account-gencia.site Open in urlscan Pro
172.67.177.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Effective URL:
https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Submission: On October 31 via api (October 31st 2024, 2:06:24 am UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 172.67.177.169, located in United States and belongs to CLOUDFLARENET, US. The main domain is account-gencia.site.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.

This is the only time account-gencia.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
20	172.67.177.169 172.67.177.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
27	5

20 172.67.177.169 (United States)

ASN13335 (CLOUDFLARENET, US)

account-gencia.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	account-gencia.site account-gencia.site	87 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	37 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	19 KB
1	gstatic.com fonts.gstatic.com	51 KB
27	4

	Domain	Requested by
20	account-gencia.site	account-gencia.site cdnjs.cloudflare.com
2	cdnjs.cloudflare.com	account-gencia.site
2	unpkg.com	1 redirects account-gencia.site
1	fonts.gstatic.com	account-gencia.site
27	4

This site contains links to these domains. Also see Links.

Domain
support.google.com
accounts.google.com

Subject Issuer	Validity	Valid
account-gencia.site WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Frame ID: 35924CDD00E4CE42B55C55FA70EA02E7
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google

Page URL History Show full URLs

http://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS HTTP 307
https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS Page URL

Detected technologies

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

85 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

195 kB
Transfer

470 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/chrome/answer/6130773?hl=pt-BR
Title: Saiba mais sobre como usar o Modo visitante

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts?hl=pt-BR&p=account_iph
Title: Help

Search URL Search Domain Scan URL

URL: https://accounts.google.com/TOS?loc=BR&hl=pt-BR&privacy=true
Title: Privacy

Search URL Search Domain Scan URL

URL: https://accounts.google.com/TOS?loc=BR&hl=pt-BR
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS HTTP 307
https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://unpkg.com/i18next@latest/dist/umd/i18next.min.js HTTP 302
https://unpkg.com/i18next@23.16.4/dist/umd/i18next.min.js

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
account-gencia.site/pt/
Redirect Chain

http://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS

11 KB
4 KB

581ms
500ms

Document
text/html

172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec2d1ca7db60191f486b810d42d9ba05d0f6905f7f000cd90d6185c5a4a49f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8db015ba88f3d259-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 31 Oct 2024 02:06:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QutMx8Kt392YqJMG1A0ehw1V5rfNCGQg44U6Z5t1dxjMx9D4sxTAZJDpGKQvF9%2FV2YJI0DWaJUMxbLedKv8f8lNF2DGkjX4VU1j6Yfpx9aJWpsX9%2Bi8qT4cFmNUajt4AVZj7gov7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=46258&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4548&delivery_rate=391&cwnd=12000&unsent_bytes=0&cid=dbf99d9531e95a86&ts=537&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

i18next.min.js Show response
unpkg.com/i18next@23.16.4/dist/umd/
Redirect Chain

https://unpkg.com/i18next@latest/dist/umd/i18next.min.js
https://unpkg.com/i18next@23.16.4/dist/umd/i18next.min.js

47 KB
19 KB

52ms
52ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/i18next@23.16.4/dist/umd/i18next.min.js

Requested by

Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f51d51121d3cdee46160c153a661cbca046740691674bdbaf93168939c2ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "bdf6-jYrwQbxIpgoYXLDyWi50h9sGp/g"
age: 472348
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JB22PPSZGQ80CQV261EQ927D-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8db015beed633635-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /i18next@23.16.4/dist/umd/i18next.min.js
content-encoding: br
cf-cache-status: HIT
age: 139
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8db015be8d423635-FRA
access-control-allow-origin: *
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JBG51CRH2SPN0JXVKBYFC1YZ-cdg
server: cloudflare

GET
H3 200 style01.css
account-gencia.site/pt/css/ 86 KB
11 KB 482ms
482ms Stylesheet
text/css 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/css/style01.css
Requested by: Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2d86a8677fd898aff4af5836ed8da21c823a932d75d2a682a27375fb088ccf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "159c5-6206dffd5f500-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5yYB2VGd6WLNKKCWVi3YV%2BSG3wrwwyh2x55k9fToyua7SCzdQcnCl6VVfH9U9UXKdg8cjN%2FQAY62vSme6%2FDvDJsUc9ECfUrONXbNFk17JcO9jv%2Bx57yM9%2FQDWWCTw8zwstcj572"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44466&sent=28&recv=17&lost=0&retrans=0&sent_bytes=17117&recv_bytes=6021&delivery_rate=97442&cwnd=12000&unsent_bytes=0&cid=dbf99d9531e95a86&ts=1069&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: text/css
last-modified: Sat, 24 Aug 2024 13:37:56 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db015bdebf6d259-FRA
accept-ranges: bytes
content-length: 10622
server: cloudflare

GET
H3 200 style02.css
account-gencia.site/pt/css/ 42 KB
7 KB 475ms
474ms Stylesheet
text/css 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/css/style02.css
Requested by: Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1245b6745025dce2709c9020690bbb01a195dfea88476d948d561de6363a7904

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "a71c-6206e0012fe00-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnKBr%2BU34pIvF8WEPOu9Wd76l5KbNjXGwSvT1SFhYUwF5vbgtq2%2B3H1tSlAGi12v9BON1J8b5XMOGTB4LOR%2FlOEr9gq3Awc43IwaI5yVbgCksBbqKLBO7zkWKOTXmxvhnPM82sQe"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44466&sent=19&recv=17&lost=0&retrans=0&sent_bytes=8157&recv_bytes=6021&delivery_rate=97442&cwnd=12000&unsent_bytes=0&cid=dbf99d9531e95a86&ts=1062&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: text/css
last-modified: Sat, 24 Aug 2024 13:38:00 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db015bdebf7d259-FRA
accept-ranges: bytes
content-length: 6556
server: cloudflare

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 88 KB
28 KB 130ms
79ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "63091225-6d56"
age: 154658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=einy6maBLz%2BoghlhVkeVSlQ6rSHKt%2B%2BF89H78RokY15Pgkov9U%2BAOXTzg4eeNFmZqQRWQ%2FbGtVUmp2V8OZiM3Fua6KWxabbrVrl3estnhg4ePAH2FZHeDF2MwFg%2FycKhNX5mANC6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 02:06:17 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8db015be3912d299-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27990
server: cloudflare

GET
H3 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/1.1.2/ 26 KB
9 KB 104ms
55ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/1.1.2/axios.min.js

Requested by

Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "63400f9e-22d0"
age: 1240106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6TT8iZbpxDJcUc8%2B1bQNpq19%2Fh8rdal8E%2FkVfM7Zyw2zBI5gLb5%2F0Gq1rhfArfYSFpR3wkq9eeuOEhWVvV7nQ%2BXjgrStcuQY5WQc2GHP9dpLMJ60EMUokYCno12V0CtpK%2F4JVQT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 02:06:17 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 07 Oct 2022 11:38:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8db015be3914d299-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8912
server: cloudflare

GET
H3 200 server.js Show response
account-gencia.site/pt/ 3 KB
2 KB 474ms
474ms Script
text/javascript 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/server.js
Requested by: Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5a3ec472a0d80e1d944048b598759ee7cf2286dbb3df87058f545a2622cf09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "a3c-62567a77b5180-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQL2N4pXyrV2tECFDUat9QlvYDbRXe33mBV%2BCOwaCc8E%2BALMpL6AVNu0eZaaDWR2fCHFaTjKEr5MPsovFSDjhiQcxLF7ld5L2gwbKWw9aUqbhnWwCMJ8wMh2ju7T%2FSkBfbTBbIlU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44466&sent=26&recv=17&lost=0&retrans=0&sent_bytes=15512&recv_bytes=6021&delivery_rate=97442&cwnd=12000&unsent_bytes=0&cid=dbf99d9531e95a86&ts=1065&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: text/javascript
last-modified: Sat, 26 Oct 2024 21:09:42 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db015bdfbfbd259-FRA
accept-ranges: bytes
content-length: 913
server: cloudflare

GET
H3 200 loading.gif
account-gencia.site/pt/img/ 32 KB
33 KB 474ms
474ms Image
image/gif 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://account-gencia.site/pt/img/loading.gif
Requested by: Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d545b9845df5f120e894f3f3207a147719584ed11a629c27bb29006aaa521c9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "8090-6206e008d1000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P0aZOrg4D8D9BQzFQ1SreXDv%2Fd%2BMjqzJa46rb0MakP7EG6XppW4D6gPKxywK1kqs1FjG3htZbDxdQ5ajmCoh8NPFO2V3ksCsbRzrtDcitsQoxTsC9l15Hx0mQu8QnQ5vCcELwJKO"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015c12f83d259-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45512&sent=61&recv=40&lost=0&retrans=0&sent_bytes=52475&recv_bytes=8004&delivery_rate=96563&cwnd=26400&unsent_bytes=0&cid=dbf99d9531e95a86&ts=1577&x=1", cfHdrFlush;dur=0
content-length: 32912
date: Thu, 31 Oct 2024 02:06:18 GMT
content-type: image/gif
last-modified: Sat, 24 Aug 2024 13:38:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 translations.js Show response
account-gencia.site/pt/js/ 83 KB
23 KB 684ms
684ms Script
text/javascript 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/js/translations.js
Requested by: Host: account-gencia.site
URL: https://account-gencia.site/pt/?resume=PZqgrNjCPdTWzjzIyHZRMJcbvzlantepDReMPXgWXEQGOmaoZTnWAeQwjuTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbca55b17abe462bda5183bb2f572ad4c13c71be73a5ed0ebef2a765f6e1589

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "14d90-6206e0fcf5000-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=upTEzyytQjQKSxa0WbByRKgPUYS1apxZCqOnQ1uEhzhhVjVKM2J8ANfTolj7ssY%2BEumqhvjfImxkXMjKTcgdKxiyFFqlYZvAztmJEkk9Pr6l65XJiApLgdTxGoGEGs1jZdjAPu1b"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41535&sent=40&recv=28&lost=0&retrans=0&sent_bytes=28671&recv_bytes=6827&delivery_rate=28083&cwnd=19200&unsent_bytes=0&cid=dbf99d9531e95a86&ts=1275&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:17 GMT
content-type: text/javascript
last-modified: Sat, 24 Aug 2024 13:42:24 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db015bdfbfcd259-FRA
accept-ranges: bytes
content-length: 22642
server: cloudflare

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
fonts.gstatic.com/s/googlesans/v58/ 51 KB
51 KB 89ms
41ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2

Requested by

Host: account-gencia.site
URL: https://account-gencia.site/pt/css/style01.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://account-gencia.site
Referer: https://account-gencia.site/

Response headers

age: 181753
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 23:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 23:37:04 GMT
last-modified: Tue, 23 May 2023 16:36:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52280
x-xss-protection: 0
server: sffe

GET
H3 200 main_.php Show response
account-gencia.site/pt/ 14 B
672 B 273ms
273ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/main_.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCvXmQdufc1T1%2F%2B%2FpUThy8oU9O3LZnbKgWqiZOC6lgDjjjIgNZz0nYLRbFF81X6Ly%2BwwNlL%2FLCY7E7pa5JFOMCGAb%2B3XqMwKjMlXlx4FF6nYm%2FvT%2Bd1Bp1u5k49z8wY1sj1cIFJ2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015c2a921d259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45512&sent=83&recv=40&lost=0&retrans=0&sent_bytes=78875&recv_bytes=8004&delivery_rate=96563&cwnd=26400&unsent_bytes=0&cid=dbf99d9531e95a86&ts=1596&x=1", cfHdrFlush;dur=20
date: Thu, 31 Oct 2024 02:06:18 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
576 B 674ms
674ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IM7yh%2Bq4tRkd5BvRnEz2fZ%2FBgeNScg9Kt%2BMBl74Jw4ohvb6p2BzUKv4Wq05pAKs8MAw0XhikYNJM4JvZ7Dv8UNCI01i7RVdtuFA7BCsZLhidE6ioyanUlt%2Fd%2FxNHNeTU2Kju3gUP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015c2a922d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40165&sent=92&recv=56&lost=0&retrans=0&sent_bytes=87471&recv_bytes=9040&delivery_rate=119214&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=2016&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:18 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 404 favicon.ico
account-gencia.site/ 281 B
818 B 473ms
473ms Other
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb1d704331f4fbaccdf2d66a4a8af07580e3ba09cd5c7f69b8db496c3e8e1b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://account-gencia.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niRPogq1okUyDuIpF6veCLJFChUxu%2F4Qi%2FviWrRYss0BovGWMmhkBWpFw4VviXrL0RatxHa%2BngSKDA1%2FG42%2Bgzx3QD5fAi0WO8ESFp4GamCE5y4wT1RhUtGc7XHRMuL4b7QobQ3K"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015c4ab5ad259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40271&sent=93&recv=57&lost=0&retrans=0&sent_bytes=88070&recv_bytes=9085&delivery_rate=1583&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=2137&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:18 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
581 B 252ms
252ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjcFMAMr3N4JlQxHVxMSgkrXIxk%2FtJ0ecdZWWk%2BufEGCmogyw5cuskpNsfNgOENgCV44L0jixxK%2F8R5dsXHr6F0AYbeB9ocf%2BAo%2F3NeC4RTFGh%2FZRObJu0xnRUy5SUgFrizs%2BIBC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015c7af11d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40067&sent=96&recv=59&lost=0&retrans=0&sent_bytes=88958&recv_bytes=9839&delivery_rate=18245&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=2396&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:19 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 main_.php Show response
account-gencia.site/pt/ 14 B
664 B 256ms
255ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/main_.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6htbIaQQLVPf4D6y3WR98qaxIBEUMmY%2BO%2FpYctqb6elwPJKrx97WcvKR7s4p8Er6LT1Vq3omvibOR3sv7rOTA1z7P9X2uOb5JSeysSiwkPXls0%2BQvjUJmxrAbRXt19Mb%2B59wG1J"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015c8e8e9d259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41287&sent=97&recv=60&lost=0&retrans=0&sent_bytes=89562&recv_bytes=9884&delivery_rate=2178&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=2599&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:19 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
578 B 258ms
256ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5y4oJq8Yyo0NRUvkRTXlm%2FiCaeqlRmZE8Ui4G9LPOckv0%2FyzBPymDuMzT1aTL3X5wQxx8nPEq6bYigQnFMx%2FSxziwFvg5NffWvn3E3gTv9uM0VFkAYk%2BwE0IMro2N48%2B7yW03Gs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015ccaeb9d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41189&sent=99&recv=62&lost=0&retrans=0&sent_bytes=90272&recv_bytes=10286&delivery_rate=10487&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=3203&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:19 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 main_.php Show response
account-gencia.site/pt/ 14 B
661 B 284ms
284ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/main_.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtFFJTIe82fracahEwYjM1z1B09s7KSO5%2B8Rk5HT19eSwuC0zNSeL803RKvH4md8JMIY5ptinMxnVbBBVuqIvfIffTlgyedJY8oWRgF5yU3TZc4seAn%2BekQsBirBDng%2BYUXbtsgq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015cf2a60d259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41759&sent=101&recv=64&lost=0&retrans=0&sent_bytes=90897&recv_bytes=10721&delivery_rate=2128&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=3606&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:20 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
585 B 346ms
274ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvfW8iwmF%2F6NmYxbZHOmXR8uB7p1Bh0Z%2BPj%2FIwYhFf5y%2FW6tPpCDKqBfp2IX9zVcz75tuTgH%2BjYu2JD%2BI%2Buqi6cMyBTsWXkOVXL4CvIhOs4cI4tORJOt0f8%2F5Wrs%2BU2FrBolkWBQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015d1fe99d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41367&sent=104&recv=66&lost=0&retrans=1&sent_bytes=92298&recv_bytes=11122&delivery_rate=4063&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=4053&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:20 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 main_.php Show response
account-gencia.site/pt/ 14 B
666 B 270ms
258ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/main_.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJL5%2BUEpp3zEMT2Iuaa2yRW3g6lxlJtCLm6GdIzqNdCkw5UuMdPU0E5Xzwhq4hLlHf1H8waL%2B9dxpeNomSfCI640LGQJ7d%2BUTpzufP4CUx2JZf%2B2RjTCKaGnumfW%2BmkRMINnXir1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015d57bfcd259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=57837&sent=108&recv=70&lost=0&retrans=2&sent_bytes=93572&recv_bytes=11959&delivery_rate=3586&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=4616&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:21 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
580 B 284ms
284ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wo4aUUh%2Bgrj%2FusKxiI%2FO4Wi5FmxEC%2FU%2BXTYgJViVjDxccy4btYVKAdxMallAkGC6L%2FATFYlQLq7MxhrwuKArPxZ9r7ZlTSMmmNGEOHm1wd2B9AaAaCJ5pDF%2FNVy1X7J81JWglqAm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015d6cdd2d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=58122&sent=109&recv=71&lost=0&retrans=2&sent_bytes=94261&recv_bytes=12004&delivery_rate=2392&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=4816&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:21 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET main_.php
account-gencia.site/pt/ 0
0

GET ver_online.php
account-gencia.site/pt/ 0
0

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
577 B 255ms
254ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6VcnmCNCOIyk0o9mwfrtZHfbPyEeTvNISt1aM9hZWv9gx4GZbwKtNcE%2FqrfuaN2cYTzcpdq6zD55wBaoG%2BFwShUD0itg92q2GK%2B%2FPU9Uw8r%2B%2Bl40dACh9X5qCE5pu2gX4v9rHd2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015e0bc52d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=55579&sent=114&recv=77&lost=0&retrans=2&sent_bytes=94968&recv_bytes=13293&delivery_rate=276&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=6409&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:23 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 main_.php Show response
account-gencia.site/pt/ 14 B
664 B 262ms
261ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/main_.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQEiWm%2BRuzsAKiptp7qZ36GUikqmHgq1MVRklabEiIql4MDByXLTf6HiF8HU8Un70MmLQCsCgZIYbKcNlAaZS0O2Q1tNJ37uAGhcPRTKI6iwd76JZ9PkwGhCBt1QJVSeJlhrdZc2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015e1ede9d259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=55125&sent=115&recv=78&lost=0&retrans=2&sent_bytes=95569&recv_bytes=13338&delivery_rate=2178&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=6603&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:23 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 ver_online.php Show response
account-gencia.site/pt/ 0
576 B 254ms
253ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/ver_online.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QMwCSmpHGYcXDXwm%2BfweOMC3eFyLHBR33hx85Bt3fKNaPyAJxdWJsLUiFpIL4rxhco3IxI7OrEDGVO6hR6FQ5dz49rvzV%2FuVPNpMfEuEtIAWWZCbwC6nEfhaYLwKdWLLliT4%2BCN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015e5ba99d259-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54289&sent=118&recv=80&lost=0&retrans=2&sent_bytes=96306&recv_bytes=13742&delivery_rate=12069&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=7211&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:23 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 200 main_.php Show response
account-gencia.site/pt/ 14 B
667 B 268ms
256ms XHR
text/html 172.67.177.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account-gencia.site/pt/main_.php
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f

Request headers

Referer: https://account-gencia.site/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXefxH1yaaZXzVt%2FWfdDZIPaMNfk2bG0DacGiR75oExjpI5Zl4i%2Bo6RCrFAyMGKLNUYp4e50REeD7Y6jIVZ5gD6wUd06x1qEIC2%2FqURLnPxNCjAONADS%2FHXFz8u3v1%2FSXPoXrOsQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db015e84eb2d259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=53481&sent=120&recv=82&lost=0&retrans=2&sent_bytes=96931&recv_bytes=14179&delivery_rate=2187&cwnd=33600&unsent_bytes=0&cid=dbf99d9531e95a86&ts=7618&x=1", cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 02:06:24 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET ver_online.php
account-gencia.site/pt/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: account-gencia.site
URL: https://account-gencia.site/pt/main_.php

Domain: account-gencia.site
URL: https://account-gencia.site/pt/ver_online.php

Domain: account-gencia.site
URL: https://account-gencia.site/pt/ver_online.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account-gencia.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: rht0kmujlp70d9d6d7avf9r4vr

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://account-gencia.site/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-gencia.site
cdnjs.cloudflare.com
fonts.gstatic.com
unpkg.com
account-gencia.site
104.17.25.14
142.250.74.195
172.67.177.169
2606:4700::6811:f6cb
1245b6745025dce2709c9020690bbb01a195dfea88476d948d561de6363a7904
37f51d51121d3cdee46160c153a661cbca046740691674bdbaf93168939c2ea9
51cfe512b8f87774e3f8e6f3c490e946e3603b642a6209803da89893edfc159f
57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
5d5a3ec472a0d80e1d944048b598759ee7cf2286dbb3df87058f545a2622cf09
6d2d86a8677fd898aff4af5836ed8da21c823a932d75d2a682a27375fb088ccf
8dbca55b17abe462bda5183bb2f572ad4c13c71be73a5ed0ebef2a765f6e1589
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
d545b9845df5f120e894f3f3207a147719584ed11a629c27bb29006aaa521c9a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb1d704331f4fbaccdf2d66a4a8af07580e3ba09cd5c7f69b8db496c3e8e1b8
fec2d1ca7db60191f486b810d42d9ba05d0f6905f7f000cd90d6185c5a4a49f6
ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

account-gencia.site Open in urlscan Pro 172.67.177.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

85 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

195 kBTransfer

470 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

account-gencia.site Open in urlscan Pro
172.67.177.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

85 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

195 kB
Transfer

470 kB
Size

1
Cookies

27 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!