0xr.dev Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://0xr.dev/
Effective URL:
https://0xr.dev/
Submission: On July 17 via api (July 17th 2024, 2:19:13 pm UTC) from US — Scanned from NL

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 0xr.dev.
TLS certificate: Issued by WE1 on June 6th 2024. Valid for: 3 months.

This is the only time 0xr.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:4::b818:4dab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	5

11 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

0xr.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
streamer.0xr.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

streamer.0xr.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:4::b818:4dab (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

avatars.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	0xr.dev 1 redirects 0xr.dev streamer.0xr.dev	5 MB
1	steamstatic.com avatars.steamstatic.com — Cisco Umbrella Rank: 11042	9 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	20 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
15	4

	Domain	Requested by
10	0xr.dev	1 redirects 0xr.dev
3	streamer.0xr.dev	0xr.dev
1	avatars.steamstatic.com
1	cdn.jsdelivr.net	0xr.dev
1	code.jquery.com	0xr.dev
15	5

This site contains links to these domains. Also see Links.

Domain
steamcommunity.com
discord.gg

Subject Issuer	Validity	Valid
0xr.dev WE1	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
avatars.akamai.steamstatic.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://0xr.dev/
Frame ID: 5CEB1937FC1E35332AE8DB0BB276089E
Requests: 13 HTTP requests in this frame

Frame: https://0xr.dev/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: 6E4083F4016611E8F07473617C5022C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

0xr.

Page URL History Show full URLs

http://0xr.dev/ HTTP 307
https://0xr.dev/ Page URL

Detected technologies

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

93 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

5218 kB
Transfer

6199 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://steamcommunity.com/id/bundesrepublik/
Title: steam

Search URL Search Domain Scan URL

URL: https://discord.gg/mmpjaWfs9V
Title: discord

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://0xr.dev/ HTTP 307
https://0xr.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://0xr.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://0xr.dev/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
0xr.dev/
Redirect Chain

http://0xr.dev/
https://0xr.dev/

4 KB
2 KB

1309ms
1194ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.7
Resource Hash: 608f1322fedc5dc17e8f2af0f18f51ad5f7a70a37deb90430e854e3f852a6448

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a4add7c1d691e6a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 Jul 2024 14:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ChY%2Bpo%2FgdcAZ5HyDP19jq8Og%2BaBSJ25ybv59UrUf779G5KAglVqwPoQ1Ty8hwnwPT0pzjr8vyvLu7tYWy07ZENgnzXN1lzpKb6twdKSlapmPgmZv9zYV9xna"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.3.7
x-served-by: 0xr.dev

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://0xr.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 0xr.title.js Show response
0xr.dev/assets/js/ 2 KB
1 KB 144ms
143ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/assets/js/0xr.title.js
Requested by: Host: 0xr.dev
URL: https://0xr.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 033e9aab0a4bdf12d1a8fb371e69dd22a90e03888e00651ec15ef5a7e2c71ab3

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:08 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 783
x-served-by: 0xr.dev
server: cloudflare
etag: "72b-5fe57822d8f5f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ap299%2B1R60eIR5sjBRUD4tRH3ii2CEOLtK01ONy0s6%2FKR%2FSQ3QalFSGWUX8kLIc8MlV9L1uig9fQWtRRnVzbk52Hl3WNWkvsL1llpxbrNvl2KbESXPeHLL06"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8a4add839a111e6a-FRA
expires: Thu, 18 Jul 2024 00:30:00 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 262ms
90ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: 0xr.dev
URL: https://0xr.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2630520
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mad2200116-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1721225949.913135,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 45, 486497

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 75 KB
20 KB 96ms
41ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: 0xr.dev
URL: https://0xr.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ee43eface9911111888dc5cdec39c1b540d3c15046cb87a9db2a5c29d10fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19776
x-jsd-version: 11.12.2
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19517
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21927-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"12d1d-l7UPktVjf6+AGtRLTBXercd7dmA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLlWg2Av74RGEtBNlcjVcelbAJ3B5wDbA73r6ma%2F2Ph1hp5fXx%2BJGixrT7CWILSWa2K3efcXnnWbjJxuREVCI1LWgeDSjDBYRgjOxSx67aHKvo6q0ndUY5jbSaBNiZt28PaiDuWNOc4IGNZ525M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a4add849b338ed5-FRA

