urlscan.io logo urlscan.io
SecurityTrails logo

app1.g9s3gt.click Open in urlscan Pro
38.46.12.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://app1.g9s3gt.click/
Submission Tags: @phishunt_io
Submission: On December 14 via api from DE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 21 domains to perform 42 HTTP transactions. The main IP is 38.46.12.50, located in Los Angeles, United States and belongs to GNETINC-AS-AP GNET INC., US. The main domain is app1.g9s3gt.click.
TLS certificate: Issued by R10 on November 12th 2024. Valid for: 3 months.
This is the only time app1.g9s3gt.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 38.46.12.50 9294 (GNETINC-A...)
1 18.238.243.84 16509 (AMAZON-02)
2 13.248.176.92 16509 (AMAZON-02)
1 20.205.39.225 8075 (MICROSOFT...)
1 185.213.240.188 209242 (CLOUDFLAR...)
42 6
23    38.46.12.50 (Los Angeles, United States)

ASN9294 (GNETINC-AS-AP GNET INC., US)
app1.g9s3gt.click
www.yeyangjj.com
1    18.238.243.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-84.ams58.r.cloudfront.net
fpnpmcdn.net
2    13.248.176.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: a46a250059e296ddb.awsglobalaccelerator.com
api.fpjs.io
1    20.205.39.225 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tcdn.3wij4.xyz
1    185.213.240.188 (Frankfurt (Oder), Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
www.zshujia.com
Apex Domain
Subdomains		 Transfer
22 g9s3gt.click
app1.g9s3gt.click
1 MB
2 fpjs.io
api.fpjs.io — Cisco Umbrella Rank: 55560
1 KB
1 zshujia.com
www.zshujia.com
477 B
1 yeyangjj.com
www.yeyangjj.com
476 B
1 3wij4.xyz
tcdn.3wij4.xyz
3 KB
1 fpnpmcdn.net
fpnpmcdn.net — Cisco Umbrella Rank: 32280
58 KB
0 zrkampoon.com Failed
www.zrkampoon.com Failed
0 zgyszysc.com Failed
www.zgyszysc.com Failed
0 xylykj.com Failed
www.xylykj.com Failed
0 whxjda.com Failed
www.whxjda.com Failed
0 zsjunya.com Failed
www.zsjunya.com Failed
0 yjfcwang.com Failed
www.yjfcwang.com Failed
0 xylgmc.com Failed
www.xylgmc.com Failed
0 whshuyi.com Failed
www.whshuyi.com Failed
0 zhytsty.com Failed
www.zhytsty.com Failed
0 yibodianzi.com Failed
www.yibodianzi.com Failed
0 wanyao1.com Failed
www.wanyao1.com Failed
0 zsdixiong.com Failed
www.zsdixiong.com Failed
0 xalygps.com Failed
www.xalygps.com Failed
0 tianyun38.com Failed
www.tianyun38.com Failed
0 o4iht.xyz Failed
xyuncdn.o4iht.xyz Failed
42 21
Domain Requested by
22 app1.g9s3gt.click 1 redirects app1.g9s3gt.click
2 api.fpjs.io fpnpmcdn.net
1 www.zshujia.com
1 www.yeyangjj.com
1 tcdn.3wij4.xyz
1 fpnpmcdn.net app1.g9s3gt.click
0 www.zrkampoon.com Failed
0 www.zgyszysc.com Failed
0 www.xylykj.com Failed
0 www.whxjda.com Failed
0 www.zsjunya.com Failed
0 www.yjfcwang.com Failed
0 www.xylgmc.com Failed
0 www.whshuyi.com Failed
0 www.zhytsty.com Failed
0 www.yibodianzi.com Failed
0 www.wanyao1.com Failed
0 www.zsdixiong.com Failed
0 www.xalygps.com Failed
0 www.tianyun38.com Failed
0 xyuncdn.o4iht.xyz Failed
42 21

This site contains links to these domains. Also see Links.

Domain
www.manycai.com
www.lopa1k9.xyz
www.manycai.club
Subject Issuer Validity Valid
app1.g9s3gt.click
R10		 2024-11-12 -
2025-02-10		 3 months crt.sh
fpcdn.io
Amazon RSA 2048 M03		 2024-09-10 -
2025-10-09		 a year crt.sh
api.fpjs.io
Amazon RSA 2048 M03		 2024-10-16 -
2025-11-15		 a year crt.sh
tcdn.p7o4je.click
R10		 2024-10-10 -
2025-01-08		 3 months crt.sh
www.yeyangjj.com
R11		 2024-11-18 -
2025-02-16		 3 months crt.sh
www.zshujia.com
R10		 2024-10-22 -
2025-01-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.g9s3gt.click/
Frame ID: 02A20AB0D930BD516ABF8DF0DDA3F3C3
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XYUN Loto

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

42
Requests

62 %
HTTPS

0 %
IPv6

21
Domains

21
Subdomains

6
IPs

3
Countries

1479 kB
Transfer

5869 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://app1.g9s3gt.click//point.bmp?r=807038 HTTP 301
  • https://app1.g9s3gt.click/point.bmp?r=807038

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app1.g9s3gt.click/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
52071e9da841e5e202a9f3447289c44a80ee338e5809141215f5798167d7f6db
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-allow-origin
*
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 22:53:15 GMT
server
****
strict-transport-security
max-age=0; preload
vary
Accept-Encoding
x-cache
BYPASS
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-request-id
0b0319844b6ead12251542bcde721491
0.95a06820cd4ce24938bd.css
app1.g9s3gt.click/webx/xy6/desktop/styles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/styles/0.95a06820cd4ce24938bd.css?v=23.12.02.62535
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
3105d20069dc22604d2b9f2b6b287c7b
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-2421"
expires
Sat, 21 Dec 2024 22:53:15 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:15 GMT
x-xss-protection
1
content-type
text/css
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
index.95a0.css
app1.g9s3gt.click/webx/xy6/desktop/styles/ 		1 MB
248 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
90047fdcbd8cee49115676d9b355002c6711852369aca00d522d4a63fd85ae95
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
c409b00513164db86d1ce54733254d00
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-120672"
expires
Sat, 21 Dec 2024 22:53:15 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:15 GMT
x-xss-protection
1
content-type
text/css
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
chunk.vendor.649e.js
app1.g9s3gt.click/webx/xy6/desktop/javascript/ 		1 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/javascript/chunk.vendor.649e.js?v=23.12.02.62535
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
f99e9dd73030f454adefb82e37c7e216a95610d5a8216b147c51469a3e356f41
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
16e227370ba1e551184e8f290b198b0e
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-111e75"
expires
Sat, 21 Dec 2024 22:53:15 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:15 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
base.95a0.js
app1.g9s3gt.click/webx/xy6/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/javascript/base.95a0.js?v=23.12.02.62535
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
99aea34ea462e3d91ee94dc0dcfb3085b08627048e53e57d0a1200a5ff4ba8e7
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
d3d667ae81032618d525710555388e07
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-26b1"
expires
Sat, 21 Dec 2024 22:53:15 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:15 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
bootstrap.95a0.js
app1.g9s3gt.click/webx/xy6/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/javascript/bootstrap.95a0.js?v=23.12.02.62535
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
a13bdba547c8a6da367aff334fbf2e5796547d3bce504c86b78cfdee86d699ca
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
588706a7150ce5bc3c76133b167e3a6f
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-2511"
expires
Sat, 21 Dec 2024 22:53:15 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:15 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
index.95a0.js
app1.g9s3gt.click/webx/xy6/desktop/javascript/ 		955 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/javascript/index.95a0.js?v=23.12.02.62535
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
556ddb4aa899e9ea75cbd06fbb7d94afd47564db50c7535b8bedea0c30ada5f2
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
fb4d97dc9fb85be0c3e264c4075e5fb8
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-eecf4"
expires
Sat, 21 Dec 2024 22:53:15 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:15 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
/
app1.g9s3gt.click/api/settings/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/api/settings/?fields=
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/javascript/chunk.vendor.649e.js?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
628ad4df254c37785cd4250bc3002c99ad63856f626b268705b45acfb1938dcd
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload

Request headers

Authorization
bearer undefined
Referer
https://app1.g9s3gt.click/
Accept-Language
zh-CN
X-Sign1-Ts
1734216797,oxbfnmigfueijwzn928pld2pbhoxit,1
UUID
X-Sign1
f988905d27d57703ae85b7edcccc8e1d2fe1d8ba6fca669480bdeed99deec823
Accept-Currency
cny
X-Crypto
no
Source
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/vnd.sc-api.v1.json

Response headers

access-control-max-age
86400
x-request-id
8a43dc723a8c459993b5c26b9e2993ac
access-control-expose-headers
Authorization, Set-Cookie
content-encoding
gzip
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
x-cache
BYPASS
date
Sat, 14 Dec 2024 22:53:17 GMT
content-type
application/json
vary
Accept-Encoding
x-runtime
0.122
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
strict-transport-security
max-age=0; preload
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-remaining
299
access-control-allow-origin
*
x-ratelimit-limit
300
server
****
loader_v3.8.5.js
fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/loader_v3.8.5.js
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/javascript/chunk.vendor.649e.js?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-84.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
b2b33703fd3cc4a83fe21aa030c3a910177fd23db59c1f49eb9ecf70eca6ba98
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

content-encoding
br
etag
W/"nuh64RwFb9w+1/i8HzzXTMTQQ8s"
age
267145
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FAlD-6I0s2xBoKa7x-33FcUa8R7iWm9gGSh01SWR8bC9bYBgfwi9_A==
date
Wed, 11 Dec 2024 20:40:52 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=3687, s-maxage=607995
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 e6ef76f348359a0bc64c007ab009ebd2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P1
server
CloudFront
qAo6p
api.fpjs.io/xridvya/ 		96 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.fpjs.io/xridvya/qAo6p?q=Qf03IlZvWYpiAIoayrbo
Requested by
Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/loader_v3.8.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.176.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a46a250059e296ddb.awsglobalaccelerator.com
Software
/
Resource Hash
384b25a04cbdacad3c9748dcc6e5bbcf238bea38f5563b153d27d5860d340f75
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=63072000
x-robots-tag
noindex
content-security-policy
default-src 'none'; frame-ancestors 'none'
access-control-expose-headers
Retry-After
cache-control
max-age=31536000, immutable, private
timing-allow-origin
*
referrer-policy
no-referrer
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
96
date
Sat, 14 Dec 2024 22:53:18 GMT
content-type
text/plain; charset=utf-8
x-frame-options
DENY
favicon.ico
app1.g9s3gt.click/webx/xy6/static/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
72e52d6b6242a8a408e22d10b3a142ec77f19d8889cbf6eb43c02ccdc12c4978
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
e3425d6b889137769b4d241e4a787e85
cache-control
max-age=604800
content-encoding
gzip
etag
W/"644a37aa-47e"
expires
Sat, 21 Dec 2024 22:53:18 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/x-icon
last-modified
Thu, 27 Apr 2023 08:51:54 GMT
server
****
vary
Accept-Encoding
methods.js
app1.g9s3gt.click/webx/xy6/static/ 		2 MB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/static/methods.js?1601566b
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/javascript/index.95a0.js?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
4140ce099982e7543b82a1c5e60eb662041986fde4e84fbfdedca9f33d0e2891
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
f82983cae205fb272613d10744ebabc7
cache-control
max-age=604800
content-encoding
gzip
etag
W/"675b24e4-2173cf"
expires
Sat, 21 Dec 2024 22:53:18 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
application/x-javascript
last-modified
Thu, 12 Dec 2024 18:01:08 GMT
server
****
vary
Accept-Encoding
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
b01f9e.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/b01f9e.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
09c8430f441968be1a763e4d0b0b4035da0e06f9170697acf2ffdb39cd69c202
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
8f5317943c0b137132ce53a4db35b076
cache-control
max-age=604800
etag
"644a3796-1a51"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
6737
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Thu, 27 Apr 2023 08:51:34 GMT
server
****
qr_code_auto.png
xyuncdn.o4iht.xyz/xyun/ 		0
0
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
qr_code.png
tcdn.3wij4.xyz/xyun/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.3wij4.xyz/xyun/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.205.39.225 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
36a5755f9b428682f23dade18dcd0a182a6e46da8e797d6a07d3a95dae342050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
cache-control
max-age=600
http-geo-ipcountry
SE
etag
"6667c022-aec"
x-forwarded-port
443
expires
Sat, 14 Dec 2024 23:03:19 GMT
x-proxy-cache
REVALIDATED
accept-ranges
bytes
content-length
2796
date
Sat, 14 Dec 2024 22:53:19 GMT
x-xss-protection
1
content-type
image/png
last-modified
Tue, 11 Jun 2024 03:10:26 GMT
server
nginx
x-remote-addr
45.74.44.8
51d365.jpg
app1.g9s3gt.click/webx/xy6/desktop/images/ 		228 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/51d365.jpg
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
8a335ca2723e4f3dd122ba8c407829cea16191c46f137db866c9f065dfac5a37
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
be1e048be9f7cb1f78880c527ed4d360
cache-control
max-age=604800
content-encoding
gzip
etag
W/"60c79bc7-38fb4"
expires
Sat, 21 Dec 2024 22:53:18 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/jpeg
last-modified
Mon, 14 Jun 2021 18:11:19 GMT
server
****
vary
Accept-Encoding
eff832.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/eff832.png
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
93aae5bf9d59cc5991ad273591e8ceeb45df699a0120faea7dce43a73be82017
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
fdc67bb45f0633e03fe24cea39b113da
cache-control
max-age=604800
etag
"643f7c15-2da9"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
11689
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Wed, 19 Apr 2023 05:28:53 GMT
server
****
a9b14d.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/a9b14d.png
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
288c96b9004e4d79f8cdea8144aa56651cafd3c1fe29ec9af9cf2f8b68c25aed
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
6c3e3586f3b57af64aa272dbca31eb52
cache-control
max-age=604800
etag
"60c79bc8-5777"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
22391
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Mon, 14 Jun 2021 18:11:20 GMT
server
****
6ba544.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/6ba544.png
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
fce594f41d2e2076fc1a5280296af05687d792d5d0fc0fe25db61be612cef8c5
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
9db1a1c6e9ad061e9b42d488fe9febcf
cache-control
max-age=604800
etag
"60c79bc7-3217"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
12823
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Mon, 14 Jun 2021 18:11:19 GMT
server
****
38b71c.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/38b71c.png
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
54b91a521b6e8c931736fdc8916a0a2c01403dab826c08e48e4cddcd804d7cc4
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
ea0e73395c42e51301fa0b6882fad323
cache-control
max-age=604800
etag
"644a3796-3131"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
12593
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Thu, 27 Apr 2023 08:51:34 GMT
server
****
f5d57e.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/f5d57e.png
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
6d9c65eccff9b9bd0acea537683d93f7ce4838adfc7dc0e2f86b7818cc25f713
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
1d0fdad7d0996a5c7487ba334bbfcee7
cache-control
max-age=604800
etag
"644a42a6-2bfc"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
11260
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Thu, 27 Apr 2023 09:38:46 GMT
server
****
aed4e7.png
app1.g9s3gt.click/webx/xy6/desktop/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/webx/xy6/desktop/images/aed4e7.png
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
06093f2540e68155f7fff80dc0e7968ee9c222dda462cd2b55268b336faf9708
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/webx/xy6/desktop/styles/index.95a0.css?v=23.12.02.62535

Response headers

strict-transport-security
max-age=0; preload
x-request-id
1833dc87b748b05d73f53e7c986ea03b
cache-control
max-age=604800
etag
"644a42a5-248c"
expires
Sat, 21 Dec 2024 22:53:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
9356
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/png
last-modified
Thu, 27 Apr 2023 09:38:45 GMT
server
****
favicon.ico
app1.g9s3gt.click/webx/xy6/static/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/webx/xy6/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
72e52d6b6242a8a408e22d10b3a142ec77f19d8889cbf6eb43c02ccdc12c4978
Security Headers
Name Value
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

x-request-id
e3425d6b889137769b4d241e4a787e85
cache-control
max-age=604800
content-encoding
gzip
etag
W/"644a37aa-47e"
expires
Sat, 21 Dec 2024 22:53:18 GMT
access-control-allow-origin
*
x-cache
MISS
date
Sat, 14 Dec 2024 22:53:18 GMT
x-xss-protection
1
content-type
image/x-icon
last-modified
Thu, 27 Apr 2023 08:51:54 GMT
server
****
vary
Accept-Encoding
speedtests
app1.g9s3gt.click/api/domain/platform/ 		373 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.g9s3gt.click/api/domain/platform/speedtests
Requested by
Host: app1.g9s3gt.click
URL: https://app1.g9s3gt.click/webx/xy6/desktop/javascript/chunk.vendor.649e.js?v=23.12.02.62535
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
3fedeb5687168703aef81b29501029eb34f1b5019d78318c3ab0c307e5396e5b
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload

Request headers

Authorization
bearer undefined
Referer
https://app1.g9s3gt.click/
Accept-Language
zh-CN
X-Sign1-Ts
1734216797,npv9bd107b7aqgu5qzi,1
UUID
X-Sign1
e9c80d28dcf51ea0ab541b41b2936d17f0af028829643946b204717859e97547
Accept-Currency
cny
X-Crypto
no
Source
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/vnd.sc-api.v1.json

Response headers

access-control-max-age
86400
x-request-id
90138fe78c38751038b3ab512c90c4a8
access-control-expose-headers
Authorization, Set-Cookie
content-encoding
gzip
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
x-cache
BYPASS
date
Sat, 14 Dec 2024 22:53:18 GMT
content-type
application/json
vary
Accept-Encoding
x-runtime
0.045
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
strict-transport-security
max-age=0; preload
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-remaining
299
access-control-allow-origin
*
x-ratelimit-limit
300
server
****
point.bmp
www.tianyun38.com/ 		0
0
point.bmp
www.xalygps.com/ 		0
0
point.bmp
www.yeyangjj.com/ 		68 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yeyangjj.com/point.bmp?r=477544
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
ac3206ab8506e048a6d22d67dc4ae99c
cache-control
max-age=604800
etag
"5b4ee90b-44"
expires
Sat, 21 Dec 2024 22:53:19 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
68
date
Sat, 14 Dec 2024 22:53:19 GMT
x-xss-protection
1
content-type
image/x-ms-bmp
last-modified
Wed, 18 Jul 2018 07:15:23 GMT
server
****
point.bmp
www.zsdixiong.com/ 		0
0
point.bmp
www.wanyao1.com/ 		0
0
point.bmp
www.yibodianzi.com/ 		0
0
point.bmp
www.zhytsty.com/ 		0
0
point.bmp
www.zshujia.com/ 		68 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zshujia.com/point.bmp?r=380297
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.213.240.188 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
a5c6c32e84503befa38555f1effc4914
cache-control
max-age=604800
etag
"644a2a7f-44"
expires
Sat, 21 Dec 2024 22:53:20 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
68
date
Sat, 14 Dec 2024 22:53:20 GMT
x-xss-protection
1
content-type
image/x-ms-bmp
last-modified
Thu, 27 Apr 2023 07:55:43 GMT
server
****
point.bmp
www.whshuyi.com/ 		0
0
point.bmp
www.xylgmc.com/ 		0
0
point.bmp
www.yjfcwang.com/ 		0
0
point.bmp
www.zsjunya.com/ 		0
0
point.bmp
www.whxjda.com/ 		0
0
point.bmp
www.xylykj.com/ 		0
0
point.bmp
www.zgyszysc.com/ 		0
0
point.bmp
www.zrkampoon.com/ 		0
0
point.bmp
app1.g9s3gt.click/
Redirect Chain
  • https://app1.g9s3gt.click//point.bmp?r=807038
  • https://app1.g9s3gt.click/point.bmp?r=807038
68 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.g9s3gt.click/point.bmp?r=807038
Protocol
H2
Server
38.46.12.50 Los Angeles, United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=0; preload
x-request-id
364225c3c0ebe3b20296b1d6a79e7cdf
cache-control
max-age=604800
etag
"644a414b-44"
expires
Sat, 21 Dec 2024 22:53:19 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
content-length
68
date
Sat, 14 Dec 2024 22:53:19 GMT
x-xss-protection
1
content-type
image/x-ms-bmp
last-modified
Thu, 27 Apr 2023 09:32:59 GMT
server
****

Redirect headers

strict-transport-security
max-age=0; preload
x-request-id
e9469176212a7e6fcfe90161c6f2e7d4
location
/point.bmp?r=807038
access-control-allow-origin
*
content-length
54
date
Sat, 14 Dec 2024 22:53:19 GMT
content-type
text/html; charset=utf-8
server
****
/
api.fpjs.io/ 		444 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.fpjs.io/?ci=js/3.11.5&q=Qf03IlZvWYpiAIoayrbo&ii=fingerprintjs-pro-react/2.5.1/react/16.14.0&ii=fingerprintjs-pro-spa/1.1.3
Requested by
Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/loader_v3.8.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.176.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a46a250059e296ddb.awsglobalaccelerator.com
Software
/
Resource Hash
a81e0d6d3ab9e40885c7cf03d0fb2fa7b9f1e271fadb2967abd519e070d35295
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://app1.g9s3gt.click/

Response headers

strict-transport-security
max-age=63072000
content-security-policy
default-src 'none'; frame-ancestors 'none'
access-control-expose-headers
Retry-After
timing-allow-origin
*
access-control-allow-credentials
true
referrer-policy
no-referrer
x-content-type-options
nosniff
access-control-allow-origin
https://app1.g9s3gt.click
content-length
444
date
Sat, 14 Dec 2024 22:53:19 GMT
content-type
text/plain
vary
Origin
x-frame-options
DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xyuncdn.o4iht.xyz
URL
https://xyuncdn.o4iht.xyz/xyun/qr_code_auto.png
Domain
www.tianyun38.com
URL
https://www.tianyun38.com/point.bmp?r=997801
Domain
www.xalygps.com
URL
https://www.xalygps.com/point.bmp?r=825784
Domain
www.zsdixiong.com
URL
https://www.zsdixiong.com/point.bmp?r=599986
Domain
www.wanyao1.com
URL
https://www.wanyao1.com/point.bmp?r=428435
Domain
www.yibodianzi.com
URL
https://www.yibodianzi.com/point.bmp?r=177058
Domain
www.zhytsty.com
URL
https://www.zhytsty.com/point.bmp?r=829511
Domain
www.whshuyi.com
URL
https://www.whshuyi.com/point.bmp?r=359734
Domain
www.xylgmc.com
URL
https://www.xylgmc.com/point.bmp?r=966413
Domain
www.yjfcwang.com
URL
https://www.yjfcwang.com/point.bmp?r=617127
Domain
www.zsjunya.com
URL
https://www.zsjunya.com/point.bmp?r=222265
Domain
www.whxjda.com
URL
https://www.whxjda.com/point.bmp?r=622107
Domain
www.xylykj.com
URL
https://www.xylykj.com/point.bmp?r=630485
Domain
www.zgyszysc.com
URL
https://www.zgyszysc.com/point.bmp?r=153798
Domain
www.zrkampoon.com
URL
https://www.zrkampoon.com/point.bmp?r=881336

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| setImmediate function| clearImmediate function| PushStream object| PushStreamManager object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole string| UUID function| _i18n number| serverTime number| localTime number| during object| __METHODS_STATIC__ function| Function function| Object string| __fpjs_pvid

4 Cookies

Domain/Path Name / Value
app1.g9s3gt.click/ Name: session_sslproxy_server
Value: e0a64862-459a-48f086658311b57bd9576de379b1bdbf77ae
app1.g9s3gt.click/ Name: currency
Value: cny
.fpjs.io/ Name: _iidt
Value: wDzQ2qwIZCf+nCZKeuVW8B22rdfL0OUmesR7kJZVNXhA7Cxzpsj/bY5M/vgXPMvgJSyEzg/0jMs8hp6N1NlOZL0=
.g9s3gt.click/ Name: _vid_t
Value: TVW5PrS2HRjiGotH3VF0lnb/9J0Y41f89jSfBRsl75p7zg8Q3D5PThB9zZGEUiCGYHfbcgOzR5VcNjdTTWNUvHI=

11 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app1.g9s3gt.click/#/login
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://www.zhytsty.com/point.bmp?r=829511
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
rendering warning URL: https://app1.g9s3gt.click/#/login
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E0260124070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://www.xylgmc.com/point.bmp?r=966413
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.xalygps.com/point.bmp?r=825784
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.tianyun38.com/point.bmp?r=997801
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.whxjda.com/point.bmp?r=622107
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.wanyao1.com/point.bmp?r=428435
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.zsdixiong.com/point.bmp?r=599986
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.zrkampoon.com/point.bmp?r=881336
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://www.zgyszysc.com/point.bmp?r=153798
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.fpjs.io
app1.g9s3gt.click
fpnpmcdn.net
tcdn.3wij4.xyz
www.tianyun38.com
www.wanyao1.com
www.whshuyi.com
www.whxjda.com
www.xalygps.com
www.xylgmc.com
www.xylykj.com
www.yeyangjj.com
www.yibodianzi.com
www.yjfcwang.com
www.zgyszysc.com
www.zhytsty.com
www.zrkampoon.com
www.zsdixiong.com
www.zshujia.com
www.zsjunya.com
xyuncdn.o4iht.xyz
www.tianyun38.com
www.wanyao1.com
www.whshuyi.com
www.whxjda.com
www.xalygps.com
www.xylgmc.com
www.xylykj.com
www.yibodianzi.com
www.yjfcwang.com
www.zgyszysc.com
www.zhytsty.com
www.zrkampoon.com
www.zsdixiong.com
www.zsjunya.com
xyuncdn.o4iht.xyz
13.248.176.92
18.238.243.84
185.213.240.188
20.205.39.225
38.46.12.50
06093f2540e68155f7fff80dc0e7968ee9c222dda462cd2b55268b336faf9708
09c8430f441968be1a763e4d0b0b4035da0e06f9170697acf2ffdb39cd69c202
288c96b9004e4d79f8cdea8144aa56651cafd3c1fe29ec9af9cf2f8b68c25aed
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
36a5755f9b428682f23dade18dcd0a182a6e46da8e797d6a07d3a95dae342050
384b25a04cbdacad3c9748dcc6e5bbcf238bea38f5563b153d27d5860d340f75
3fedeb5687168703aef81b29501029eb34f1b5019d78318c3ab0c307e5396e5b
4140ce099982e7543b82a1c5e60eb662041986fde4e84fbfdedca9f33d0e2891
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8
52071e9da841e5e202a9f3447289c44a80ee338e5809141215f5798167d7f6db
54b91a521b6e8c931736fdc8916a0a2c01403dab826c08e48e4cddcd804d7cc4
556ddb4aa899e9ea75cbd06fbb7d94afd47564db50c7535b8bedea0c30ada5f2
628ad4df254c37785cd4250bc3002c99ad63856f626b268705b45acfb1938dcd
6d9c65eccff9b9bd0acea537683d93f7ce4838adfc7dc0e2f86b7818cc25f713
72e52d6b6242a8a408e22d10b3a142ec77f19d8889cbf6eb43c02ccdc12c4978
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
8a335ca2723e4f3dd122ba8c407829cea16191c46f137db866c9f065dfac5a37
90047fdcbd8cee49115676d9b355002c6711852369aca00d522d4a63fd85ae95
93aae5bf9d59cc5991ad273591e8ceeb45df699a0120faea7dce43a73be82017
99aea34ea462e3d91ee94dc0dcfb3085b08627048e53e57d0a1200a5ff4ba8e7
a13bdba547c8a6da367aff334fbf2e5796547d3bce504c86b78cfdee86d699ca
a81e0d6d3ab9e40885c7cf03d0fb2fa7b9f1e271fadb2967abd519e070d35295
b2b33703fd3cc4a83fe21aa030c3a910177fd23db59c1f49eb9ecf70eca6ba98
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99
f99e9dd73030f454adefb82e37c7e216a95610d5a8216b147c51469a3e356f41
fce594f41d2e2076fc1a5280296af05687d792d5d0fc0fe25db61be612cef8c5