s1.xn84se.net Open in urlscan Pro
104.18.0.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://66dxdx.com/
Effective URL:
https://s1.xn84se.net/
Submission: On May 21 via api (May 21st 2024, 8:50:16 am UTC) from BY — Scanned from DE

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 104.18.0.54, located in and belongs to CLOUDFLARENET, US. The main domain is s1.xn84se.net.
TLS certificate: Issued by GTS CA 1P5 on May 21st 2024. Valid for: 3 months.

This is the only time s1.xn84se.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	172.247.129.157 172.247.129.157	40065 (CNSERVERS) (CNSERVERS)
1 13	104.18.0.54 104.18.0.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:261... 2600:9000:2611:1c00:b:d05:79c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.209.145.53 162.209.145.53	40065 (CNSERVERS) (CNSERVERS)
17	6

2 172.247.129.157 (Los Angeles, United States) 1 redirects

ASN40065 (CNSERVERS, US)

66dxdx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sda.12035ttz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.0.54 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s1.xn84se.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2611:1c00:b:d05:79c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

7scdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.209.145.53 (United States)

ASN40065 (CNSERVERS, US)

www.readbond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	xn84se.net 1 redirects s1.xn84se.net	55 KB
1	readbond.com www.readbond.com	127 KB
1	7scdn.com 7scdn.com	344 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
1	12035ttz.com 1 redirects sda.12035ttz.com	155 B
1	66dxdx.com 66dxdx.com	2 KB
17	6

	Domain	Requested by
13	s1.xn84se.net	1 redirects 66dxdx.com s1.xn84se.net
1	www.readbond.com
1	7scdn.com
1	static.cloudflareinsights.com	s1.xn84se.net
1	sda.12035ttz.com	1 redirects
1	66dxdx.com
17	6

This site contains links to these domains. Also see Links.

Domain
23.224.46.2
tr6vg.net

Subject Issuer	Validity	Valid
xn84se.net GTS CA 1P5	`2024-05-21` - `2024-08-19`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
7scdn.com Amazon RSA 2048 M02	`2024-04-09` - `2025-05-08`	a year	crt.sh
www.readbond.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s1.xn84se.net/
Frame ID: B008162C5485378222B5A5A4D403260B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

激情图片激情小说伦理电影快播电影 QVOD经典快播伦理

Page URL History Show full URLs

http://66dxdx.com/ HTTP 307
https://66dxdx.com/ HTTP 307
http://66dxdx.com/ Page URL
http://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw== HTTP 307
https://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw== HTTP 307
http://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw== HTTP 302
https://s1.xn84se.net/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

17
Requests

82 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

535 kB
Transfer

604 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://23.224.46.2:888/enter/?c=714306371

Search URL Search Domain Scan URL

URL: https://tr6vg.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://66dxdx.com/ HTTP 307
https://66dxdx.com/ HTTP 307
http://66dxdx.com/ Page URL
http://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw== HTTP 307
https://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw== HTTP 307
http://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw== HTTP 302
https://s1.xn84se.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://66dxdx.com/ HTTP 307
https://66dxdx.com/ HTTP 307
http://66dxdx.com/

Request Chain 12

https://s1.xn84se.net/images/menu-separator.gif HTTP 302
https://s1.xn84se.net/404.html

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
66dxdx.com/
Redirect Chain

http://66dxdx.com/
https://66dxdx.com/
http://66dxdx.com/

2 KB
2 KB

0ms
0ms

Document
text/html

172.247.129.157
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://66dxdx.com/
Protocol: HTTP/1.1
Server: 172.247.129.157 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: @tenfyBot /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=600
Connection: close
Content-Length: 1786
Content-Type: text/html;charset=utf-8
Server: @tenfyBot

Redirect headers

Location: http://66dxdx.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

Primary Request / Show response
s1.xn84se.net/
Redirect Chain

http://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw==
https://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw==
http://sda.12035ttz.com:10886/?u=aHR0cDovLzY2ZHhkeC5jb20=&p=Lw==
https://s1.xn84se.net/

13 KB
4 KB

385ms
342ms

Document
text/html

104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/
Requested by: Host: 66dxdx.com
URL: http://66dxdx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc6aa8dc7a5c53a24fb2f2cb7c55b7e317c806483203e404c6842057f47ea6c3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://66dxdx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 887350fc1b02381f-FRA
content-encoding: br
content-type: text/html
date: Tue, 21 May 2024 08:50:00 GMT
last-modified: Mon, 20 May 2024 14:36:00 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 21 May 2024 08:49:59 GMT
Location: https://s1.xn84se.net/
Server: openresty

GET
H3 200 style.css
s1.xn84se.net/css/ 25 KB
6 KB 650ms
649ms Stylesheet
text/css 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/css/style.css
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a09255c987bdb20be12ea223f239003d62ca3642da42640369063e59f5632b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 01 Oct 2023 11:58:46 GMT
server: cloudflare
etag: W/"f0b21a25ef4d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 887350fe6e3f381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:00 GMT

GET
H3 200 rocket-loader.min.js Show response
s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 34ms
33ms Script
application/javascript 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: s1.xn84se.net
URL: https://s1.xn84se.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 May 2024 13:45:29 GMT
server: cloudflare
etag: W/"66436af9-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 887350fe6e42381f-FRA
expires: Thu, 23 May 2024 08:50:00 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 130ms
76ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Origin: https://s1.xn84se.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:00 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 887350fedd1c2c42-FRA

GET
H3 200 tj.js Show response
s1.xn84se.net/js/ 869 B
453 B 347ms
346ms Script
application/javascript 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/js/tj.js
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f4d226ec4419967e9a8125e5507b6c2ab23a821465ad2d6e42f5fb0b61cb82

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 08:53:23 GMT
server: cloudflare
etag: W/"883ec28fff7cda1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 887351027b5f381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H3 200 i.js Show response
s1.xn84se.net/js/ 2 KB
781 B 362ms
361ms Script
application/javascript 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/js/i.js
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a29ec7ef112f06b32cabca34dfa5518953cf8195ea8b0bde100dbf564d745c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 May 2024 09:19:22 GMT
server: cloudflare
etag: W/"51757da2cda9da1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 887351027b67381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H3 200 mail.js Show response
s1.xn84se.net/js/ 3 KB
1018 B 352ms
351ms Script
application/javascript 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/js/mail.js
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a38de080298a0c2450ad976b9b2033c50871a5f19adceab83146346ffe27400

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 May 2024 16:56:13 GMT
server: cloudflare
etag: W/"b80e274daada1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 887351027b6c381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H3 200 LAD.js Show response
s1.xn84se.net/js/ 6 KB
1006 B 501ms
500ms Script
application/javascript 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/js/LAD.js
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc38aae47c30e3d73ebe95d84ae61a6d3783bd0ae3553639564087c1803bc857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 May 2024 13:06:55 GMT
server: cloudflare
etag: W/"755cb596b6aada1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 887351027b6e381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

GET top.js
s1.xn84se.net/js/ 0
0

GET
H3 200 itop.js Show response
s1.xn84se.net/js/ 430 B
425 B 355ms
354ms Script
application/javascript 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/js/itop.js
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7fa5d2a941ff5b32fc2abe56381c66236b8850d80f4825eae1dac4e64bad25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 May 2024 07:49:27 GMT
server: cloudflare
etag: W/"465268e8f7a8da1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 887351027b77381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H3 200 bg1.jpg
s1.xn84se.net/images/ 481 B
693 B 358ms
357ms Image
image/jpeg 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.xn84se.net/images/bg1.jpg
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631f284aa8c78301586086553cc64e1f0497359b182ae510d23a78d081f17cd5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Jun 2016 09:16:36 GMT
server: cloudflare
etag: "0726cefe6d1d11:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 887351027b78381f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 481
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H3 200 logo.png
s1.xn84se.net/images/ 29 KB
29 KB 657ms
657ms Image
image/png 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.xn84se.net/images/logo.png
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 791ac94344ccb67e0b5ca915f3e590af431abafa0ffc9e9bb03f0d910ea877c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Jun 2016 17:33:22 GMT
server: cloudflare
etag: "05dc52a63d1d11:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 887351027b7a381f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29760
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H3

200

404.html
s1.xn84se.net/
Redirect Chain

https://s1.xn84se.net/images/menu-separator.gif
https://s1.xn84se.net/404.html

4 KB
4 KB

187ms
186ms

Image
text/html

104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.xn84se.net/404.html
Requested by: Host: s1.xn84se.net
URL: https://s1.xn84se.net/css/style.css
Protocol: H3
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://s1.xn84se.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 21 May 2024 08:50:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Dec 2021 06:40:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
cf-ray: 88735104ce05381f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 21 May 2024 08:50:01 GMT
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: http://s1.xn84se.net/404.html
cache-control: public, max-age=14400
cf-ray: 887351027b7b381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

GET
H2 200 js24_980x60.gif
7scdn.com/ad/ 343 KB
344 KB 125ms
36ms Image
image/gif 2600:9000:2611:1c00:b:d05:79c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7scdn.com/ad/js24_980x60.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:1c00:b:d05:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1c5b349b9ee425a260e8c3ff88f355c311063044ed25f73953e42f4bcb951ad8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 07:33:48 GMT
via: 1.1 581ced6577fa2054087db3aa564e1b58.cloudfront.net (CloudFront)
last-modified: Sat, 11 May 2024 07:03:29 GMT
server: nginx/1.18.0
x-amz-cf-pop: VIE50-P2
age: 868573
etag: "663f1841-55c0c"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 351244
x-amz-cf-id: vlUDMoiMCDymXPGeUEIllSBa_1JzZget-04ukO9thNVHHiPhHJElIw==
expires: Mon, 10 Jun 2024 07:33:48 GMT

GET
H/1.1 200
OK mtzhb980x60-7.gif
www.readbond.com/image/ 127 KB
127 KB 2604ms
342ms Image
image/gif 162.209.145.53
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.readbond.com/image/mtzhb980x60-7.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 162.209.145.53 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: 404 /
Resource Hash: 6114c51bf5c1110573c09b324603bb7d7aea903e0dfff5d1e64feae224e5f9d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 21 May 2024 08:50:03 GMT
Last-Modified: Tue, 14 May 2024 08:14:30 GMT
Server: 404
ETag: "66431d66-1fb4c"
X-Cache-Status: HIT
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129868
Expires: Tue, 18 Jun 2024 13:27:19 GMT

GET
H3 200 favicon.ico
s1.xn84se.net/ 17 KB
4 KB 649ms
648ms Other
image/x-icon 104.18.0.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.xn84se.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.0.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0084f7f001a6941073ba7e75e7e969cbd3254088ed2f787d3def212826131125

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://s1.xn84se.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:50:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Jun 2016 07:31:05 GMT
server: cloudflare
etag: W/"8082da31d8d1d11:0"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 88735106d889381f-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 May 2024 12:50:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s1.xn84se.net
URL: https://s1.xn84se.net/js/top.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR object| __cfBeacon

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://s1.xn84se.net/ Message: The resource https://s1.xn84se.net/js/tj.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://s1.xn84se.net/ Message: The resource https://s1.xn84se.net/js/mail.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://s1.xn84se.net/ Message: The resource https://s1.xn84se.net/js/i.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://s1.xn84se.net/ Message: The resource https://s1.xn84se.net/js/LAD.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66dxdx.com
7scdn.com
s1.xn84se.net
sda.12035ttz.com
static.cloudflareinsights.com
www.readbond.com
s1.xn84se.net
104.18.0.54
162.209.145.53
172.247.129.157
2600:9000:2611:1c00:b:d05:79c0:93a1
2606:4700::6810:4f49
0084f7f001a6941073ba7e75e7e969cbd3254088ed2f787d3def212826131125
17f4d226ec4419967e9a8125e5507b6c2ab23a821465ad2d6e42f5fb0b61cb82
1c5b349b9ee425a260e8c3ff88f355c311063044ed25f73953e42f4bcb951ad8
28a09255c987bdb20be12ea223f239003d62ca3642da42640369063e59f5632b
3a38de080298a0c2450ad976b9b2033c50871a5f19adceab83146346ffe27400
3a7fa5d2a941ff5b32fc2abe56381c66236b8850d80f4825eae1dac4e64bad25
6114c51bf5c1110573c09b324603bb7d7aea903e0dfff5d1e64feae224e5f9d0
631f284aa8c78301586086553cc64e1f0497359b182ae510d23a78d081f17cd5
791ac94344ccb67e0b5ca915f3e590af431abafa0ffc9e9bb03f0d910ea877c6
a8a29ec7ef112f06b32cabca34dfa5518953cf8195ea8b0bde100dbf564d745c
bc38aae47c30e3d73ebe95d84ae61a6d3783bd0ae3553639564087c1803bc857
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc6aa8dc7a5c53a24fb2f2cb7c55b7e317c806483203e404c6842057f47ea6c3

s1.xn84se.net Open in urlscan Pro 104.18.0.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

40 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

535 kBTransfer

604 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

s1.xn84se.net Open in urlscan Pro
104.18.0.54 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

535 kB
Transfer

604 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions