31cf1542870e.jpg

Request Chain 14

https://narasaku.com/uploads/images/5039962.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/60b895da6ce8c766c00197809b751354.jpg

Request Chain 15

https://narasaku.com/uploads/images/774215.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/f7d23ef117d0247f8c58e6e542f4f830.jpg

Request Chain 16

https://narasaku.com/uploads/images/88846.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/71d6d888e00a8d4ab22c012739d34696.jpg

Request Chain 17

https://narasaku.com/uploads/images/314151.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/fb315693420a002454c0f35bc25fcb93.jpg

Request Chain 18

https://narasaku.com/uploads/images/235476.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/19e0ba893681dfbd75bebf1f9a5d7952.jpg

Request Chain 19

https://narasaku.com/uploads/images/49956.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/eae88cb0b92b68da723dc2d97a0ecd98.jpg

Request Chain 20

https://narasaku.com/uploads/images/655472.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/7deeb99625925fb15cfc3fe64f2a7538.jpg

Request Chain 21

https://narasaku.com/uploads/images/62663.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/daead9fcc216db924f20bb11c3a90ebc.jpg

Request Chain 24

https://narasaku.com/uploads/images/349689.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/5c7aec88a2034875814caaa1a31e2bb9.jpg

Request Chain 25

https://narasaku.com/uploads/images/135295.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/08f527171aa5d174909f8d4c87c44147.jpg

Request Chain 27

https://narasaku.com/uploads/images/574804.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/bd918df934190a961dd72f88f0523dc6.jpg

Request Chain 28

https://narasaku.com/uploads/images/965270.jpg HTTP 301
https://narasaku.com/template/news/youHuaV1/static/picture/6023279f33f4d1578494509c7c179358.jpg

37 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	login.php Show response narasaku.com/ Redirect Chain http://narasaku.com/login.php https://narasaku.com/login.php	61 KB 14 KB	693ms 680ms	Document text/html	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `077175f7b504f20232a69698e8762bca09d31465d6176b996940928a0028fc12` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 734d25a5df6480c5-NRT content-encoding br content-type text/html; charset=utf-8 date Wed, 03 Aug 2022 06:55:20 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Flh1tPncV%2FqyW114%2Bk4osQ9IxX3H%2FwRyMbfwZ3XKhu126nzypqicinRJJJ5cpOSairJAj96z8Vcu%2FhtVjmj1clpeskwV8gJQLcRgW5wpD9pVtyLGPvfYpDkzsltoxtrz1TDvQpjF1kYmXY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers CF-RAY 734d25a5ada5af54-NRT Cache-Control max-age=3600 Connection keep-alive Date Wed, 03 Aug 2022 06:55:19 GMT Expires Wed, 03 Aug 2022 07:55:19 GMT Location https://narasaku.com/login.php NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FuYPbTAtLbbVCX%2Fye9Or0VoOh4hLAeM1F8hx5UwPcDuRvciMEWn0kESOf9%2B7Ibo6rDlZDkd19nxuGteyo11EmGB8suhScr%2F6fH4FvyW4wlp2vx%2F2EuiJ6cBABBkksnTWqBLhTr6OaZENt4%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.css narasaku.com/template/news/youHuaV1/static/css/	7 KB 2 KB	34ms 23ms	Stylesheet text/css	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/static/css/style.css Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8837c25245a7d8fd6de05389d03dd549b16fc96962c5a8e390be344092c458d9` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Jun 2022 15:08:58 GMT server cloudflare age 866 etag W/"62bb198a-1a0e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZxuMQ03p%2Ft9utHAE7sAdj5liaUA%2BgJJC%2B0s0ibbGdb9%2F1XYkdMJ2tJS%2FeS6Qmk1ny4JZ%2FtMhQYwk6RAE3qsct3xPFkKvhv0HAyfUFnW6TcX%2BMjmsZpr7CrsmQTE8Mh4884HP4fKKzx1KAE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aa3e2980c5-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	all.css use.fontawesome.com/releases/v5.0.8/css/	35 KB 8 KB	41ms 7ms	Stylesheet text/css	2606:4700:3032::ac43:a9f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.8/css/all.css?ver=5.0.8 Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2350588 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id RJPCG7V1G4RWFZBD x-amz-id-2 4qBoqQRO9f1EUW6+sPjmF7JjUQpgVCd8fclCX8MZci2rRqgRN//INKccSKdgCIhZbscUAQ/Nij4= last-modified Wed, 30 Jun 2021 15:28:03 GMT server cloudflare etag W/"265a36ec650d63e307e611cdf14d9b89" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwGlLyfNrklj7eDgGrkK47moRu0aA%2FIfwm%2FmmSbe7H7%2BSy3Z13Y%2F20E8R8oBLrxQGplAF60F6o8%2BWIIzLXKe4570Y0Ss2qZVrI89KhTZ5Zi4%2Fv%2FlgUqYQxKV8IbomitTIYal0o8w%2BAgT4zAAuw04oYD6"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 734d25aa5cf1af70-NRT
GET H2	200	flatsome9dd7.css narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/	169 KB 32 KB	22ms 12ms	Stylesheet text/css	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/flatsome9dd7.css?ver=3.14.3 Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97e896f26810fbc8624e7501b76c3a72c3eeeb0149632091d908e4304da12af1` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 17 Sep 2021 04:01:14 GMT server cloudflare age 866 etag W/"6144130a-2a4af" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muXU%2B3oY8ln9OdbOVN%2FWCwLRjoSCcXFnhxxmAEqAtMMXVBDiNF0%2FzrYY0Maif%2BUlhtt3GWYa9YnGFgFN%2BR%2BSAdf2Zu1Gg7Z5Nbt0Xg2EZMn1smt%2FBhA1BGPPYsqDJcQIVWVvsuFuRtxWOFo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aa3e2e80c5-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.js Show response narasaku.com/template/news/youHuaV1/static/js/jquery/	281 KB 84 KB	27ms 17ms	Script application/javascript	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/static/js/jquery/jquery.js Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Sun, 10 Jul 2022 09:42:36 GMT server cloudflare age 866 etag W/"62ca9f0c-4638e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QP%2FRNVghoGYAD4Vzf%2BmkrwQIel5UGMfTTypXOeY8q3Nk69mc8eQejXJSlnzaaGfzOt4Uthb0a9dLWkkehBJ26aeKqQRJJDvYUZo6Xr94NEVel7aH7ODVziqXzZls5NRrEUXOgNBaFU6%2B%2B8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aa3e3080c5-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.minaf6c.js Show response narasaku.com/template/news/youHuaV1/static/js/jquery/	87 KB 32 KB	24ms 15ms	Script application/javascript	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/static/js/jquery/jquery.minaf6c.js Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Jun 2022 15:09:06 GMT server cloudflare age 866 etag W/"62bb1992-15db1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRgFU3HLT3OqnXxB1GuyY3zYkC15jsTmtW8gudCL%2B2L5t2hFnzjwFJZZHAzRodEr6keNcH6jj3m%2FtpXv4lcAbwGRCPaHQpT9PdeGgjAGM9t4%2F5azY1MVTMRRuacHsHzofzVqxHLzunNCcg0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aa3e3180c5-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-migrate.mind617.js Show response