GET
H3 200 xd.css
0xr.dev/assets/css/ 3 KB
1 KB 141ms
141ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/assets/css/xd.css
Requested by: Host: 0xr.dev
URL: https://0xr.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2adc2e52053fff27f845eb0a3cd270586e68656cfdeab9ffdf97867137924e7

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:08 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 880
x-served-by: 0xr.dev
server: cloudflare
etag: "a23-5fe5781267e13-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMdvRmR4MjmfXdGGsQbjd9ubG2WktWBL9WYbyHDempMyDd3RXOR2CyKY%2FN2zAPKi1qmAvODvbkYqotcyoNdgvt%2BiSqPQzwMIIKXmeoOzNenk2PW0AkZ%2FIzPm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8a4add839a141e6a-FRA
expires: Thu, 18 Jul 2024 00:30:00 GMT

GET
H3 200 email-decode.min.js Show response
0xr.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 66ms
65ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0xr.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: 0xr.dev
URL: https://0xr.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jul 2024 17:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6691639c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewr2b56ki6cNaubHrgVxg32x%2BcjDTKh0%2F5xeBaHo4MRf%2Bvxf4nfxb33OKjB2FcKbvbi%2Faec0vw9oM0Q8uHE%2Fqy8zs%2F0aHORmQIIdvohvZQvG5OUvHCiRTGCU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a4add839a191e6a-FRA
expires: Fri, 19 Jul 2024 14:19:08 GMT

GET
H3 200 0xr.security.js Show response
0xr.dev/assets/js/ 1 KB
1 KB 83ms
83ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/assets/js/0xr.security.js
Requested by: Host: 0xr.dev
URL: https://0xr.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e27c0a8a6e1d7cdaad8e8cf96c12fb4d5e7fe5fd7ebed2ff2b4de9778720cdef

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 638
x-served-by: 0xr.dev
server: cloudflare
etag: "5a9-5fe57822ab0fb-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XXiX4GIAvcy1JYhmGQDgsApo89kTLYvbRB%2BpIBEVTm%2BWp6zRm6sfkOhNVrxI2o0364T%2BTwBl%2FZQg7hvp9Yj9qScuP6VN%2FjuM4q2wb6bP2WkCsHlk3mb%2BtLZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8a4add84fc091e6a-FRA
expires: Thu, 18 Jul 2024 00:30:00 GMT

GET
H3 200 0xr.video.js Show response
0xr.dev/assets/js/ 2 KB
1 KB 82ms
81ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/assets/js/0xr.video.js
Requested by: Host: 0xr.dev
URL: https://0xr.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceae52c47bfb124b1d32219a1372fbae54d751ee1a4115d6d357b8023054bfde

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 786
x-served-by: 0xr.dev
server: cloudflare
etag: "6b1-5fe57822d8f5f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jv7VIagmuA8cPmRmpm8dz4BkM28EL6ximquE9ESS2ltAstL9wBUoQmf4FUBdnXN3Uc4HoD98AOwiP1skxYYlie7TzDOK4yHDPofh8jWGdzs%2F2Ljevm2NC%2Byp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8a4add853c911e6a-FRA
expires: Thu, 18 Jul 2024 00:30:00 GMT

GET
H3 200 raleway-v28-latin-100.woff2
0xr.dev/assets/css/font/ 20 KB
20 KB 66ms
66ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/assets/css/font/raleway-v28-latin-100.woff2
Requested by: Host: 0xr.dev
URL: https://0xr.dev/assets/css/xd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7632a87c14efbd8b876c0c3f330a11c75f0986ea87bfce5e40123e936cd681a5

Request headers

Referer: https://0xr.dev/assets/css/xd.css
Origin: https://0xr.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Jun 2023 18:31:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4e74-5fe57812bae3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXcBF%2F8LpwV1gnNbYF1J1ONj6QgEa1Z6FEye9QU4%2BOML3NayL1ND1mcYapL4Bln%2BPpPHXeY4WmZj0dcZPGXugq6QdMmhX%2B8r24Rx6P57iDvGDv6MRjQhZhsF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8a4add854ca41e6a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20084
x-served-by: 0xr.dev

GET
H2 206 video
streamer.0xr.dev/ 5 MB
5 MB 166ms
92ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamer.0xr.dev/video?n=sage-dynasty
Requested by: Host: 0xr.dev
URL: https://0xr.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f04369cf5fbe62c64d084afdcecb27d09fe028dda89059379e1ce4851cd902c8

Request headers

Referer: https://0xr.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 Jul 2024 14:19:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
Content-Range: bytes 0-5242879/50565317
alt-svc: h3=":443"; ma=86400
Content-Length: 5242880
x-served-by: streamer.0xr.dev
server: cloudflare
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: https://0xr.dev
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTui4MpQzB2TLzuNm4xMl8wf6KEGWR%2F9L5pvOjcR8zpK%2B5z6GylMZzjRa0aGC9jo2%2BdeNqgHsV1Fzjn%2FOAVvsE6rp%2BFxQ5zFPxn6CTPwWo8bWsNWxLCXLJ4sPuePIIoBwpuwHFSAYd7YMizsM3Pl"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a4add85ce9b4da1-FRA
access-control-allow-headers: Content-Type

GET
H3

200

main.js Show response
0xr.dev/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame 6E40
Redirect Chain

https://0xr.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://0xr.dev/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
4 KB

40ms
40ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0xr.dev/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Requested by

Host: 0xr.dev
URL: https://0xr.dev/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66ca66d2b03e8ecf842e52526799d024aae0619479355d31d322b20a9e38e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5n8jAwFkn4K%2Baa2%2F2eJbt92n35J9bfEc9rq%2BV%2Bv0vPLwbqnT1kz%2F8UUuLaOr%2BIgqlu50UnvewmZ%2FGkkaWC2GgGfYE%2FN4RDG%2Fvlu5oflrE0s44DHcRCDIzJ1w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a4add858cec1e6a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 17 Jul 2024 14:19:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jUr0hEtWeAoemYbT6POh4yu7DBnq1YM6aNGwOhqw9Z6rOpb1OomCrtnn12239eYcNYXrE%2BMtLDnRor6B0TXsC%2BwLIOVavCraVPEnbxQEnocIm6zYiqhIRn4b"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a4add855cb61e6a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8a4add7c1d691e6a Show response
0xr.dev/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6E40 0
660 B 370ms
362ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0xr.dev/cdn-cgi/challenge-platform/h/g/jsd/r/8a4add7c1d691e6a
Requested by: Host: 0xr.dev
URL: https://0xr.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Jul 2024 14:19:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8ai5WFyCmb1vCRtBscL7fkIMSLQCimJrWd1IGYOUB8XThXMmJYBiTmhSc87LX5ZLnH1%2Fc37uENYU3JLlbX%2B55upAsluQEk8fDvXP2gzK2z49hMZqUoNkMZs"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8a4add866e541e6a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 5d899a6476d01be27d985252daeb29fe812cbfc8_full.jpg
avatars.steamstatic.com/ 9 KB
9 KB 905ms
302ms Other
image/jpeg 2a02:26f0:3500:4::b818:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://avatars.steamstatic.com/5d899a6476d01be27d985252daeb29fe812cbfc8_full.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:4::b818:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 486ddbf939f9e043a18ac675556385ab12a7e14de219318c3200548d921f3b4f

Request headers

Referer: https://0xr.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 14:19:10 GMT
last-modified: Thu, 29 Jun 2023 20:45:49 GMT
server: nginx
etag: "dd7f5db36e1e2d913aac75dd1fd9bd2f"
x-guploader-uploadid: ACJd0Nq5jjc_JR6dArAaYTle4glsH_ZtjQdJbX4bdCViISwuRT06wNQN1-4Ip4B0-NwEtLZ4RQn-xusj6Q
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315359982
accept-ranges: bytes
content-length: 9011
expires: Sat, 15 Jul 2034 14:18:52 GMT

GET
H2 206 video
streamer.0xr.dev/ 259 KB
0 56ms
55ms Media
video/mp4 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamer.0xr.dev/video?n=sage-dynasty
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer: https://0xr.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=5242880-

Response headers

date: Wed, 17 Jul 2024 14:19:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
Content-Range: bytes 5242880-10485759/50565317
alt-svc: h3=":443"; ma=86400
Content-Length: 5242880
x-served-by: streamer.0xr.dev
server: cloudflare
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: https://0xr.dev
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=md5%2FLRrrVUqb6lD2GMbFUS9q04D04o7%2BfRqEZVqx58Jk0uVdxBgbJ2Hjtit9EHEL60Ptub8fcj9RfI4rWlr3KUGIohJICVKXwEylloPmXTBQccZ0sIsXPsADYRUGpvXr1y09GC%2B4gk6vSUvVtdNl"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a4add8c0f5f4da1-FRA
access-control-allow-headers: Content-Type

GET
H3 206 video
streamer.0xr.dev/ 609 KB
0 77ms
77ms Media
video/mp4 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamer.0xr.dev/video?n=sage-dynasty
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer: https://0xr.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=5507809-

Response headers

date: Wed, 17 Jul 2024 14:19:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
Content-Range: bytes 5507809-10750688/50565317
alt-svc: h3=":443"; ma=86400
Content-Length: 5242880
x-served-by: streamer.0xr.dev
server: cloudflare
access-control-allow-methods: GET
content-type: video/mp4
access-control-allow-origin: https://0xr.dev
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXD3XQWrlUmSwrutpss9HyaP3fKwjRO5De%2FOCGaR3zkAUeOt9qwdlFqaKtQ%2FmMvbdgj%2FYLv9PbRa4MHCVaiDKvg1Yl2K2%2F%2F5EfmtNfiuWPyxymhTTjzCLukOdePSbIa0W%2FHo"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a4add9dec912c2e-FRA
access-control-allow-headers: Content-Type

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.0xr.dev/	1970-01-21 06:52:41	Name: cf_clearance Value: I8X1Rd2j_ON4ya1xTmlMXT09cbIBRWjXy63MJyTqGT0-1721225949-1.0.1.1-uuaCV8S1NrZ8oyqAf0cgaXTUkxDIs_ku4WeS.wIM_tkZd2ZgGkXYw2qMnuOu8xth.jIZPc6WuCUM3POEIADj1g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0xr.dev
avatars.steamstatic.com
cdn.jsdelivr.net
code.jquery.com
streamer.0xr.dev
188.114.96.3
2606:4700::6812:bb1f
2a02:26f0:3500:4::b818:4dab
2a04:4e42:400::649
2a06:98c1:3121::3
033e9aab0a4bdf12d1a8fb371e69dd22a90e03888e00651ec15ef5a7e2c71ab3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27ee43eface9911111888dc5cdec39c1b540d3c15046cb87a9db2a5c29d10fb4
486ddbf939f9e043a18ac675556385ab12a7e14de219318c3200548d921f3b4f
608f1322fedc5dc17e8f2af0f18f51ad5f7a70a37deb90430e854e3f852a6448
7632a87c14efbd8b876c0c3f330a11c75f0986ea87bfce5e40123e936cd681a5
ceae52c47bfb124b1d32219a1372fbae54d751ee1a4115d6d357b8023054bfde
e27c0a8a6e1d7cdaad8e8cf96c12fb4d5e7fe5fd7ebed2ff2b4de9778720cdef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f04369cf5fbe62c64d084afdcecb27d09fe028dda89059379e1ce4851cd902c8
f2adc2e52053fff27f845eb0a3cd270586e68656cfdeab9ffdf97867137924e7
f66ca66d2b03e8ecf842e52526799d024aae0619479355d31d322b20a9e38e74
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

0xr.dev Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

5218 kBTransfer

6199 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

Indicators

0xr.dev Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

5218 kB
Transfer

6199 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions