www.quizargame.ru Open in urlscan Pro
172.67.223.247 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt
Effective URL:
https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt
Submission: On August 10 via api (August 10th 2024, 2:45:28 am UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 25 HTTP transactions. The main IP is 172.67.223.247, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.quizargame.ru.
TLS certificate: Issued by WE1 on June 17th 2024. Valid for: 3 months.

This is the only time www.quizargame.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

	IP Address	AS Autonomous System
16	172.67.223.247 172.67.223.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2606:4700:10:... 2606:4700:10::6816:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.195.193.72 34.195.193.72	14618 (AMAZON-AES) (AMAZON-AES)
2 2	172.67.8.238 172.67.8.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	3

16 172.67.223.247 (United States)

ASN13335 (CLOUDFLARENET, US)

www.quizargame.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:e8 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.195.193.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-193-72.compute-1.amazonaws.com

grizzly-elfin-hotel.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.8.238 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	quizargame.ru www.quizargame.ru	114 KB
6	glitch.me grizzly-elfin-hotel.glitch.me	469 KB
6	cutt.ly 6 redirects cutt.ly — Cisco Umbrella Rank: 35981	1 KB
0	Failed function sub() { [native code] }. Failed
25	4

	Domain	Requested by
16	www.quizargame.ru	www.quizargame.ru
6	grizzly-elfin-hotel.glitch.me	www.quizargame.ru
6	cutt.ly	6 redirects
0	invalid Failed	www.quizargame.ru
25	4

This site contains no links.

Subject Issuer	Validity	Valid
quizargame.ru WE1	`2024-06-17` - `2024-09-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt
Frame ID: C1E358075EEF4D92FF3489B25E601891
Requests: 9 HTTP requests in this frame

Frame: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html
Frame ID: 476E598490DFD44F6B8730A74BAC67C4
Requests: 8 HTTP requests in this frame

Frame: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html
Frame ID: F0A16671E3605C585B496F3F8D1DFB81
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt HTTP 307
https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Page URL

Page Statistics

25
Requests

64 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

583 kB
Transfer

3260 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt HTTP 307
https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://cutt.ly/CearQTuV HTTP 301
https://grizzly-elfin-hotel.glitch.me/uiglhijll.css

Request Chain 6

https://cutt.ly/OearJLSg HTTP 301
https://grizzly-elfin-hotel.glitch.me/2.js

Request Chain 13

https://cutt.ly/CearQTuV HTTP 301
https://grizzly-elfin-hotel.glitch.me/uiglhijll.css

Request Chain 14

https://cutt.ly/OearJLSg HTTP 301
https://grizzly-elfin-hotel.glitch.me/2.js

Request Chain 21

https://cutt.ly/CearQTuV HTTP 301
https://grizzly-elfin-hotel.glitch.me/uiglhijll.css

Request Chain 22

https://cutt.ly/OearJLSg HTTP 301
https://grizzly-elfin-hotel.glitch.me/2.js

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request feed.txt Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Redirect Chain http://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt	123 KB 8 KB	270ms 226ms	Document text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b0ca63f9b2c9bc5-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 10 Aug 2024 02:45:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w44bpk7jbvp5vyDv9H8Kqmb9ATJ7vz5XTUzDCAs4IOagnUcPrvXCf3TUsnGRXcWLexWcy4ZmF2IoZ%2FF%2F%2FuHYxKkvrDXuxoIWx2Z0BoS1kQVCcxnRHuG9XArQS26Ykq6Nd%2FGkyQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.1.30 Redirect headers Location https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Non-Authoritative-Reason HttpsUpgrades
GET H3	200	1.js Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/	123 KB 8 KB	228ms 227ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.js Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:22 GMT content-encoding br cf-cache-status MISS last-modified Sat, 10 Aug 2024 02:45:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1bs9U6fAIsyiN1If0Cgn%2F73hkA5iVXpBAPQ3a7CCTnbYkuycd0D3hkO4T0zrWgDkFfZwV87d3F8RZpUFXEfVLs314CF6%2Bxsji47qR1LW%2FPgy0nYupx2159sTEAUo3t8w%2Ft3dg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 8b0ca6411c129bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	analytics.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/	123 KB 8 KB	95ms 94ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/analytics.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UiPRxNP2M4SjhwXLDG%2F3PlnrQRnYq2gHomhSoasnib824PqeEeTdpRVXVlgPMIL4cvmj6C2Exd%2BEYUQWQ6pMV101JpIOo3MZs1P3M47BuotDC%2F1Wp0%2FbtIrWtiXZKi1rkvK3sw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca6411c139bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bWqOLA69nu2fsMi45LjA.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/	123 KB 8 KB	230ms 229ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/bWqOLA69nu2fsMi45LjA.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JymMJYxWLW0%2FLIsnARndwndsZnA5oLHa%2BPEVm6T8J1lcHPGHQ4brbsP8NFGFpIJT%2B1ROdf195437LWRdvbfSQzp1eqMsG2gdtKEPBWWi3UwkKZ06AI6JJg6jCNMslmPFLpB5ZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca6413c279bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	gtm.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/	123 KB 8 KB	213ms 213ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/gtm.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8A%2F85uVo%2Btn3v7mBSw7%2B9Ffp3Iy8WODSUZaREX8tJtioLkT8ELmRAMaqyc7BomncbOxLMF%2FjUUJaeHzgC5PNXr2fRxiZCM7WlLWk3TawDr6Rxy4gjoqcSI33yS2JJ4%2FGRWhbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca6413c2a9bc5-FRA alt-svc h3=":443"; ma=86400
GET		/ invalid/	0 0

GET H2	200	uiglhijll.css grizzly-elfin-hotel.glitch.me/ Redirect Chain https://cutt.ly/CearQTuV https://grizzly-elfin-hotel.glitch.me/uiglhijll.css	391 KB 392 KB	773ms 516ms	Stylesheet text/css	34.195.193.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://grizzly-elfin-hotel.glitch.me/uiglhijll.css Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H2 Server 34.195.193.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-193-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:23 GMT x-amz-version-id Yhs2ZKDwqNm99zLYwHFcOwHW0dcwq5Qx last-modified Wed, 19 Jun 2024 14:27:36 GMT server AmazonS3 x-amz-request-id 87CGHZJEZ873X93V etag "74acefad72f0016dcfb1e747dff5a9a7" x-amz-server-side-encryption AES256 content-type text/css; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 400623 x-amz-id-2 1+GBm7QM9xTteWIbcQtDTmRtkDnO36gV9U96BcE5LVzvROK6jlyOebeKlnmwaVKKtQE9ioGFHzQK8ErmOxAOpVASKaGvpjZV Redirect headers pragma no-cache date Sat, 10 Aug 2024 02:45:22 GMT strict-transport-security max-age=15552000; includeSubDomains; preload referrer-policy same-origin cf-cache-status DYNAMIC x-content-type-options nosniff server cloudflare x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://grizzly-elfin-hotel.glitch.me/uiglhijll.css cache-control no-cache, no-store, must-revalidate cf-ray 8b0ca6418b5d9101-FRA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	2.js Show response grizzly-elfin-hotel.glitch.me/ Redirect Chain https://cutt.ly/OearJLSg https://grizzly-elfin-hotel.glitch.me/2.js	76 KB 76 KB	650ms 393ms	Script application/javascript	34.195.193.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://grizzly-elfin-hotel.glitch.me/2.js Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H2 Server 34.195.193.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-193-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:23 GMT x-amz-version-id RwI8O6lq.h9MsYl5DwI47xJJ41WPEGL6 last-modified Wed, 19 Jun 2024 14:27:36 GMT server AmazonS3 x-amz-request-id 87CN91JKC0KFRGCJ etag "46d5d43b6f75fd3fe4c0d0db009ed5dd" x-amz-server-side-encryption AES256 content-type application/javascript; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 77445 x-amz-id-2 XbARmeUJURNExW2bs0pppXcT7WgMAlyWxNMmwPw06u5rpau15qSKgvy2J8cz6Ty0fmIu0uV81A2bS2I/MUegqw== Redirect headers pragma no-cache date Sat, 10 Aug 2024 02:45:22 GMT strict-transport-security max-age=15552000; includeSubDomains; preload referrer-policy same-origin cf-cache-status DYNAMIC x-content-type-options nosniff server cloudflare x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://grizzly-elfin-hotel.glitch.me/2.js cache-control no-cache, no-store, must-revalidate cf-ray 8b0ca6418b5e9101-FRA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	1.html Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame 476E	123 KB 8 KB	151ms 151ms	Document text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b0ca6495a089bc5-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 10 Aug 2024 02:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijWLIEjdSI%2BURVrS4Z%2BlmqbrtCgEUkF9CmwpyRv2ralmjSUuzfesRT94h64LeW4HDEv%2Ffsd5nGgVSJAFFfkzSHpNuZ3ouOanZfczpUm3hz2k2cvw0CIc%2B9y7wkpjGYLCrogHrQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.1.30
GET H3	200	1.js Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame 476E	123 KB 0	228ms 227ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.js Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:22 GMT content-encoding br cf-cache-status MISS last-modified Sat, 10 Aug 2024 02:45:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1bs9U6fAIsyiN1If0Cgn%2F73hkA5iVXpBAPQ3a7CCTnbYkuycd0D3hkO4T0zrWgDkFfZwV87d3F8RZpUFXEfVLs314CF6%2Bxsji47qR1LW%2FPgy0nYupx2159sTEAUo3t8w%2Ft3dg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 8b0ca6411c129bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	analytics.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame 476E	123 KB 8 KB	156ms 155ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/analytics.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bIIf6FTtmL1SNVNWRRI3e%2FsDb7PzidvgFACE7Y0QmzE1Pl1LGY6HM5%2B0UhxBGg45NitLSt7C0kXDgjna0Z%2FedyeJBzCHsYh5z%2B8vjZhFkLtjCrSGrev86tztZY6G2%2BBgZ00HQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca64aaae09bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bWqOLA69nu2fsMi45LjA.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame 476E	123 KB 8 KB	154ms 154ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/bWqOLA69nu2fsMi45LjA.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8U0ns%2Bp9GsFm1Gk7IoxLcyha%2F2q3UjncIK5gpKWw49g0aFxYJKyDPZ8CpL398cFyJfQoIdhf8q7lY5NuGg9y5nb%2BUcmJaBYXOIaBb0HapJh%2Fby%2F%2BE7d9m8jL72iQ2H95imtfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca64aaae19bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	gtm.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame 476E	123 KB 8 KB	96ms 95ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/gtm.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alDCcYdG%2FVtIKhjvqSA7DuDYT8xWHPjVT5fExUmOZr8D1cdC%2FhPFAvwEQ%2FmpWfZth04LyD29zDq%2Fx5hTcoaVg4UbamKVdNhtvoxx5%2FMSbTA7rHxw0ctbhPa%2FoMvQxEIIZQo3KQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca64abaf09bc5-FRA alt-svc h3=":443"; ma=86400
GET		/ invalid/ Frame 476E	0 0

GET H2	200	uiglhijll.css grizzly-elfin-hotel.glitch.me/ Frame 476E Redirect Chain https://cutt.ly/CearQTuV https://grizzly-elfin-hotel.glitch.me/uiglhijll.css	391 KB 275 B	167ms 162ms	Stylesheet text/css	34.195.193.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://grizzly-elfin-hotel.glitch.me/uiglhijll.css Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H2 Server 34.195.193.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-193-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT x-amz-version-id Yhs2ZKDwqNm99zLYwHFcOwHW0dcwq5Qx last-modified Wed, 19 Jun 2024 14:27:36 GMT server AmazonS3 x-amz-request-id HK1S7VWTXXKZ05NH etag "74acefad72f0016dcfb1e747dff5a9a7" x-amz-server-side-encryption AES256 content-type text/css; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 400623 x-amz-id-2 svY9K6ZG+nRjxrSjJS2/q236F0Y44l9mrkT6z36OOLKo9AH4/MrqvBOXNBN4yTyYoEszdp11t5E= Redirect headers pragma no-cache date Sat, 10 Aug 2024 02:45:24 GMT strict-transport-security max-age=15552000; includeSubDomains; preload referrer-policy same-origin cf-cache-status DYNAMIC x-content-type-options nosniff server cloudflare x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://grizzly-elfin-hotel.glitch.me/uiglhijll.css cache-control no-cache, no-store, must-revalidate cf-ray 8b0ca64aa8a69101-FRA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	2.js Show response grizzly-elfin-hotel.glitch.me/ Frame 476E Redirect Chain https://cutt.ly/OearJLSg https://grizzly-elfin-hotel.glitch.me/2.js	76 KB 283 B	166ms 166ms	Script application/javascript	34.195.193.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://grizzly-elfin-hotel.glitch.me/2.js Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H2 Server 34.195.193.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-193-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT x-amz-version-id RwI8O6lq.h9MsYl5DwI47xJJ41WPEGL6 last-modified Wed, 19 Jun 2024 14:27:36 GMT server AmazonS3 x-amz-request-id HK1Y4YJSCTKY1CEB etag "46d5d43b6f75fd3fe4c0d0db009ed5dd" x-amz-server-side-encryption AES256 content-type application/javascript; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 77445 x-amz-id-2 c36/6J7tAoH8/JlewsUyXA9EgTQwIv5/1ohhQxnkAcwUH3F5h/sjNR//aO0EypCE/6LAbvCRmLc3DqLgCL0cQQ== Redirect headers pragma no-cache date Sat, 10 Aug 2024 02:45:24 GMT strict-transport-security max-age=15552000; includeSubDomains; preload referrer-policy same-origin cf-cache-status DYNAMIC x-content-type-options nosniff server cloudflare x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://grizzly-elfin-hotel.glitch.me/2.js cache-control no-cache, no-store, must-revalidate cf-ray 8b0ca64ab8af9101-FRA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	1.html Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame F0A1	123 KB 8 KB	149ms 148ms	Document text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b0ca64c8be39bc5-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 10 Aug 2024 02:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWxujAmgYYbHoaxZ0QUxGFngdc3YoueAXT03XPqyFJOS82ZYTzA37UNtV5KicAUymrgt0Sw1%2BmvRigsbmlNO88cuCWUToWAkXHTreid0XCEYWGmHLiy5%2BX%2FMGCzXn6LM7tFLag%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.1.30
GET H3	200	1.js Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame F0A1	123 KB 0	228ms 227ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.js Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:22 GMT content-encoding br cf-cache-status MISS last-modified Sat, 10 Aug 2024 02:45:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1bs9U6fAIsyiN1If0Cgn%2F73hkA5iVXpBAPQ3a7CCTnbYkuycd0D3hkO4T0zrWgDkFfZwV87d3F8RZpUFXEfVLs314CF6%2Bxsji47qR1LW%2FPgy0nYupx2159sTEAUo3t8w%2Ft3dg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 8b0ca6411c129bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	analytics.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame F0A1	123 KB 8 KB	155ms 154ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/analytics.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BI7Pom%2B61smy85gCHadiNNC7x5iMBkV8qbtpGvSkS%2FRVLFmAAJyF322nwu0au%2Bi1B5QS7yCmg87z1IeSKZ2ciPyPHDid6RYqLPYpb6t0YZf5Mq701%2BzYEslXCT2mZQyAMpkGHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca64d8c8a9bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bWqOLA69nu2fsMi45LjA.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame F0A1	123 KB 8 KB	147ms 146ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/bWqOLA69nu2fsMi45LjA.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omgng35MF%2BFIBIEmW6%2BddJK8x95WN%2B2wMBAl6QZbTiXET%2F18jJUJ1kibzvhmoruYy%2FDvmSS5wBXSxRItdCXHrewPw908S0HlB4upeIuk2ddFBD6Ks8M14fdnJlDjCfy51581PA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca64d8c8b9bc5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	gtm.js.download Show response www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/ Frame F0A1	123 KB 8 KB	96ms 96ms	Script text/html	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/gtm.js.download Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.30 Resource Hash `24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol43DRXfO34lWnFVXKRk2ja4ytUtuhJh1cdUT9oN3Th49K3wUyeIdPohiKWJOGe94Z1Dn9YY0V%2BWmwkpJTmsBZ5GYWa%2FigAx1YQFHQezsjcBJyBFUhH5qqQRPzxECzq%2BiXPjLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8b0ca64d8c8c9bc5-FRA alt-svc h3=":443"; ma=86400
GET		/ invalid/ Frame F0A1	0 0

GET H2	200	uiglhijll.css grizzly-elfin-hotel.glitch.me/ Frame F0A1 Redirect Chain https://cutt.ly/CearQTuV https://grizzly-elfin-hotel.glitch.me/uiglhijll.css	391 KB 292 B	162ms 162ms	Stylesheet text/css	34.195.193.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://grizzly-elfin-hotel.glitch.me/uiglhijll.css Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H2 Server 34.195.193.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-193-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT x-amz-version-id Yhs2ZKDwqNm99zLYwHFcOwHW0dcwq5Qx last-modified Wed, 19 Jun 2024 14:27:36 GMT server AmazonS3 x-amz-request-id HK1VGHYJJ3J7BV3W etag "74acefad72f0016dcfb1e747dff5a9a7" x-amz-server-side-encryption AES256 content-type text/css; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 400623 x-amz-id-2 a9c+QC4N/iMpFbZezcIq3P+VaBFCkF4zsxTf89kjpHxltM7sRAM4izeUpNQm2LP+MJf5c2lRiOqoArK2Gc6TxTJwdujD/H+V Redirect headers pragma no-cache date Sat, 10 Aug 2024 02:45:24 GMT strict-transport-security max-age=15552000; includeSubDomains; preload referrer-policy same-origin cf-cache-status DYNAMIC x-content-type-options nosniff server cloudflare x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://grizzly-elfin-hotel.glitch.me/uiglhijll.css cache-control no-cache, no-store, must-revalidate cf-ray 8b0ca64d8dcc8fc5-FRA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	2.js Show response grizzly-elfin-hotel.glitch.me/ Frame F0A1 Redirect Chain https://cutt.ly/OearJLSg https://grizzly-elfin-hotel.glitch.me/2.js	76 KB 276 B	150ms 149ms	Script application/javascript	34.195.193.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://grizzly-elfin-hotel.glitch.me/2.js Requested by Host: www.quizargame.ru URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Protocol H2 Server 34.195.193.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-193-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:24 GMT x-amz-version-id RwI8O6lq.h9MsYl5DwI47xJJ41WPEGL6 last-modified Wed, 19 Jun 2024 14:27:36 GMT server AmazonS3 x-amz-request-id HK1KP7NP0NJZK3CG etag "46d5d43b6f75fd3fe4c0d0db009ed5dd" x-amz-server-side-encryption AES256 content-type application/javascript; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 77445 x-amz-id-2 XbyztN4ecUrSdHe1LTPHbIvAUIO7Lgrc8/iST9DJVEUtTkbTfZOmdYy5GNTqfqGCWNCHYLIsMHI= Redirect headers pragma no-cache date Sat, 10 Aug 2024 02:45:24 GMT strict-transport-security max-age=15552000; includeSubDomains; preload referrer-policy same-origin cf-cache-status DYNAMIC x-content-type-options nosniff server cloudflare x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://grizzly-elfin-hotel.glitch.me/2.js cache-control no-cache, no-store, must-revalidate cf-ray 8b0ca64d8dcd8fc5-FRA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	favicon.ico www.quizargame.ru/	15 KB 7 KB	206ms 206ms	Other image/x-icon	172.67.223.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.quizargame.ru/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `861381a33265e42c0c56e9b8d001f174ba61f67f58db518efbe3745ae7089e8f` Request headers Referer https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 02:45:25 GMT content-encoding br cf-cache-status MISS last-modified Sun, 19 Apr 2020 17:25:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3c2e-5a3a8133ab100" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1g2hpm3vdzvDrJ7MGQ0%2Bw6b21q5doQR9Neen%2Bbcg9FhIl7uOjL9Jt4QMZcmpDyVv%2BtPznr2%2BcI5WNKXAJr7b8lMXCroEefJ6ONNZDpBi0n0UQRQRXZHGU7lg5ZLb2iHuzLn8Pw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8b0ca64f6e4f9bc5-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
recommendation	verbose	URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/feed.txt Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
recommendation	verbose	URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
recommendation	verbose	URL: https://www.quizargame.ru/upload/001/index.html/gtm.js.download,n/a,https:/openphish.com/1.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
grizzly-elfin-hotel.glitch.me
invalid
www.quizargame.ru
invalid
172.67.223.247
172.67.8.238
2606:4700:10::6816:e8
34.195.193.72
24afbdea262595b870d927d21b61cd535a0346a49dfd164f6198daf0a0a1d84d
7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39
7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734
861381a33265e42c0c56e9b8d001f174ba61f67f58db518efbe3745ae7089e8f

www.quizargame.ru Open in urlscan Pro 172.67.223.247 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

64 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

583 kBTransfer

3260 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

www.quizargame.ru Open in urlscan Pro
172.67.223.247 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

64 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

583 kB
Transfer

3260 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!