narasaku.com/template/news/youHuaV1/static/js/jquery/	11 KB 5 KB	19ms 11ms	Script application/javascript	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/static/js/jquery/jquery-migrate.mind617.js Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Jun 2022 15:09:05 GMT server cloudflare age 866 etag W/"62bb1991-2bd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0NEFK1aEX7LmxFV5Wi9LAV4fT7mOE2hSDOfqBtFjJ5m3jb8U0XDkxt3r1PMTXV2lxekp%2F3e%2FRTTtl6tC2NbNbNId9eDARSrtqcHqCwLaTHcEU9qMpjS2o%2BUvztaU6qqYAypyk2F5Dc0YVg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aa3e3280c5-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	flatsome.css qh88.pro/wp-content/themes/flatsome/assets/css/	169 KB 32 KB	252ms 13ms	Stylesheet text/css	2606:4700:3030::ac43:d435 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qh88.pro/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.3 Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:d435 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f760533e83acaa8bf1242efd61cc358f88706ca7ddbe5893144fd7e878af1db8` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 158597 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 17 Sep 2021 04:01:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PFNM3LRqBQ5W8hVVVKi%2BKzkpudcWYGbbsZRJlEmCK%2BVKku%2FjgaGXDbR8Cqaz16On6vddV5TL12MbJeWFwR33ISZ0BVPf5jyoZWNFO3pP7xPpFB%2FZS3pLCh9IXQ0RQW3cWjYlx50gQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 734d25abbed98a7a-NRT expires Mon, 08 Aug 2022 10:52:03 GMT
GET H2	200	screen.min.css qh88.pro/wp-content/plugins/easy-table-of-contents/assets/css/	5 KB 2 KB	246ms 9ms	Stylesheet text/css	2606:4700:3030::ac43:d435 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qh88.pro/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17 Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:d435 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 140821 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 13 Jul 2021 04:13:57 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6Qp2oPWPw80LHNZTrai%2FCrVkkMBP1l03nbp6W889jUm3BlYe0%2B5MXJlhQUKdkHKU%2BlkunyYQ8UFqP7VrHhONJrVx0lzdA%2FGUHFUaTfE9RPSLKxL4LUG3nLwmtpll6dQMqj9jgiluw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 734d25abbedb8a7a-NRT expires Mon, 08 Aug 2022 15:48:19 GMT
GET H2	200	style2.css narasaku.com/template/news/youHuaV1/static/css/	23 KB 5 KB	14ms 9ms	Stylesheet text/css	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/static/css/style2.css Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae85f8263336d0f044f03b5de886daa788bfe33232d1092b8db437f4144e995d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Tue, 28 Jun 2022 15:08:59 GMT server cloudflare age 866 etag W/"62bb198b-5bd7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTfEBoXKX2pKcw7tkW3%2BRxLBv6F%2FqXQ9GlOingcoLRdhAwcYvxd7%2FBeK8rvnPSCiITGmPV52tZpdpupdPeqbS17Flt%2FGsIF5n%2F6FPu%2FjNJuhMLX6vKOfCl%2BtShKlUuhib7dbLD1S1Js51gA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aa3e2f80c5-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	demoLogo.png narasaku.com/template/news/youHuaV1/static/images/	70 KB 71 KB	10ms 9ms	Image image/png	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://narasaku.com/template/news/youHuaV1/static/images/demoLogo.png Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5ae14db14c9bae4f773c994d7b4b1083684d0f7566ad557bdee298c98b288d7e` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 865 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 71933 last-modified Tue, 28 Jun 2022 15:08:57 GMT server cloudflare etag "62bb1989-118fd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSOUTo2laFBEr3ezdnlH0l9B0BHYL9qHxlLVbClgbtu5H%2FJq7DXKnIRLn%2BDlZEvgS1pTUZe4DRt6FeDoF6HZFs29v5vkrP%2BYEnU%2FHnXKCvFoK8qFONpVuUKD7wF1g3YjT4eQmJ0qk6W16AE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 734d25aaaba0b015-NRT
GET H2	200	720x90-1.gif tien96.com/template/news/temp2/assets/images/	481 KB 482 KB	431ms 13ms	Image image/gif	2606:4700:3032::6815:3b94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tien96.com/template/news/temp2/assets/images/720x90-1.gif Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3b94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 98571 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 492895 last-modified Sat, 14 May 2022 14:18:49 GMT server cloudflare etag "627fba49-7855f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG7SlDeBBk7WWkdd%2BgoQNI8IGnnUnyM%2BTzq5mtLHJI31%2B%2BqXpuuZY%2BTAvj7kF%2F%2BzaGE4BS1Sm7L9HkXltKyDZJ5LF2Met3t4ltu%2FfAOBxjlqEG9SJeqqKKSnUQc9ApKCsAjSiNnFcTDn"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 734d25ad4b638089-NRT expires Thu, 01 Sep 2022 03:32:30 GMT
GET		3daf0f492a9581504659465c48ff6303.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/503996.jpg https://narasaku.com/template/news/youHuaV1/static/picture/3daf0f492a9581504659465c48ff6303.jpg	0 0

