urlscan.io logo urlscan.io
SecurityTrails logo

ezshop99.hamx.xyz Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ezshop99.hamx.xyz/#ur
Effective URL: https://ezshop99.hamx.xyz/
Submission Tags: 0xscam
Submission: On July 24 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ezshop99.hamx.xyz.
TLS certificate: Issued by E1 on May 31st 2024. Valid for: 3 months.
This is the only time ezshop99.hamx.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 188.114.97.3 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
1 142.250.185.164 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.159.134.232 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
18 8
7    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ezshop99.hamx.xyz
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
2    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.159.134.232 (None, )

ASN13335 (CLOUDFLARENET, US)
media.discordapp.net
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
Apex Domain
Subdomains		 Transfer
7 hamx.xyz
ezshop99.hamx.xyz
44 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
232 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
10 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
43 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
47 KB
1 discordapp.net
media.discordapp.net — Cisco Umbrella Rank: 4082
36 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
894 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
986 B
18 8
Domain Requested by
7 ezshop99.hamx.xyz 1 redirects ezshop99.hamx.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 unpkg.com ezshop99.hamx.xyz
2 cdn.jsdelivr.net ezshop99.hamx.xyz
2 cdnjs.cloudflare.com ezshop99.hamx.xyz
1 www.gstatic.com www.google.com
1 media.discordapp.net ezshop99.hamx.xyz
1 fonts.googleapis.com ezshop99.hamx.xyz
1 www.google.com ezshop99.hamx.xyz
18 9

This site contains links to these domains. Also see Links.

Domain
autoweb.hamx.xyz
Subject Issuer Validity Valid
hamx.xyz
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
unpkg.com
GTS CA 1P5		 2024-05-30 -
2024-08-28		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
discordapp.net
Cloudflare Inc ECC CA-3		 2023-09-03 -
2024-09-02		 a year crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ezshop99.hamx.xyz/
Frame ID: 6C2F05497D02934A4F7FCBC11B003119
Requests: 16 HTTP requests in this frame

Frame: https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: 676458652B6D0E2FB0F23AA8D6E9B765
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hamx.xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

94 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

378 kB
Transfer

1153 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ezshop99.hamx.xyz/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ezshop99.hamx.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44b007155a7dba19256176e82aa25ee66be48752ad115f6fc183e1c3acbdc26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a804c9418049fb1-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 01:57:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T8%2FDTV%2B0TFxvjOJrUPaZueEoa403YBgYCn5tcRJjJmxrOza4e9b1riGOkHj8ZIQsoaW6Ltlf%2FMg4FV6%2B7nxXTk6F5VZClICUoUaA947QcHyjksddrzUGi%2F%2FXFuoeFJPw%2Fgt3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://ezshop99.hamx.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
474964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXjvHwr5QnlVx%2F%2FR6NeOAAcuTdxVif7wZhWKhEM1AJYDDY8GzMGqns0mYdHI%2BHRQECLupmP8w1G2t0GP1p%2B2UMAuWOVtfn5IfdPdhbYGqWLMCsWRj%2F78DJ0ZpTEbZrb2EZRVM1SUDi38wErE%2BCCuUf75"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a804c991abb664b-AMS
expires
Mon, 14 Jul 2025 01:57:24 GMT
bootstrap.min.css
ezshop99.hamx.xyz/asset/css/ 		203 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ezshop99.hamx.xyz/asset/css/bootstrap.min.css
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603265e661682e52e765dcd9b9ca52875a6ffda4d47fd7b4238b20bc268c9863

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 21 Jul 2024 14:32:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2141
etag
W/"669d1c12-32d69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5idww7qdZNqJMx4xwbS7nNE9NRDoEY%2FBw8psPxwRpcCI0h8Qv4VWXjIdfAQwMWA35TyvJpH1V4u35y8okm3klaK5pcTi3X%2B%2Bqp6W817dirgIDlou5fz7yt4DN4wJs3JFVCAWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a804c96ea379fb1-AMS
alt-svc
h3=":443"; ma=86400
style.css
ezshop99.hamx.xyz/asset/css/ 		1 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ezshop99.hamx.xyz/asset/css/style.css
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e196fe7b6bb72b7418b4f4545a4d72e1747086503d79c6b45c8359e262ac03

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 21 Jul 2024 14:32:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2141
etag
W/"669d1c12-585"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8qRkjYw6HaIucAfaS%2BieX%2F4tEjwH6%2FecGDPlAIbiFsjWnh1aoVxAG7lGfXo%2F%2BooH9j4sDTiiarmrcFPWP4vAJWp6ix1imXWAnXs6gL4oXpnG4zLIwvqdhXwRARFJE2hQaFo%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a804c96ea389fb1-AMS
alt-svc
h3=":443"; ma=86400
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezshop99.hamx.xyz/
Origin
https://ezshop99.hamx.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 01:57:23 GMT
x-content-type-options
nosniff
content-encoding
br
age
7247418
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23943
x-served-by
cache-fra-eddf8230080-FRA, cache-ams21027-AMS
x-jsd-version-type
version
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
sweetalert2@11
cdn.jsdelivr.net/npm/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e449deca0f4a16c57dc31d22149bc1581905e12f7d233b8a7da2c2c571a41a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 01:57:23 GMT
x-content-type-options
nosniff
content-encoding
br
age
19386
x-jsd-version
11.12.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19552
x-served-by
cache-fra-eddf8230029-FRA, cache-ams21044-AMS
x-jsd-version-type
version
etag
W/"12d76-wYuz575IMdyzN84kOgs3ItEe4yg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.4/jquery.min.js
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://ezshop99.hamx.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28035
last-modified
Wed, 08 Mar 2023 16:05:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6408b256-6d83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FQuBu0DGtHdw2xw6Nejhu2%2FXyzQdGfpPZcRKi4D5yCFfBEcogxYt%2FdKQVITV3A7NV%2BpfaQhnPsO3PpCO%2FxkHH2n6dRK2w2HfrGsusLrFSh4GrRX8kx4s0PKg1i5CLWUYSy1BkhiLs0y5gLXvqX7q8yn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a804c991abc664b-AMS
expires
Mon, 14 Jul 2025 01:57:24 GMT
api.js
www.google.com/recaptcha/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
cfb79d30f457e9541960d7371d74da2b7095f392dc8d206a06abb9d425cf97b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 24 Jul 2024 01:57:24 GMT
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:23 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11442269
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HRW73V8N1JVAWWX8Z91HMRT3-ams
server
cloudflare
etag
"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a804c973c48b767-AMS
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:23 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
4764785
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HZ378FP6FA3SENQ614RH82AH-ams
server
cloudflare
etag
"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a804c973c49b767-AMS
css2
fonts.googleapis.com/ 		1 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+Thai:wght@500&display=swap
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/asset/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bb5662f3aa2ffc53ad27e9ba4d44ec233f4568391711ecebf7b8882e5fa17f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jul 2024 01:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jul 2024 01:57:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jul 2024 01:57:23 GMT
2023-05-06_183453.png
media.discordapp.net/attachments/1033046333742907475/1104371932629041192/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1033046333742907475/1104371932629041192/2023-05-06_183453.png
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.134.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wau2BdqvjjBFT9NNRA2XdU%2Btd3gncZZJAS9K345%2B1ZgOPtsGO5zwuUp5nwApobj3q5F03%2BKRm2nbr77G8dTwNJRnkeQtTsKNtIGsGoXoc%2FeZPQX3VQfKKPTdcjyPF5yLsKt6ictx"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
8a804c99dc760e58-AMS
content-length
36
alt-svc
h3=":443"; ma=86400
iJWnBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcd1MKVQt_So_9CdU6ZtlyJ0QCvz.woff2
fonts.gstatic.com/s/notosansthai/v25/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansthai/v25/iJWnBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcd1MKVQt_So_9CdU6ZtlyJ0QCvz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Thai:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29bbdbc816056e4c355a80716768cac6161ec8026191a5d5918948cd9deb3043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ezshop99.hamx.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:00:09 GMT
x-content-type-options
nosniff
age
3435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8844
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:15:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 01:00:09 GMT
iJWnBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcd1MKVQt_So_9CdU6ZtlzZ0QA.woff2
fonts.gstatic.com/s/notosansthai/v25/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansthai/v25/iJWnBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcd1MKVQt_So_9CdU6ZtlzZ0QA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Thai:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2a098397dd368474eff4ea932872cf6390f90dd9cbbe6ee64fb8c7ed48039e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ezshop99.hamx.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:12:11 GMT
x-content-type-options
nosniff
age
38713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:04:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:12:11 GMT
main.js
ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame 6764
Redirect Chain
  • https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0863e5866cd4005be343eb17c475ec0cbb7fec1caa9933e928b0968542317644
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fjb0QIpGpgBM%2FC4S6uo%2FJl3CL%2F1CDtJNVn2B9iDf97d2OymdeVT6rgmg6dQP9z1a2ZCtdSzU%2BVyGrJfNXTLA6fZAtpGPBAkArENqv%2FDObKVJrtjimAfDS11ySfRMBjLakxSJKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8a804c99fbe79fb1-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 24 Jul 2024 01:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9GnMbslRfi19grJ5wIGBxW7%2Fns6i3jHSl6hOhLbj7oPyy%2FF%2BMMr7U6R1V6pkJppGldH%2BZWz9fgxMjhsVK%2BlRAvZLoQF%2FJ9u0Z8bIQMOjZMOGfAu2VSTqJjFOr2TpHdCVNZnbw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
8a804c99cbca9fb1-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		535 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezshop99.hamx.xyz/
Origin
https://ezshop99.hamx.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 23:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217125
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Jul 2025 23:08:34 GMT
8a804c9418049fb1
ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6764 		0
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8a804c9418049fb1
Requested by
Host: ezshop99.hamx.xyz
URL: https://ezshop99.hamx.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 Jul 2024 01:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4I8UczsjpgORI9qOcp%2FzQV%2FKAnAIY51RA83rvyvdRzVvN4kWujOgGTJ8GA9V7aHAcQxYm24Onb05dmYlkx5AKZFdcVQExFR9FQ%2B71PAa9BJ9r9OG58JL6wIjJsR4g31km5OGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8a804c9aec849fb1-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
ezshop99.hamx.xyz/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ezshop99.hamx.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d361e74caefdcb559bec68a1256c0ebec37f86a7cecb3f7efcf81216cb007e

Request headers

Referer
https://ezshop99.hamx.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 01:57:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNEJATTsoKiJ3cuQLrQo7nWmSTmhIhJk%2BKdnbrg8pIn5q94KQAqUzMTz94zQjq3%2BG1CftkdCDlPjFe2pIDsWByyAqWAihFmHRlue3Uusg09tlal9VGl8pHwFxT9Fzez4J54pkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8a804c9b5cff9fb1-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| uidEvent object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| $ function| jQuery object| AOS object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

4 Cookies

Domain/Path Name / Value
ezshop99.hamx.xyz/ Name: PHPSESSID
Value: vu0deg3a3fuoc99m9d5po6qjon
.discordapp.net/ Name: __cfruid
Value: 665fe0ea3421d2837c054d5dc3d47daf5de2b4a4-1721786244
.discordapp.net/ Name: _cfuvid
Value: n7I4k.aqd_.gi_4w6CI94HoUstC5DOvjr_nrgUh1q0Q-1721786244145-0.0.1.1-604800000
.hamx.xyz/ Name: cf_clearance
Value: VkIvenjYF0jJ3FwstuoL6WHrZJWzVboV6ouegoV0u7w-1721786244-1.0.1.1-vbMyF0ay0KwlAdaO26_wL_dNXCeUqkxXn5yu_rkucYvf_wcxyRSEhfbCkQeHTswWvjWMOK0p510594q6Vjykmg

1 Console Messages

Source Level URL
Text
network error URL: https://media.discordapp.net/attachments/1033046333742907475/1104371932629041192/2023-05-06_183453.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
ezshop99.hamx.xyz
fonts.googleapis.com
fonts.gstatic.com
media.discordapp.net
unpkg.com
www.google.com
www.gstatic.com
142.250.185.164
162.159.134.232
188.114.97.3
2606:4700::6811:190e
2606:4700::6811:f7cb
2a00:1450:4001:802::200a
2a00:1450:4001:81d::2003
2a04:4e42:600::485
0863e5866cd4005be343eb17c475ec0cbb7fec1caa9933e928b0968542317644
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
29bbdbc816056e4c355a80716768cac6161ec8026191a5d5918948cd9deb3043
2bb5662f3aa2ffc53ad27e9ba4d44ec233f4568391711ecebf7b8882e5fa17f5
603265e661682e52e765dcd9b9ca52875a6ffda4d47fd7b4238b20bc268c9863
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc
c2a098397dd368474eff4ea932872cf6390f90dd9cbbe6ee64fb8c7ed48039e0
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
cfb79d30f457e9541960d7371d74da2b7095f392dc8d206a06abb9d425cf97b6
d8e196fe7b6bb72b7418b4f4545a4d72e1747086503d79c6b45c8359e262ac03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e449deca0f4a16c57dc31d22149bc1581905e12f7d233b8a7da2c2c571a41a3b
e44b007155a7dba19256176e82aa25ee66be48752ad115f6fc183e1c3acbdc26
e8d361e74caefdcb559bec68a1256c0ebec37f86a7cecb3f7efcf81216cb007e
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e