Report - etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/

Report Overview

Visitedpublic

2025-07-10 11:04:49

Tags

Submit Tags

URL

etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/

Finishing URL

etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/

IP / ASN

172.67.187.165

#13335 CLOUDFLARENET

Title

Suspected phishing site | Cloudflare

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

0

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
etc-geracle.nhyldd.cn	unknown	2025-03-30	2025-06-29	2025-07-06	2.1 kB	41 kB	104.21.80.235

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/	ScriptElement	210 B	2023-03-07	2025-08-02
URL etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ IP / ASN 104.21.80.235 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 161844 Size 210 B (210 bytes) MD5 ab1ac4cf0f484cc9f859c0a7983353e0 SHA1 2da142b1135bd10cdbed4a7353e4483acc30ebe9 SHA256 50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324 Format Code Loading...

	etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/	ScriptElement	375 B	2023-03-07	2025-08-02
URL etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ IP / ASN 104.21.80.235 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 167748 Size 375 B (375 bytes) MD5 56df91490fa1984fa82b297dcb23c22d SHA1 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 SHA256 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Format Code Loading...

	etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/	ScriptElement	38 B	2023-03-07	2025-08-02
URL etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ IP / ASN 104.21.80.235 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 124778 Size 38 B (38 bytes) MD5 eb2ee6e4b3d4e81bacdb2474d9b3c2f5 SHA1 6588855b25c975b224e0fd1b50ca1b3f36cd46ed SHA256 3dd83a652b2e60d8dfc699cd2006f70007b826a92b49e61e9194bf422481ac05 Format Code Loading...

HTTP Transactions (5)

	URL	IP	Response	Size
	GET etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/	104.21.80.235	403 Forbidden	4.6 kB
URL etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ IP / ASN 104.21.80.235 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeHTML document, ASCII text, with very long lines (394) First Seen2025-07-10 Last Seen2025-07-10 Times Seen1 Size4.6 kB (4566 bytes) MD5a6f1aa25801f0f6b0ecba462623cd152 SHA1e55888243510bda4db6a88871773eee6c00d135c SHA256388db455dfe0d230c7eb4981734653379f2dcff822ff626a27827981bc5fe625 Certificate Info IssuerGoogle Trust Services Subjectnhyldd.cn Fingerprint49:28:91:56:A8:F9:95:26:A9:AF:7C:B8:4A:51:D4:57:D6:72:55:9C ValidityFri, 27 Jun 2025 17:16:26 GMT - Thu, 25 Sep 2025 18:14:55 GMT HTTP Headers `GET /Rfuncc1013000extfunc/ HTTP/1.1 Host: etc-geracle.nhyldd.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 403 Forbidden date: Thu, 10 Jul 2025 11:04:26 GMT content-type: text/html; charset=UTF-8 x-frame-options: SAMEORIGIN report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Fi8fhgq8MU8LXJ1XZQzqpM%2B318pTKj5avc9rGni79MWo%2FVkbP77AbiFCMuet9G4wxL%2B71HmfG3DurDxnq5Et5OpNiLlGm3iznXFiHzfQ15468er8GDQeOSKO57IgWvBUBZF5jfpjbI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 95cf949048a556aa-OSL content-encoding: gzip X-Firefox-Spdy: h2

	GET etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/	172.67.187.165	403 Forbidden	4.6 kB
URL etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ IP / ASN 172.67.187.165 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeHTML document, ASCII text, with very long lines (394) First Seen2025-07-10 Last Seen2025-07-10 Times Seen1 Size4.6 kB (4566 bytes) MD5b6439e4f36834ef8ad5f05d4acdd51fe SHA11bb7bd6223a48494e901d8873a9a308228625bb9 SHA256b0fb5a785c757c43aa04e90da59591330b7a44fecccbc747274cc1ad6744d0c7 HTTP Headers `GET /Rfuncc1013000extfunc/ HTTP/1.1 Host: etc-geracle.nhyldd.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Thu, 10 Jul 2025 11:04:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dt1iXEB%2BA4VuSypPHjANoJt6RkkeXpOCOH8x1lFzYRQAYv0Pj2oG18JjaHVnNNomwm5QKpKU2%2Fa%2FGDIcQoJTmv1ED4ReP1JrbiGKsGETNBD9mfK38XoFvZPMP53ZjzTJFis568rYEB4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 95cf94914e99569a-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60

	GET etc-geracle.nhyldd.cn/cdn-cgi/styles/cf.errors.css	172.67.187.165	200 OK	24 kB
URL etc-geracle.nhyldd.cn/cdn-cgi/styles/cf.errors.css IP / ASN 172.67.187.165 #13335 CLOUDFLARENET Requested byhttp://etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ Resource Info File typeASCII text, with very long lines (24050) First Seen0001-01-01 Last Seen2025-08-02 Times Seen229568 Size24 kB (24051 bytes) MD55e8c69a459a691b5d1b9be442332c87d SHA1f24dd1ad7c9080575d92a9a9a2c42620725ef836 SHA25684e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091 HTTP Headers `GET /cdn-cgi/styles/cf.errors.css HTTP/1.1 Host: etc-geracle.nhyldd.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Thu, 10 Jul 2025 11:04:27 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Vary: accept-encoding Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5LG7cIbV5x4WvLwJdShhH8HgAh7RT4%2FPYr5Ewc3w4q9l%2FVdOF47%2B5G699ehU2u92HWstBcX%2FpY2KC2kvLLqF9neuCf3loMtcx%2FgwWIsFCenqOCM%3D"}]} Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Content-Encoding: gzip Server: cloudflare CF-RAY: 95cf9492387a569a-OSL

	GET etc-geracle.nhyldd.cn/favicon.ico	172.67.187.165	403 Forbidden	4.5 kB
URL etc-geracle.nhyldd.cn/favicon.ico IP / ASN 172.67.187.165 #13335 CLOUDFLARENET Requested byhttp://etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ Resource Info File typeHTML document, ASCII text, with very long lines (396) First Seen2025-07-10 Last Seen2025-07-10 Times Seen1 Size4.5 kB (4543 bytes) MD531a90d0be1864ce1a96bc400134dae74 SHA1b78e72a6060d8e41649d79f426968a3c836758fa SHA2563d517e6ca1a4717fbbe573f9ed87cae04894d0a25b165019ca1759f09827d3d0 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: etc-geracle.nhyldd.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Date: Thu, 10 Jul 2025 11:04:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN Vary: accept-encoding Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jQVjlTJtXftUtfzEA8yqGiTS6JPlm5x024KbgqxMuwMJK%2Bxwack8NVhws1hz6sTbskpNIyA%2F0ENOD1ncd%2F5pllZ7RNh4YS1Z7Q8%2BuwcYO7dXOnk%3D"}]} Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Content-Encoding: gzip Server: cloudflare CF-RAY: 95cf949278e8569a-OSL alt-svc: h2=":443"; ma=60

	GET etc-geracle.nhyldd.cn/cdn-cgi/images/icon-exclamation.png?1376755637	172.67.187.165	200 OK	452 B
URL etc-geracle.nhyldd.cn/cdn-cgi/images/icon-exclamation.png?1376755637 IP / ASN 172.67.187.165 #13335 CLOUDFLARENET Requested byhttp://etc-geracle.nhyldd.cn/Rfuncc1013000extfunc/ Resource Info File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced First Seen2023-04-12 Last Seen2025-08-02 Times Seen200612 Size452 B (452 bytes) MD5c33de66281e933259772399d10a6afe8 SHA1b9f9d500f8814381451011d4dcf59cd2d90ad94f SHA256f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016 HTTP Headers `GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: etc-geracle.nhyldd.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://etc-geracle.nhyldd.cn/cdn-cgi/styles/cf.errors.css Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 10 Jul 2025 11:04:27 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Vary: accept-encoding Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=t5tTrnPysnZCPc6nM5wVRXtBlEdTbQOMHmi1zESx5Y9nESM1Mvu3ezFT2agTbxH%2BHA0WzpDZ26SLue5Ejvb03Njzv5kiWVA%2BnQUrS%2F79AOh4M%2Bc%3D"}]} Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Server: cloudflare CF-RAY: 95cf94929917569a-OSL`