GET		605b91d9a675674d6aea31cf1542870e.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/5039961.jpg https://narasaku.com/template/news/youHuaV1/static/picture/605b91d9a675674d6aea31cf1542870e.jpg	0 0

GET		60b895da6ce8c766c00197809b751354.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/5039962.jpg https://narasaku.com/template/news/youHuaV1/static/picture/60b895da6ce8c766c00197809b751354.jpg	0 0

GET		f7d23ef117d0247f8c58e6e542f4f830.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/774215.jpg https://narasaku.com/template/news/youHuaV1/static/picture/f7d23ef117d0247f8c58e6e542f4f830.jpg	0 0

GET		71d6d888e00a8d4ab22c012739d34696.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/88846.jpg https://narasaku.com/template/news/youHuaV1/static/picture/71d6d888e00a8d4ab22c012739d34696.jpg	0 0

GET		fb315693420a002454c0f35bc25fcb93.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/314151.jpg https://narasaku.com/template/news/youHuaV1/static/picture/fb315693420a002454c0f35bc25fcb93.jpg	0 0

GET H3	200	19e0ba893681dfbd75bebf1f9a5d7952.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/235476.jpg https://narasaku.com/template/news/youHuaV1/static/picture/19e0ba893681dfbd75bebf1f9a5d7952.jpg	0 536 B	228ms 227ms	Image image/jpeg	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://narasaku.com/template/news/youHuaV1/static/picture/19e0ba893681dfbd75bebf1f9a5d7952.jpg Protocol H3 Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:21 GMT cf-cache-status MISS last-modified Sat, 14 May 2022 03:02:22 GMT server cloudflare etag "627f1bbe-0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYkkxCRznruMyFAuW%2Bt2Y5rzrYINhlyi4A27p0zB8iPASs%2FMk%2BR4zWprkBAuRZtSOc5COSGV%2F%2F5Z4%2FkIxOOlYQ9YehrsoXYKJAHD8Z94AGWUmR5k812mZwTM8eX59eApIj7Mg870VHBuvGg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734d25ac8ea0b015-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 Redirect headers date Wed, 03 Aug 2022 06:55:21 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxFMVxtC4lBt70poQKT3dLgKm95quDTEAkzZGCp8BM%2FXIqWNljnK5XUuQGbtfcbUP1ATSjUJ0cevsiASD6wacbsw9UKFITA9SIb1psFxoTYuh%2F8CZ7QDC3quMojq6Mb%2B86X8Bw7fbR5rsUw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpg; charset=UTF-8 location /template/news/youHuaV1/static/picture/19e0ba893681dfbd75bebf1f9a5d7952.jpg cache-control max-age=14400 cf-ray 734d25aaabbcb015-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		eae88cb0b92b68da723dc2d97a0ecd98.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/49956.jpg https://narasaku.com/template/news/youHuaV1/static/picture/eae88cb0b92b68da723dc2d97a0ecd98.jpg	0 0

GET		7deeb99625925fb15cfc3fe64f2a7538.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/655472.jpg https://narasaku.com/template/news/youHuaV1/static/picture/7deeb99625925fb15cfc3fe64f2a7538.jpg	0 0

GET		daead9fcc216db924f20bb11c3a90ebc.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/62663.jpg https://narasaku.com/template/news/youHuaV1/static/picture/daead9fcc216db924f20bb11c3a90ebc.jpg	0 0

