Submitted URL: https://vmburneyi.github.io/liuyiliu65
Effective URL: https://yxngtkaivqd160.com/
Submission Tags: @phish_report
Submission: On June 19 via api from FI — Scanned from FI

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is yxngtkaivqd160.com.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time yxngtkaivqd160.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 2 185.199.109.153 54113 (FASTLY)
1 91.92.250.215 394711 (LIMENET)
5 188.114.97.3 13335 (CLOUDFLAR...)
1 104.18.26.170 13335 (CLOUDFLAR...)
10 5
Apex Domain
Subdomains
Transfer
5 yxngtkaivqd160.com
yxngtkaivqd160.com
105 KB
2 github.io
vmburneyi.github.io
1 KB
1 ipregistry.co
api.ipregistry.co — Cisco Umbrella Rank: 164749
1 KB
1 amghqfr.cn
amghqfr.cn
244 B
0 v-pass-ja.online Failed
www.v-pass-ja.online Failed
10 5
Domain Requested by
5 yxngtkaivqd160.com vmburneyi.github.io
yxngtkaivqd160.com
2 vmburneyi.github.io 1 redirects
1 api.ipregistry.co yxngtkaivqd160.com
1 amghqfr.cn vmburneyi.github.io
0 www.v-pass-ja.online Failed yxngtkaivqd160.com
10 5

This site contains no links.

Subject Issuer Validity Valid
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-15 -
2025-03-14
a year crt.sh
amghqfr.cn
R3
2024-06-01 -
2024-08-30
3 months crt.sh
yxngtkaivqd160.com
WE1
2024-06-18 -
2024-09-16
3 months crt.sh
ipregistry.co
GTS CA 1P5
2024-05-12 -
2024-08-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://yxngtkaivqd160.com/
Frame ID: F5E2B2A4AD08B06C676BF8BF4884CCB4
Requests: 9 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://vmburneyi.github.io/liuyiliu65 HTTP 301
    https://vmburneyi.github.io/liuyiliu65/ Page URL
  2. https://yxngtkaivqd160.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

108 kB
Transfer

250 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vmburneyi.github.io/liuyiliu65 HTTP 301
    https://vmburneyi.github.io/liuyiliu65/ Page URL
  2. https://yxngtkaivqd160.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vmburneyi.github.io/liuyiliu65 HTTP 301
  • https://vmburneyi.github.io/liuyiliu65/

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
vmburneyi.github.io/liuyiliu65/
Redirect Chain
  • https://vmburneyi.github.io/liuyiliu65
  • https://vmburneyi.github.io/liuyiliu65/
2 KB
1 KB
Document
General
Full URL
https://vmburneyi.github.io/liuyiliu65/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
42024f4190a4f0571604dab840b06e9d7b346f0205777a71acf4ef59fecaac14
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
12
cache-control
max-age=600
content-encoding
gzip
content-length
929
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 01:21:37 GMT
etag
W/"666fdc1c-6d8"
expires
Wed, 19 Jun 2024 01:31:26 GMT
last-modified
Mon, 17 Jun 2024 06:47:56 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
64d14f04f440e7ff7204c7ca88fc6d27578bc9e2
x-github-request-id
3D4C:226C6E:1A6E86F:1AEF252:66723294
x-proxy-cache
MISS
x-served-by
cache-hel1410025-HEL
x-timer
S1718760098.779212,VS0,VE1

Redirect headers

accept-ranges
bytes
age
12
content-length
162
content-type
text/html
date
Wed, 19 Jun 2024 01:21:37 GMT
location
https://vmburneyi.github.io/liuyiliu65/
permissions-policy
interest-cohort=()
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
97b0d01868370ce97038e65584017614ad8bfd89
x-github-request-id
54B7:ACFBF:3F36FCB:40D2EBB:66723295
x-served-by
cache-hel1410025-HEL
x-timer
S1718760098.606478,VS0,VE1
jumpSite
amghqfr.cn/api/
65 B
244 B
Fetch
General
Full URL
https://amghqfr.cn/api/jumpSite?siteName=liuyiliu65
Requested by
Host: vmburneyi.github.io
URL: https://vmburneyi.github.io/liuyiliu65/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.92.250.215 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://vmburneyi.github.io/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jun 2024 01:21:40 GMT
server
nginx
vary
Origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
https://vmburneyi.github.io
cache-control
no-cache
access-control-allow-credentials
true
content-length
65
Primary Request /
yxngtkaivqd160.com/
524 B
680 B
Document
General
Full URL
https://yxngtkaivqd160.com/
Requested by
Host: vmburneyi.github.io
URL: https://vmburneyi.github.io/liuyiliu65/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae96a869453843db4bd15335badfa8c195426e99066ba3ed877595d66b78a56

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://vmburneyi.github.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895fb426ccd01c04-AMS
content-encoding
br
content-type
text/html
date
Wed, 19 Jun 2024 01:21:41 GMT
last-modified
Tue, 18 Jun 2024 18:51:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhrXfzSlJjNDLHIiFpNvVmaCtWp63f1sSnaWcRnQw9%2BRe7oOz8JzO19esNZQ8ZesKI8nMu0TzLX2dj2XPgdKosNcsp29fL%2BdAvkEmcEpZwFqHIJ5VenPqrklObN%2BjJDBDdbOYus%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
index-RpWjqEMM.js
yxngtkaivqd160.com/assets/js/
238 KB
101 KB
Script
General
Full URL
https://yxngtkaivqd160.com/assets/js/index-RpWjqEMM.js
Requested by
Host: yxngtkaivqd160.com
URL: https://yxngtkaivqd160.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d03dd260add215a958b5c9768c66d07831de15f2ef07d730b054480f293a79

Request headers

Referer
https://yxngtkaivqd160.com/
Origin
https://yxngtkaivqd160.com
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jun 2024 01:21:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 18:51:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3308
etag
W/"6671d716-3b6e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwHrsaaxSDuGikHtM7CyaiVHJdeimlTaX%2F9gsDWEkVuY%2B5YMV6oTN8NlHECrtMw6OV2khtUDmGxphlRqMyPIv%2FNKt9%2FR8LM4OY6jYSCNqpL2B8qwOTqaPbL%2FPrAk3WCYfFfVPQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
895fb42aef671c04-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 12:26:33 GMT
index-CLoMKJac.css
yxngtkaivqd160.com/assets/css/
924 B
706 B
Stylesheet
General
Full URL
https://yxngtkaivqd160.com/assets/css/index-CLoMKJac.css
Requested by
Host: yxngtkaivqd160.com
URL: https://yxngtkaivqd160.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d15e0107fd31155399154b45dfdb9b5c11f27da3857bba4a1fbe6a597b4b1c

Request headers

Referer
https://yxngtkaivqd160.com/
Origin
https://yxngtkaivqd160.com
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jun 2024 01:21:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 18:51:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2359
etag
W/"6671d716-39c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdsBS%2F23q8ltiCfmjeNAT%2B%2F%2FSRotKq1xO3UHIu6TVcE3jGTqPi6nUZGEMUgYzNgNr54fVs5V1TBRt9OEBHPjIBtmpgzTAnZSPMPeKeJU5bB5FT%2BTlKykCmgmHnRo%2F412w9b0Dsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895fb42aef661c04-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 12:42:22 GMT
webConfig.js
yxngtkaivqd160.com/config/
200 B
485 B
Script
General
Full URL
https://yxngtkaivqd160.com/config/webConfig.js
Requested by
Host: yxngtkaivqd160.com
URL: https://yxngtkaivqd160.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656a3823097c005672e0bc334ec598ca8c0469de5a96f9b34ddac22b9578ab3b

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://yxngtkaivqd160.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jun 2024 01:21:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2024 20:31:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3307
etag
W/"6671ee96-c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3MXi7DkBLcgfVCAWbNnylRmkta3lLtr2fBPYaqtJVc3SGRnqdL1qa%2BT%2FvZRoaeS%2B%2BVjb2n1hDpFLV5%2FSJTCSVUXgQiYEacCQkVepR%2FCeGtS2ln5ZENvLMO3d%2FJ460vEEKwn10BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
895fb42aef681c04-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 12:26:33 GMT
/
api.ipregistry.co/
2 KB
1 KB
XHR
General
Full URL
https://api.ipregistry.co/?key=x60liearkojk1yb6
Requested by
Host: yxngtkaivqd160.com
URL: https://yxngtkaivqd160.com/assets/js/index-RpWjqEMM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c8d6863e807898ec1241b6a0f3820ddf5ed68c58728411947d65d58446d64c

Request headers

Accept
application/json, text/plain, */*
Referer
https://yxngtkaivqd160.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jun 2024 01:21:42 GMT
content-encoding
gzip
ipregistry-credits-consumed
1
cf-cache-status
DYNAMIC
ipregistry-region
fi-hel1
alt-svc
h3=":443"; ma=86400
content-length
1064
ipregistry-pod
ipregistry-api-57477fd8f4-gtfsp
server
cloudflare
ipregistry-credits-remaining
121408
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Ipregistry-Credits-Remaining, Ipregistry-Credits-Consumed, Ipregistry-Version, Ipregistry-Pod, Ipregistry-Region
ipregistry-version
1
cf-ray
895fb4303e788d74-HEL
favicon.ico
yxngtkaivqd160.com/
7 KB
2 KB
Other
General
Full URL
https://yxngtkaivqd160.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ebcbb963a5ef2f25b07ffee1a5fd457065349d1bb2697299945ca8135f6d8e

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://yxngtkaivqd160.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jun 2024 01:21:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 01:50:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2359
etag
W/"6611fbe6-1b36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oIBANq%2BjSYc%2BTXQQuWJrRaEvSHKE5hzLublv0g9Kl8APeJ2evr4Qnh%2BCcTl6kkPl4AzpAfxWHFKGAuV6qB4LoGMFJSoVLa5AMcDoyZCgH41e9ccscttJByg4CNzsglfUx3yM6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
895fb42d78f51c04-AMS
alt-svc
h3=":443"; ma=86400
create
www.v-pass-ja.online/api/visit/
0
0

create
www.v-pass-ja.online/api/visit/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.v-pass-ja.online
URL
https://www.v-pass-ja.online/api/visit/create
Domain
www.v-pass-ja.online
URL
https://www.v-pass-ja.online/api/visit/create

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webConfig object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __vueuse_ssr_handlers__ boolean| __VUE__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952