| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.2.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gcyccyz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 17 Apr 2024 04:42:25 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/bcc5fb0a8815/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759bf94aafe997e-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gcyccyz.com/favicon.ico | 91.204.226.160 | 200 OK | 18 kB |
URL GET HTTP/2www.gcyccyz.com/favicon.ico IP91.204.226.160:443 ASN#205960 Hdtidc Limited
CertificateIssuerLet's Encrypt Subjectwww.ydggame.com Fingerprint0C:EC:5B:01:68:02:24:C3:8F:40:C0:65:8E:56:A5:39:39:0A:2D:9D ValidityTue, 16 Apr 2024 13:03:21 GMT - Mon, 15 Jul 2024 13:03:20 GMT
File typeMS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hashca6619b86c2f6e6068b69ba3aaddb7e4 c44a1bb9d14385334eb851fbb0afb19d961c1ee7 17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09
Analyzer | Verdict | Alert | OpenPhish | phishing | Amazon.com Inc. |
GET /favicon.ico HTTP/1.1
Host: www.gcyccyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gcyccyz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 04:42:25 GMT
content-type: image/x-icon
content-length: 17542
last-modified: Fri, 15 Mar 2024 06:00:14 GMT
etag: "65f3e3ee-4486"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8759bf961fb49986/1713328946027/78g-8b8h5ppoa6h | 104.17.2.184 | | 6.2 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8759bf961fb49986/1713328946027/78g-8b8h5ppoa6h IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 80 x 59, 8-bit/color RGB, non-interlaced Hashb66de1d771eee6b738b921532c62f6e1 ef27c92904a23b595f63228649f51b625d9d2675 d636e3013ecf25c43384ddd8d19b201ea29084313b886742d51efd28d8d4f77e
GET /cdn-cgi/challenge-platform/h/b/i/8759bf961fb49986/1713328946027/78g-8b8h5ppoa6h HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xn4yk/0x4AAAAAAAXTRnbOhpSGF3ft/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:42:26 GMT
content-type: image/png
server: cloudflare
cf-ray: 8759bf9bac2b9986-CPH
alt-svc: h3=":443"; ma=86400
|
|
| www.questionsetter.com/api/jump.php | 43.133.208.44 | 403 Forbidden | 9.2 kB |
URL GET HTTP/2www.questionsetter.com/api/jump.php IP43.133.208.44:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
CertificateIssuerLet's Encrypt Subjectwww.aini1314.shop Fingerprint37:E0:F6:4F:5D:0D:BE:41:46:46:C6:F7:5E:FC:6D:D5:89:73:F2:A4 ValiditySat, 09 Mar 2024 14:33:43 GMT - Fri, 07 Jun 2024 14:33:42 GMT
File typegzip compressed data, from Unix Hashc02c731dda3609de0b1b0eb77257a612 ef4767692d87c8142ad414505be39a340a7a867b 0bc961ee2bc1caebbba95a8a432cda62202d4c1b4f52e395152a03e7baadcde0
GET /api/jump.php HTTP/1.1
Host: www.questionsetter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gcyccyz.com
DNT: 1
Connection: keep-alive
Referer: https://www.gcyccyz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: nginx
date: Wed, 17 Apr 2024 04:42:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-credentials: true
set-cookie: PHPSESSID=2t2qtsvq5d9o0ub20mpflndgtf; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js | 104.17.2.184 | 200 OK | 41 kB |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40613) Hashd1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370
GET /turnstile/v0/b/bcc5fb0a8815/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gcyccyz.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:42:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759bf94eb2d997e-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gcyccyz.com/js/axios.min.js | 91.204.226.160 | 200 OK | 18 kB |
URL GET HTTP/2www.gcyccyz.com/js/axios.min.js IP91.204.226.160:443 ASN#205960 Hdtidc Limited
CertificateIssuerLet's Encrypt Subjectwww.ydggame.com Fingerprint0C:EC:5B:01:68:02:24:C3:8F:40:C0:65:8E:56:A5:39:39:0A:2D:9D ValidityTue, 16 Apr 2024 13:03:21 GMT - Mon, 15 Jul 2024 13:03:20 GMT
File typeJavaScript source, ASCII text, with very long lines (17808) Hashc72ad70497ae20801ff742b93d57bb9f 3456d0d10e669d9575476d2372c588d6c8f7c28b aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69
Analyzer | Verdict | Alert | OpenPhish | phishing | Amazon.com Inc. |
GET /js/axios.min.js HTTP/1.1
Host: www.gcyccyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gcyccyz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 04:42:25 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 06:00:14 GMT
vary: Accept-Encoding
etag: W/"65f3e3ee-45b3"
expires: Wed, 17 Apr 2024 16:42:25 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| | 91.204.226.160 | 200 OK | 2.2 kB |
URL User Request GET HTTP/2IP91.204.226.160:443 ASN#205960 Hdtidc Limited
CertificateIssuerLet's Encrypt Subjectwww.ydggame.com Fingerprint0C:EC:5B:01:68:02:24:C3:8F:40:C0:65:8E:56:A5:39:39:0A:2D:9D ValidityTue, 16 Apr 2024 13:03:21 GMT - Mon, 15 Jul 2024 13:03:20 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2290), with no line terminators Hash7e71af8bb6354ad08052a8ab5537f139 3a345de0cbf9370192da8f2c51d1061c17ae89fe c4f637fe8cdd493d399ec5ce4aac89a7484aba19b3c35d3e454530b8ca01a885
Analyzer | Verdict | Alert | OpenPhish | phishing | Amazon.com Inc. |
GET / HTTP/1.1
Host: www.gcyccyz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 04:42:24 GMT
content-type: text/html
last-modified: Tue, 16 Apr 2024 14:00:01 GMT
vary: Accept-Encoding
etag: W/"661e8461-88c"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xn4yk/0x4AAAAAAAXTRnbOhpSGF3ft/auto/normal | 104.17.2.184 | 200 OK | 78 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xn4yk/0x4AAAAAAAXTRnbOhpSGF3ft/auto/normal IP104.17.2.184:443
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41919) Hashc4366530e6989bd590dee1353ebabb7f 22b73924a46082ba2c53f1b3a4fad1b9d088b6fa 1fb3d7207a8f4477aca43c1d67cd2ee612155e8a78f4575ac2fa2e421bf7ef25
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xn4yk/0x4AAAAAAAXTRnbOhpSGF3ft/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gcyccyz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:42:25 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 8759bf961fb49986-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|