GET H3	200	hot.gif narasaku.com/template/news/youHuaV1/wp-content/uploads/2021/09/	197 B 744 B	13ms 12ms	Image image/gif	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://narasaku.com/template/news/youHuaV1/wp-content/uploads/2021/09/hot.gif Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 865 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 197 last-modified Fri, 17 Sep 2021 04:05:24 GMT server cloudflare etag "61441404-c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73N8iOar0hef9l%2B%2F4qxhuWrcX4oSEvKxKjCfZVrWpFCGMOnZ6y7bHpELlPd3W%2BIjnXhYeHu5Kg9MQ%2F%2Bk0Wz5V8xucmUc50lQGzdO1It8799tqZuodfG37zQ2Gyb2gw7rWhLovon6h9pvGtE%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 734d25aaabc3b015-NRT
GET H3	200	flatsome7b00.js Show response narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/js/	157 KB 46 KB	14ms 13ms	Script application/javascript	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/js/flatsome7b00.js Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `92c7a2250d9acb8e861340ab23388d0f9a0e92a04dfb6ec0bea7bbb9fa0a6b64` Request headers accept-language jp-JP,jp;q=0.9 Referer https://narasaku.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT content-encoding br cf-cache-status HIT last-modified Fri, 17 Sep 2021 04:01:14 GMT server cloudflare age 865 etag W/"6144130a-27252" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLCyfIeMex1gr1V36k67kYKQd%2F%2BYsvKMskGulCsXy55F1D50yYei2CG012MNVX0JVGi6DTINbtgNrRzL9LwW%2BD5L%2FE341RcjHytlDHPKJusK6e%2Bze021hB24v7DIklAGGZBnJw8ciiZiRgw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 734d25aabbd4b015-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		5c7aec88a2034875814caaa1a31e2bb9.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/349689.jpg https://narasaku.com/template/news/youHuaV1/static/picture/5c7aec88a2034875814caaa1a31e2bb9.jpg	0 0

GET		08f527171aa5d174909f8d4c87c44147.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/135295.jpg https://narasaku.com/template/news/youHuaV1/static/picture/08f527171aa5d174909f8d4c87c44147.jpg	0 0

GET		775834.jpg narasaku.com/uploads/images/	0 0

GET		bd918df934190a961dd72f88f0523dc6.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/574804.jpg https://narasaku.com/template/news/youHuaV1/static/picture/bd918df934190a961dd72f88f0523dc6.jpg	0 0

GET		6023279f33f4d1578494509c7c179358.jpg narasaku.com/template/news/youHuaV1/static/picture/ Redirect Chain https://narasaku.com/uploads/images/965270.jpg https://narasaku.com/template/news/youHuaV1/static/picture/6023279f33f4d1578494509c7c179358.jpg	0 0

GET		600963.jpg narasaku.com/uploads/images/	0 0

GET H3	200	fl-iconsae55.woff2 narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/icons/	7 KB 7 KB	9ms 9ms	Font font/woff2	2606:4700:3030::ac43:a25a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/icons/fl-iconsae55.woff2 Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `343b461359461daad66cca6ae40315cd78bf58ebe79eca9af84596d3d873c209` Request headers Referer https://narasaku.com/login.php Origin https://narasaku.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:20 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 865 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6752 last-modified Fri, 17 Sep 2021 04:01:14 GMT server cloudflare etag "6144130a-1a60" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiMrDTNk0Dck4M%2BdpsSxW4w3F7MrvZ%2FYa%2F48EFF0se9syAWJlJ4z3tRLNnBBMncg8HM9HN39m%2FVeISC63DBTMyprdNle2LJOU5dAJJKXmYWRt1%2Fh%2F1PgtFuJXJY0daEuYeJaFUQ4KAcvJcs%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 734d25abed9ab015-NRT
GET		/ api.ipify.org/	0 0

GET H2	200	/ 0242.com/	936 B 967 B	518ms 240ms	Document text/html	2606:4700:3034::6815:edf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Requested by Host: narasaku.com URL: https://narasaku.com/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:edf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://narasaku.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 734d25ae08beaf55-NRT content-encoding br content-type text/html date Wed, 03 Aug 2022 06:55:21 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 18 May 2022 09:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T76cemUXPYEq5feCrPQKHAkDZTxS%2BDYe4FeL4Y8pVkQuyvZAWz1FDlLFaMHrpoxzqeMiXzkw5AUgzrZmJCGfnk3LX%2B59Zijoq8HFamg9%2BxkV1wz34pFjWXOzTGXel3CtwHxQLovRfw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	Primary Request / Show response 0242now.xyz/	4 KB 2 KB	491ms 249ms	Document text/html	2606:4700:3037::ac43:ba03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Requested by Host: 0242.com URL: https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:ba03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4994b180190cb220a054f8bfdf9c9022c72d57e00bd4b8a9a47a19e1c4ef843a` Request headers Referer https://0242.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 734d25b18850b011-NRT content-encoding br content-type text/html date Wed, 03 Aug 2022 06:55:22 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 20 Jul 2022 16:19:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1eIJ5viE8Nf1vWn2BXa1oQH9ByBgg7HZZbDlHyxNA7BOj5jYsCBddxFPuozDriq4l%2FFAzAyTWjSV4MI3huArhMRzRzC%2FrvAI%2Fgmk39Z1e1WMD96jWJQ1eexZEMe0zXmGFtO9nZu3BJNYA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	jquery.js Show response 0242now.xyz/assets/js/	281 KB 84 KB	32ms 19ms	Script application/javascript	2606:4700:3037::ac43:ba03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0242now.xyz/assets/js/jquery.js Requested by Host: 0242now.xyz URL: https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ba03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37` Request headers accept-language jp-JP,jp;q=0.9 Referer https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 06:55:22 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 19617 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 18 May 2022 06:44:15 GMT server cloudflare etag W/"628495bf-4638e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FxapuqrKzHR6BLmbAnYgqQyl7AqLm4LeBO03KyRtP7Gbw0%2B98nxTr9GW%2FL7tp3hMFxMR64JsWe%2BJFWAAwV5gz%2FOy6m%2BfW8gInH3xRVIkDuf2HGRlmyW5ogoGuSVZfHz2bCFq9tDE8QYXw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 734d25b338cdaf58-NRT expires Wed, 03 Aug 2022 13:28:25 GMT
GET H/1.1	200 OK	/ Show response api.ipify.org/	24 B 252 B	528ms 180ms	XHR application/json	54.91.59.199 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: 0242now.xyz URL: https://0242now.xyz/assets/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-91-59-199.compute-1.amazonaws.com Software Cowboy / Resource Hash `12f4553a44006de83dfd2a5707a1d742c4f292c95bcb3efc2e42915fce8ec269` Request headers Accept / Referer https://0242now.xyz/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 06:55:22 GMT Via 1.1 vegur Server Cowboy Vary Origin Content-Type application/json Access-Control-Allow-Origin https://0242now.xyz Connection keep-alive Content-Length 24
POST H2	200	/ Show response total.ebooktom.com/api/add_traffic_tj/	51 B 629 B	155ms 130ms	XHR application/json	2606:4700:3034::6815:1398 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://total.ebooktom.com/api/add_traffic_tj/ Requested by Host: 0242now.xyz URL: https://0242now.xyz/assets/js/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1398 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `26c501536b8dfb0e3abb319fe797e1f5a3e58ad906d3e7da6a838e5bb65a23ae` Request headers Accept / Referer https://0242now.xyz/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 03 Aug 2022 06:55:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByNMMo25rH2bXioxQ4QvajK0iIqJw%2FRpg9zZzE1Qx5%2FP0O565j29uJYrsknzOW0qMXnqp6VYJtfavNlQqeecv%2BjkRPBNAGbOE6FTV6QLlqyc2EC%2Bhx3wwR6SnZ3tvvM8PalDdrDs8Fyn1YrgXaJCkJM%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://0242now.xyz access-control-allow-credentials true cf-ray 734d25b71c701fc3-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/3daf0f492a9581504659465c48ff6303.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/605b91d9a675674d6aea31cf1542870e.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/60b895da6ce8c766c00197809b751354.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/f7d23ef117d0247f8c58e6e542f4f830.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/71d6d888e00a8d4ab22c012739d34696.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/fb315693420a002454c0f35bc25fcb93.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/eae88cb0b92b68da723dc2d97a0ecd98.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/7deeb99625925fb15cfc3fe64f2a7538.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/daead9fcc216db924f20bb11c3a90ebc.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/5c7aec88a2034875814caaa1a31e2bb9.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/08f527171aa5d174909f8d4c87c44147.jpg

Domain: narasaku.com
URL: https://narasaku.com/uploads/images/775834.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/bd918df934190a961dd72f88f0523dc6.jpg

Domain: narasaku.com
URL: https://narasaku.com/template/news/youHuaV1/static/picture/6023279f33f4d1578494509c7c179358.jpg

Domain: narasaku.com
URL: https://narasaku.com/uploads/images/600963.jpg

Domain: api.ipify.org
URL: https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://narasaku.com/login.php(Line 709) Message: Mixed Content: The page at 'https://narasaku.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/349689.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://narasaku.com/login.php(Line 709) Message: Mixed Content: The page at 'https://narasaku.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/135295.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://narasaku.com/login.php(Line 709) Message: Mixed Content: The page at 'https://narasaku.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/775834.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://narasaku.com/login.php(Line 709) Message: Mixed Content: The page at 'https://narasaku.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/574804.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://narasaku.com/login.php(Line 709) Message: Mixed Content: The page at 'https://narasaku.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/965270.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://narasaku.com/login.php(Line 709) Message: Mixed Content: The page at 'https://narasaku.com/login.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/600963.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0242.com
0242now.xyz
api.ipify.org
narasaku.com
qh88.pro
tien96.com
total.ebooktom.com
use.fontawesome.com
api.ipify.org
narasaku.com
2606:4700:3030::ac43:a25a
2606:4700:3030::ac43:d435
2606:4700:3032::6815:3b94
2606:4700:3032::ac43:a9f7
2606:4700:3034::6815:1398
2606:4700:3034::6815:edf
2606:4700:3037::ac43:ba03
54.91.59.199
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
077175f7b504f20232a69698e8762bca09d31465d6176b996940928a0028fc12
12f4553a44006de83dfd2a5707a1d742c4f292c95bcb3efc2e42915fce8ec269
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
26c501536b8dfb0e3abb319fe797e1f5a3e58ad906d3e7da6a838e5bb65a23ae
343b461359461daad66cca6ae40315cd78bf58ebe79eca9af84596d3d873c209
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4994b180190cb220a054f8bfdf9c9022c72d57e00bd4b8a9a47a19e1c4ef843a
5ae14db14c9bae4f773c994d7b4b1083684d0f7566ad557bdee298c98b288d7e
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522
8837c25245a7d8fd6de05389d03dd549b16fc96962c5a8e390be344092c458d9
92c7a2250d9acb8e861340ab23388d0f9a0e92a04dfb6ec0bea7bbb9fa0a6b64
97e896f26810fbc8624e7501b76c3a72c3eeeb0149632091d908e4304da12af1
ae85f8263336d0f044f03b5de886daa788bfe33232d1092b8db437f4144e995d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
f760533e83acaa8bf1242efd61cc358f88706ca7ddbe5893144fd7e878af1db8

0242now.xyz Open in urlscan Pro 2606:4700:3037::ac43:ba03 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

54 %HTTPS

88 %IPv6

8 Domains

8 Subdomains

9 IPs

1 Countries

911 kBTransfer

1849 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

0242now.xyz Open in urlscan Pro
2606:4700:3037::ac43:ba03 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

54 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

911 kB
Transfer

1849 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions