www.fafins.xyz Open in urlscan Pro
172.67.191.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.fafins.xyz/obdietvfw_102717.html
Effective URL:
https://www.fafins.xyz/obdietvfw_102717.html
Submission: On August 05 via api (August 5th 2024, 3:22:42 am UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 172.67.191.143, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fafins.xyz.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.

This is the only time www.fafins.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	172.67.191.143 172.67.191.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.85.69.5 154.85.69.5	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
1	172.67.176.212 172.67.176.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.85.69.9 154.85.69.9	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
26	4

23 172.67.191.143 (United States)

ASN13335 (CLOUDFLARENET, US)

www.fafins.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.85.69.5 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.176.212 (United States)

ASN13335 (CLOUDFLARENET, US)

933321.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.85.69.9 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	fafins.xyz www.fafins.xyz	177 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 46121 collect-v6.51.la — Cisco Umbrella Rank: 35990	13 KB
1	933321.com 933321.com
26	3

	Domain	Requested by
23	www.fafins.xyz	www.fafins.xyz
1	collect-v6.51.la	sdk.51.la
1	933321.com	www.fafins.xyz
1	sdk.51.la	www.fafins.xyz
26	4

This site contains links to these domains. Also see Links.

Domain
ntja.org
933321.com

Subject Issuer	Validity	Valid
fafins.xyz WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.51.la Sectigo RSA Domain Validation Secure Server CA	`2024-05-14` - `2025-05-14`	a year	crt.sh
933321.com WE1	`2024-06-07` - `2024-09-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.fafins.xyz/obdietvfw_102717.html
Frame ID: C653535884124985A15F8D5BF204AB9A
Requests: 25 HTTP requests in this frame

Frame: https://933321.com/
Frame ID: FB590B5D2BFF06C4740A035525CAC179
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PG Slot ผ่าน วอ เลท: เกมสล็อตออนไลน์ยอดนิยมสำหรับผู้เล่นบา คา ร่า 169ชาวไทย - ฝาก 13 รับ 100 ล่าสุด

Page URL History Show full URLs

http://www.fafins.xyz/obdietvfw_102717.html HTTP 307
https://www.fafins.xyz/obdietvfw_102717.html Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

190 kB
Transfer

392 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ntja.org/
Title: เว็บตรงสล็อต

Search URL Search Domain Scan URL

URL: https://933321.com/
Title: สล็อตเว็บตรง

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.fafins.xyz/obdietvfw_102717.html HTTP 307
https://www.fafins.xyz/obdietvfw_102717.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request obdietvfw_102717.html Show response www.fafins.xyz/ Redirect Chain http://www.fafins.xyz/obdietvfw_102717.html https://www.fafins.xyz/obdietvfw_102717.html	16 KB 4 KB	405ms 373ms	Document text/html	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `45d9a91890f468e7664e4d5a25d5651275204033684d38bb0a34aa49fa4ad96a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ae3a9b5a987927f-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 05 Aug 2024 03:22:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWYjEcTHbGYHGTqMP24l9%2FopcNjqKLU9gWeLYlSJhdsKrEGLHfbCTEV4p8LFu68rA4TGNKI8NX1QNHQ%2BdL2Gj0IBjuOQV5huXeREA7i3uE7qcq2EOJJk9D99Yu9R5okTMQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.6 Redirect headers Location https://www.fafins.xyz/obdietvfw_102717.html Non-Authoritative-Reason HttpsUpgrades
GET H3	200	master.css www.fafins.xyz/templates/thtemp%20(225)/style/	33 KB 10 KB	447ms 444ms	Stylesheet text/css	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `833f77669127492f5a7fd195277fd9e70834debffe211b9afeb3998d8f1a09fe` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 05 Aug 2024 03:22:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.6 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GizsSwG1q%2FYWRHp2bauLiiorlKQcV5qLAtIfpzN4bwoWshqTWYyMxboqVMi0xsAMVvnQCTDQVNaEZ%2BfRX3j8LXRO4767Xnfc7qPoZHIiUYX%2Bw7e%2B4iDftUmo%2FXFLJlWSzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caec927f-FRA alt-svc h3=":443"; ma=86400 content-length 9267
GET H3	200	jbox.css www.fafins.xyz/templates/thtemp%20(225)/style/	3 KB 2 KB	447ms 444ms	Stylesheet text/css	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/style/jbox.css?t=8e39d7 Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `bf84fa43da0572dc38604da28f229797e719617c94f9f6aab0c08a132f2984ce` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 05 Aug 2024 03:22:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.6 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYPvxo5Y%2FfGLvIRKDLckJEQd6T2ViW7Zn6Kum9FM3tM0vuM87BEnu8cCc6OW0OCnexEYfgbtr%2BxOlsZ1QE95y9pFkZE4LjFI1Uk6pMVyiOrwOnAWW0kJiuzvZCNS8Pk2eg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caed927f-FRA alt-svc h3=":443"; ma=86400 content-length 1201
GET H3	200	jquery.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	77 KB 34 KB	495ms 492ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/jquery.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a56cddc10e62d2385605b846033baeeb81c15c815daa2c8147318c95bf4b5d5` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0dc75e16f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49hsX0srRo%2BP9xZOdKvfCMYJKMALg2brfkHxCiNGE0eBYKra%2BQzZLEwj0J%2FMrOMsG2MFg%2BuMNP8AgDg2aVgYyrIbiBO5kGBiSzyoSn1u6xigc49yRLdO6CFpew5CxhsJkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf0927f-FRA alt-svc h3=":443"; ma=86400 content-length 34098
GET H3	200	functions.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	4 KB 2 KB	436ms 433ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/functions.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5501339aeccc9f3d7e0a38613d20a296f9c02ea9694e7a0d98c7fc1a96920e3c` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0af44e06f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYPiHc99zumvpgqkIXc5rMTqtOC5FXnNSjeYdsbMd6gc%2Fw5QsJdfnTViddYYCzssickTAmJQrPyplTBtZcg9RpG%2B%2FfPSkLwgyn18jHL1yG83ZK0DVAkL0YjlLdJHgXli%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf2927f-FRA alt-svc h3=":443"; ma=86400 content-length 1258
GET H3	200	jquery.jbox-2.3.min.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	16 KB 8 KB	452ms 450ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/jquery.jbox-2.3.min.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d41e33ee759432b99e8651c9198f67d9ce571c11fe9680e8c051361e6a037f9` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0af44e06f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXxD519ObIXKUTkmqKHSn3IQzgRdzioqRX3GQmArromsXWHIyNUA%2BL7%2BjulfRDpwqp52T6%2BXSBuFFyBGn5E%2FzwPaZixd%2FEFpt7jnaCKPUGPVmcNI1njiD6thVs5%2FzH7w2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf4927f-FRA alt-svc h3=":443"; ma=86400 content-length 8073
GET H3	200	jquery.lazyload.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	3 KB 2 KB	313ms 310ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/jquery.lazyload.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e46fdd2762441576692ab1374ef07b7011601a1eac6bb0b6fc1e994da39af551` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0dc75e16f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91w%2FWeigypY9IBrd3hdgjX5rCg9kpOff9tMYFvNG80oNKFhgu1NrZa1nIHveWZNM2gLL%2FFPTe3EUpby9aDoltXZMH%2BqB5s%2BfljQKOSPG7kYFFqf5idBZYgnN2dXWW9trzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf5927f-FRA alt-svc h3=":443"; ma=86400 content-length 1302
GET H3	200	banner.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	11 KB 4 KB	436ms 433ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/banner.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6332a2b7681463db11940ca76aa2775266974c0899529bbd7c10ee997cedf7e8` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "08213df6f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsSFhpsVe%2BtIvMBIL9uFLcohe%2BMKB4O49DrLxbAkzpQtRsrXRXpe8ZQDTQwZYpU07XBpN2t0HimCLRQBO1nnH8NlXl%2F3m26ATig%2FZsr7hj3%2B%2F%2BnXEPq5Uezb%2FxpAHMSDug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf6927f-FRA alt-svc h3=":443"; ma=86400 content-length 3999
GET H3	200	pic.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	2 KB 1 KB	434ms 432ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/pic.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `542b188cb99d0ebb17fa41e8339d408ee614c542644c1b9dcd7d045d1bfa98c2` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "08213df6f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GlOQjO0QWJlTFgqVNMyvQnLrCFPEhEHDQldprB43IRp94LbZils0I%2F8ky3epyLeqxEeWgB8T2K8y3i555CQ7PmrYovoZrk4VjNTrUZEUDgWrKdtO7ITO7BmAEQfQ9jjrNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf7927f-FRA alt-svc h3=":443"; ma=86400 content-length 819
GET H3	200	nav.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	10 KB 3 KB	436ms 433ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/nav.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bbedaf7e149c964e5ee6e4039cf65530416ef932951d01363c180b68e42dc3fe` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0af44e06f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEqbgNaPLOuZcG%2BeOPMDIpXvgtzOsN%2Bi4doMz%2BrqIanhvMvweIIvkGBtIUz7WCDcni3XNe4xqaLfRSo9xdkVRnQdIk4qn1nCF5gJlhvNGniVb9tlCGkIatcbkS35mqhHKw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf8927f-FRA alt-svc h3=":443"; ma=86400 content-length 2444
GET H3	200	manhuadate.1.0.js Show response www.fafins.xyz/templates/thtemp%20(225)/js/	10 KB 3 KB	433ms 431ms	Script application/javascript	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/js/manhuadate.1.0.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b76b851a1786e9612d21d9b334d2d883fe8d5dd4b6b695f48731f5e555dc2172` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0af44e06f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5Uk5dEJWcpx9b%2BpHKSNc0ri7wRWiOdoF5aUa%2B7dHBa0LVQr6tK8zj2Z17%2F0EFTUXhiiybwrpeVA1woFSWfLTvK0fvDTNthVe5XgxRzQwJ7Fqt%2BhyyHztIi%2BOGw9D2SwJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8caf9927f-FRA alt-svc h3=":443"; ma=86400 content-length 2923
GET H3	200	swiper.min.css www.fafins.xyz/templates/thtemp%20(225)/style/	13 KB 6 KB	450ms 448ms	Stylesheet text/css	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/style/swiper.min.css?t=8e39d7 Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 05 Aug 2024 03:22:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.6 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEfnMqMnKC%2FMUc5fUuGPNkJyRXabCYBjPk4kKF7a0IbSVziurE0OjiO3wWLmaKVM8vw0t6ESwPwYVN0WYEmuCngcvCLxCpRLYRUZZDRX3UwJpCUgf4oo7rla%2Byh%2Fm2mzZg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8cafc927f-FRA alt-svc h3=":443"; ma=86400 content-length 5174
GET H3	200	animate.min.css www.fafins.xyz/templates/thtemp%20(225)/style/	60 KB 8 KB	463ms 461ms	Stylesheet text/css	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/templates/thtemp%20(225)/style/animate.min.css?t=8e39d7 Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `f89ad2fbc54ddd9e111ed8dc7b6e4d88e6c3463134b5264da879305866e5f458` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 05 Aug 2024 03:22:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.6 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNefmB15tzcRTKGb29SYIQzzi2EHobWoXAnmteFpXM5bfxUi7uS2j0IORnjM85%2BgqlpWhs6KLaXE%2FtLcRfPrg2CLnVj3cMykycS8nMtIG9J0epDLGvrrT6hhMSvzpnRVvA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8cafd927f-FRA alt-svc h3=":443"; ma=86400 content-length 8022
GET H3	200	index.php Show response www.fafins.xyz/	355 B 611 B	181ms 179ms	Script text/html	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/index.php?act=api&aid=1 Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `504361194175fd94aa5d9b8e94deabb1fbff968a7d02f565a1efda2618b142e6` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:28 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.6 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIatz6HcJRJjTb2aam4akBE1AafhEJbpSQ6Y7hBh0HdPjOGeq%2Fgsrcf74NHYKqqz8J91jfFWWFAESFL7Jm32KIACvk0HE1RhlEQR4BQGlhL9qdGjLAgEk8C22VQHnUW6cw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cf-ray 8ae3a9b8cafe927f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo.png www.fafins.xyz/templates/thtemp%20(225)/images/	14 KB 14 KB	463ms 461ms	Image image/png	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/templates/thtemp%20(225)/images/logo.png Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4ac814deec6161256f88d05649f4802ae9f58b24800f4105409f828f1228ab71` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Sun, 26 May 2024 16:45:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0ef68128cafda1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4C03w%2B8qzRC%2Bv%2FuKu6YOcfoaxIVbvAeHPmqEKTsFS%2BT1ACbHCG5QfUAr14zZ0VpKr3rcyaVA2fbgctVRa0u0zf56BpjrL7lA5R9s%2FcKIhpIx3r7x419ksuk0FnOp%2FmONQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8cb00927f-FRA alt-svc h3=":443"; ma=86400 content-length 14104
GET H3	200	23192SP10A28.jpg www.fafins.xyz/uploads/allimg/240723/	32 KB 33 KB	477ms 475ms	Image image/jpeg	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/uploads/allimg/240723/23192SP10A28.jpg Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e16773dd9bec49f9e4712480ac642cf0141a34e0de3159e88ce92a8299995880` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Tue, 23 Jul 2024 11:28:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c4aab776f3dcda1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvq%2BBpWbNTpcBcVSrZERJjmmfaRLKUd3SOwntbhEZ55n9FpDqXMGVmAg6E5o3HAzmcYIHEjowKsVH6OjDw%2Fk0CDjxufQLNuTrEfwGxeKdysQR8vbJH4GMdrvDoGsJ4le8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9b8cb01927f-FRA alt-svc h3=":443"; ma=86400 content-length 33251
GET H/1.1	200 OK	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 13 KB	1292ms 264ms	Script text/plain	154.85.69.5 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.5 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash `c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa` Request headers Referer https://www.fafins.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 05 Aug 2024 03:22:30 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Connection keep-alive X-Ser BC202_lt-obgp-fujian-xiamen-33-cache-2, BC7_DE-Frankfurt-Frankfurt-11-cache-1
GET H3	200	index.php Show response www.fafins.xyz/	0 403 B	174ms 173ms	Script text/html	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/index.php?act=count&aid=102717&mid=1 Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/obdietvfw_102717.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.6 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.6 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeYBhhbH4y4yQR%2B2rEj3I2vqh33ZCmyETGFdsqUnOHo4%2BvYTirNvgrXIbqOcJ6dfXbva8gu%2FoZhr7FLXVuyjzdea%2FKn8GxK2VEVSt1gnITdkxNPHhURW3cHwI0Q5ai6Vig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cf-ray 8ae3a9bc4c86927f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ 933321.com/ Frame FB59	0 0	428ms 396ms	Document text/html	172.67.176.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://933321.com/ Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/index.php?act=api&aid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.176.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.fafins.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=3, must-revalidate cf-cache-status DYNAMIC cf-ray 8ae3a9bc9de79a15-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Aug 2024 03:22:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMAODR%2BwCB9jTbjOZr1LH1n6WTUVgKLAbpxKDlz9Isp%2BQ%2F%2Fmhfdx%2BRJo4JK6603kVBLorpur42ssDs3YLwLxU3OWEaBJe84hIYeAn1Wjqg23CgUy3JRV9aO0JT%2BS"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Accept-Encoding, Cookie
GET H3	200	topbg.jpg www.fafins.xyz/templates/thtemp%20(225)/images/	372 B 821 B	158ms 157ms	Image image/jpeg	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/templates/thtemp%20(225)/images/topbg.jpg Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `780bb6b6c3905af38de75a374fe878543d4ea2002e406da23025f5b97d5453fa` Request headers Referer https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0af44e06f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1jx9MCd0f0kEq4Yf6DhbuwNbAvf1X%2FCPU11FnOsUi1f3t4egUiJHSH1xJeDdsOZ7jhz0syTcisN%2F1SUDATxouloO%2BF6fQ9OVliCZwOX7uNmkfZ4u0ntSyiYkL0yjxpZOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9bc5c9c927f-FRA alt-svc h3=":443"; ma=86400 content-length 372
GET H3	200	fixed.jpg www.fafins.xyz/templates/thtemp%20(225)/images/	5 KB 6 KB	300ms 299ms	Image image/jpeg	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/templates/thtemp%20(225)/images/fixed.jpg Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e169477b211535e0768a083f35222a05b07ce58a323e6d7173f314c51befbcf` Request headers Referer https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Fri, 18 Jun 2021 02:37:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0113fe2ea63d71:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=486uMKxJzN0a15Ge9GSeSG5NEHxQmn8HBWmEKqTjAAgqY97fcXLfuZH8S3BWE%2B%2B0Umw09Km24OtoC6tjmEKvsxO3zpvFkzup2NTydNIV4WNts8PhLTledsnlicPHfhmtPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9bc5c9d927f-FRA alt-svc h3=":443"; ma=86400 content-length 5459
GET H3	200	sub_bg.jpg www.fafins.xyz/templates/thtemp%20(225)/images/	30 KB 31 KB	443ms 442ms	Image image/jpeg	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/templates/thtemp%20(225)/images/sub_bg.jpg Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c4e8f8955e2ac2635c4734fdc0f8b4b5c57423f35ae7c34d2e55529b9ea63fdd` Request headers Referer https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "08213df6f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1IZ3sAdDf%2BkUQWrTKJj%2F%2BtvsO3n7iFEIi6o2eBMwEUVix3%2BjoogqH%2FDI5WykgLDObtBeRZVChC3Pv4fwVRMDF1PeWz9GjR%2BR5Rk1K%2BbPBCkMiJGG3V3QEvbwfc6TwdGZg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9bc5c9e927f-FRA alt-svc h3=":443"; ma=86400 content-length 30938
GET H3	200	title1.jpg www.fafins.xyz/templates/thtemp%20(225)/images/	2 KB 2 KB	300ms 299ms	Image image/jpeg	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/templates/thtemp%20(225)/images/title1.jpg Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `135ba833e6b6b2b8f8ee10345e248109a2298b6635207cf9502fa12558d2ea92` Request headers Referer https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0dc75e16f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQDPbnkJXS%2BosLq6a%2BflfNjg9jC7sIuLRHrtj77gxw2MrNLx5w1Vfu5%2FBNl1IvjXPc%2Fb%2FtV%2BOY7Bv8Vw3%2FN35wYRBIBFuhA32mnvbODMc%2FRd1bVPcCtChayMmX%2FU8HNwWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9bc5c9f927f-FRA alt-svc h3=":443"; ma=86400 content-length 1832
GET H3	200	right_name.jpg www.fafins.xyz/templates/thtemp%20(225)/images/	770 B 1 KB	300ms 300ms	Image image/jpeg	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafins.xyz/templates/thtemp%20(225)/images/right_name.jpg Requested by Host: www.fafins.xyz URL: https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dacb0389e9148000fdbc981cffff309d19c7fbae887006b7fb72d49bdca50533` Request headers Referer https://www.fafins.xyz/templates/thtemp%20(225)/style/master.css?t=8e39d7 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:29 GMT cf-cache-status MISS last-modified Thu, 06 Jul 2017 03:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0af44e06f6d21:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWZQS62jo0AMdkGB0WB7Otf2Et2Wvb6ztB65bnSk5vg8nPPQ7NTWJSItCNOah9ABvMM%2BIhy7dOX4xUkq4WcqPOcT7OV4%2BU5ark%2BXHkzYOBNEF7o4UfiR1AE1MsnfA9QHYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8ae3a9bc5ca1927f-FRA alt-svc h3=":443"; ma=86400 content-length 770
POST H/1.1	200 OK	collect Show response collect-v6.51.la/v6/	0 385 B	1534ms 504ms	XHR text/plain	154.85.69.9 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.9 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.fafins.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Mon, 05 Aug 2024 03:22:32 GMT Server nginx Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Origin https://www.fafins.xyz Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-Ser BC173_dx-lt-yd-zhejiang-huzhou-3-cache-13, BC6_DE-Frankfurt-Frankfurt-11-cache-1
GET H3	200	favicon.ico www.fafins.xyz/	15 KB 2 KB	487ms 487ms	Other image/x-icon	172.67.191.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafins.xyz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.191.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `31f2d9910836ecc017262057104cbed1c663933f6ea1299ba17acf4a2026baae` Request headers Referer https://www.fafins.xyz/obdietvfw_102717.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 03:22:30 GMT content-encoding br cf-cache-status MISS last-modified Thu, 06 Jun 2024 00:02:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0ea24dba4b7da1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1p2BgkNiarx8%2F%2F4jwVjhTNl90Ia9%2B0ipOnrX3XSOT7muHKSptJQRoRDm0lkLgZ6CM6jRw%2BvdD3bCCs7t9fqVNIe1blB15IDwrIz1ayYtaIM7hT5gz0%2FQQQlh%2FiYf%2FCBVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8ae3a9c49906927f-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fafins.xyz/	1969-12-31 23:59:59	Name: __vtins__3IwaJDkVEkCmNKLB Value: %7B%22sid%22%3A%20%227f2597d1-96d1-53b7-a2c8-eba556fe75c2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201722829950467%2C%20%22ct%22%3A%201722828150467%7D
www.fafins.xyz/	1970-01-21 08:09:48	Name: __51uvsct__3IwaJDkVEkCmNKLB Value: 1
www.fafins.xyz/	1970-01-21 08:09:48	Name: __51vcke__3IwaJDkVEkCmNKLB Value: 332a54aa-6f43-50b6-b4fc-1cc522eb07d5
www.fafins.xyz/	1970-01-21 08:09:48	Name: __51vuft__3IwaJDkVEkCmNKLB Value: 1722828150471

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

933321.com
collect-v6.51.la
sdk.51.la
www.fafins.xyz
154.85.69.5
154.85.69.9
172.67.176.212
172.67.191.143
135ba833e6b6b2b8f8ee10345e248109a2298b6635207cf9502fa12558d2ea92
2a56cddc10e62d2385605b846033baeeb81c15c815daa2c8147318c95bf4b5d5
31f2d9910836ecc017262057104cbed1c663933f6ea1299ba17acf4a2026baae
45d9a91890f468e7664e4d5a25d5651275204033684d38bb0a34aa49fa4ad96a
4ac814deec6161256f88d05649f4802ae9f58b24800f4105409f828f1228ab71
4d41e33ee759432b99e8651c9198f67d9ce571c11fe9680e8c051361e6a037f9
504361194175fd94aa5d9b8e94deabb1fbff968a7d02f565a1efda2618b142e6
542b188cb99d0ebb17fa41e8339d408ee614c542644c1b9dcd7d045d1bfa98c2
5501339aeccc9f3d7e0a38613d20a296f9c02ea9694e7a0d98c7fc1a96920e3c
607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5
6332a2b7681463db11940ca76aa2775266974c0899529bbd7c10ee997cedf7e8
780bb6b6c3905af38de75a374fe878543d4ea2002e406da23025f5b97d5453fa
833f77669127492f5a7fd195277fd9e70834debffe211b9afeb3998d8f1a09fe
8e169477b211535e0768a083f35222a05b07ce58a323e6d7173f314c51befbcf
b76b851a1786e9612d21d9b334d2d883fe8d5dd4b6b695f48731f5e555dc2172
bbedaf7e149c964e5ee6e4039cf65530416ef932951d01363c180b68e42dc3fe
bf84fa43da0572dc38604da28f229797e719617c94f9f6aab0c08a132f2984ce
c4e8f8955e2ac2635c4734fdc0f8b4b5c57423f35ae7c34d2e55529b9ea63fdd
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
dacb0389e9148000fdbc981cffff309d19c7fbae887006b7fb72d49bdca50533
e16773dd9bec49f9e4712480ac642cf0141a34e0de3159e88ce92a8299995880
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46fdd2762441576692ab1374ef07b7011601a1eac6bb0b6fc1e994da39af551
f89ad2fbc54ddd9e111ed8dc7b6e4d88e6c3463134b5264da879305866e5f458

www.fafins.xyz Open in urlscan Pro 172.67.191.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

190 kBTransfer

392 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

4 Cookies

Indicators

www.fafins.xyz Open in urlscan Pro
172.67.191.143 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

190 kB
Transfer

392 kB
Size

4
Cookies

26 HTTP transactions
0 data transactions