hl1rly8j.gdct6kyr3.top Open in urlscan Pro
172.67.187.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://yd10086fdueux.com/
Effective URL:
https://hl1rly8j.gdct6kyr3.top/
Submission: On November 19 via api (November 19th 2024, 8:32:07 am UTC) from BE — Scanned from IT

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 172.67.187.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is hl1rly8j.gdct6kyr3.top.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.

This is the only time hl1rly8j.gdct6kyr3.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	172.67.172.70 172.67.172.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.187.122 172.67.187.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2

7 172.67.172.70 (United States)

ASN13335 (CLOUDFLARENET, US)

yd10086fdueux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.187.122 (United States)

ASN13335 (CLOUDFLARENET, US)

hl1rly8j.gdct6kyr3.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gdct6kyr3.top hl1rly8j.gdct6kyr3.top	49 KB
7	yd10086fdueux.com yd10086fdueux.com	62 KB
15	2

	Domain	Requested by
8	hl1rly8j.gdct6kyr3.top	yd10086fdueux.com hl1rly8j.gdct6kyr3.top
7	yd10086fdueux.com	yd10086fdueux.com
15	2

This site contains no links.

Subject Issuer	Validity	Valid
yd10086fdueux.com WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh
gdct6kyr3.top WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hl1rly8j.gdct6kyr3.top/
Frame ID: 4481D7F155145F58B20907A8F7989D95
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GO在线

Page URL History Show full URLs

https://yd10086fdueux.com/ Page URL
https://hl1rly8j.gdct6kyr3.top/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

111 kB
Transfer

330 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://yd10086fdueux.com/ Page URL
https://hl1rly8j.gdct6kyr3.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response yd10086fdueux.com/	5 KB 3 KB	941ms 457ms	Document text/html	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `3053dfce8a4beafaba1d0cc79d6275d0892f004d6db2fe3b7282c83115579607` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control private cf-cache-status DYNAMIC cf-ray 8e4ed8f0dee19e90-CDG content-encoding zstd content-type text/html; charset=utf-8 date Tue, 19 Nov 2024 08:32:03 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FGalMDIexnVxeWs6Vhd%2FVypvjDokgcl52zNxDij6FLfZF7kj6pif3bvP7CNDs2fqJdYOBmvz03e7Rm9leHP5gfA2SS891WoLt2fSJGgMPnMvVMRW5RcAQOIgGxAS1zjF3qgfA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=22431&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3955&recv_bytes=2290&delivery_rate=174305&cwnd=255&unsent_bytes=0&cid=c1707ba38e1e3702&ts=504&x=0" vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	default.css yd10086fdueux.com/Public/Home/css/	2 KB 1 KB	349ms 347ms	Stylesheet text/css	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/Public/Home/css/default.css Requested by Host: yd10086fdueux.com URL: https://yd10086fdueux.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `050d2b0f367c109b6c4df53794e3ebf6add0d210618cd10247341b0d396d2170` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://yd10086fdueux.com/ Response headers content-encoding gzip cf-cache-status EXPIRED etag "648-618b5e9632500-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luHOmQnM2KABhFNz0jJSOwCBwnalQhZ9UuK9CXaXK83V3VEJTdhhXh3YAmV5lG0nMnz83r%2BNxHgJjPMNUD8ttirrAKV9i6cz%2BcJxtekYj7cDxTe3YtywyIpIjSk99%2FL9I8l%2B9A%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30715&sent=48&recv=22&lost=0&retrans=0&sent_bytes=39480&recv_bytes=2698&delivery_rate=1433862&cwnd=258&unsent_bytes=0&cid=c1707ba38e1e3702&ts=888&x=0" date Tue, 19 Nov 2024 08:32:03 GMT content-type text/css last-modified Sat, 18 May 2024 08:04:04 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed8f3ea5a9e90-CDG accept-ranges bytes content-length 670 server cloudflare
GET H2	200	jquery.min.js Show response yd10086fdueux.com/Public/Home/js/	82 KB 29 KB	71ms 70ms	Script text/javascript	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/Public/Home/js/jquery.min.js Requested by Host: yd10086fdueux.com URL: https://yd10086fdueux.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://yd10086fdueux.com/ Response headers content-encoding gzip cf-cache-status HIT etag "1469f-5e84297557900-gzip" age 63 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bqi9Ebb7I%2BwINmowQBsRzbUjzhHo1rscX%2Bfb85301sT9seDmUQs4cvlQsx%2F38iDQ2at2UsaPrsOFo3poglKfGk9qluYnkTDyUpMOJxeJ%2BWy5JENWc62O2M%2B6DI9MXGs2o4fbQA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=22388&sent=17&recv=13&lost=0&retrans=0&sent_bytes=8384&recv_bytes=2698&delivery_rate=287615&cwnd=258&unsent_bytes=0&cid=c1707ba38e1e3702&ts=606&x=0" date Tue, 19 Nov 2024 08:32:03 GMT content-type text/javascript last-modified Fri, 09 Sep 2022 18:19:48 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed8f3ea5d9e90-CDG accept-ranges bytes content-length 29301 server cloudflare
GET H2	200	base64.js Show response yd10086fdueux.com/Public/Home/js/	3 KB 1 KB	69ms 68ms	Script text/javascript	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/Public/Home/js/base64.js Requested by Host: yd10086fdueux.com URL: https://yd10086fdueux.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dbbb2e6d4befc0e550be39ca64aa5b9bc25350bed1b5119b4731cc805012495b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://yd10086fdueux.com/ Response headers content-encoding gzip cf-cache-status HIT etag "b7a-5ec38ca4e3500-gzip" age 63 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgSyDRO0BjQI2LrPYFNFtWy5dH5IMbTt8rQtBdPqvgfJQQqqB397MT9j0CekFsOiEKkq7OvYfoLJpcMGAP5cGrPHUkqmWpr%2BDMMkJUuZj81jPEMqHdu0XTAb%2F%2BxFwkjyvK5ZrQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=22388&sent=14&recv=13&lost=0&retrans=0&sent_bytes=6888&recv_bytes=2698&delivery_rate=287615&cwnd=258&unsent_bytes=0&cid=c1707ba38e1e3702&ts=604&x=0" date Tue, 19 Nov 2024 08:32:03 GMT content-type text/javascript last-modified Sun, 30 Oct 2022 04:19:00 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed8f3ea609e90-CDG accept-ranges bytes content-length 932 server cloudflare
GET H2	200	jp.js Show response yd10086fdueux.com/Public/Home/js/	448 B 716 B	121ms 120ms	Script text/javascript	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/Public/Home/js/jp.js Requested by Host: yd10086fdueux.com URL: https://yd10086fdueux.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54549ac8821005cb8276ad5f75ca95f7d56954b7831f4ce8d79f6b30bd9cf41a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://yd10086fdueux.com/ Response headers content-encoding gzip cf-cache-status HIT etag "1c0-6254c553bf980-gzip" age 63 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyW%2FYqTCOazZsueEGqfSf%2B9qVH0IMNelVBx7XQipVL7%2BO6%2BvVZcBVY2cgzU5bSIrI1hJSWPJMG0WGSel56e1deDO8Xm88BBViD19poprcY%2Fph8iZ%2F077mMMYPvECeTQCvs6WIg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=22388&sent=46&recv=13&lost=0&retrans=0&sent_bytes=38698&recv_bytes=2698&delivery_rate=287615&cwnd=258&unsent_bytes=0&cid=c1707ba38e1e3702&ts=607&x=0" date Tue, 19 Nov 2024 08:32:03 GMT content-type text/javascript last-modified Fri, 25 Oct 2024 12:33:58 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed8f3ea639e90-CDG accept-ranges bytes content-length 254 server cloudflare
POST H2	200	do_jump yd10086fdueux.com/index.php/home/jump/	54 B 581 B	976ms 976ms	XHR application/json	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/index.php/home/jump/do_jump Requested by Host: yd10086fdueux.com URL: https://yd10086fdueux.com/Public/Home/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://yd10086fdueux.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byuNfUgdXZ9knXLA685K2FhlDvf2WBWSlcz5xM8JHtmSN1H4aUB3T7S3CIe9UewIM6MwB35Sy6v%2BPiYVjsKYp2jWJTPe0phg3NBSRCbqvKDitymB1BzZaUokLVAhEJRYcH3KKA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e4ed8f63c5e9e90-CDG expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24404&sent=77&recv=34&lost=0&retrans=0&sent_bytes=67744&recv_bytes=2996&delivery_rate=1433862&cwnd=258&unsent_bytes=0&cid=c1707ba38e1e3702&ts=1884&x=0" content-length 74 date Tue, 19 Nov 2024 08:32:04 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server cloudflare
GET H2	200	favicon.ico yd10086fdueux.com/	91 KB 26 KB	498ms 498ms	Other image/x-icon	172.67.172.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yd10086fdueux.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.172.70 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b01b4cb4ef179db04adf6e56ae4297295e01c85792f80d6dc5eba606467bd86` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://yd10086fdueux.com/ Response headers content-encoding gzip cf-cache-status MISS etag "16b86-625c099a5ea80-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJcVmRazlbMQhl%2BJOk9is38FiVazkYyQexnGIizM4DV72ERHKyQ%2FnRzA2BA3oJEBa7H%2Fyjh85a%2BUvEyp0Mmy5pylGY6Tv3110o5nAiN%2FdS120wZtcEzwKSOzLS3%2BSt0t%2B8VIdg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=27856&sent=53&recv=27&lost=0&retrans=0&sent_bytes=40690&recv_bytes=2996&delivery_rate=1433862&cwnd=258&unsent_bytes=0&cid=c1707ba38e1e3702&ts=1471&x=0" date Tue, 19 Nov 2024 08:32:04 GMT content-type image/x-icon last-modified Thu, 31 Oct 2024 07:16:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed8f69cae9e90-CDG accept-ranges bytes content-length 26229 server cloudflare
GET H2	200	Primary Request / Show response hl1rly8j.gdct6kyr3.top/	6 KB 3 KB	1309ms 374ms	Document text/html	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/ Requested by Host: yd10086fdueux.com URL: https://yd10086fdueux.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `0eafad028adde0f14edbd7e8a4fc71b91335cc78bad878f28f4c5a9f351a85e5` Request headers Referer https://yd10086fdueux.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control private cf-cache-status DYNAMIC cf-ray 8e4ed9023e93ebad-CDG content-encoding zstd content-type text/html; charset=utf-8 date Tue, 19 Nov 2024 08:32:05 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCtrIn7xuv0Qe%2BtdgTp%2BHRPADZD0qM9xhd011YkpkuITo%2FLYLMdOnoX%2BKn8kPqfe7MKySwWYf0%2Fw5TEVH%2FzdS6u1U0K84PTX9RaOPlLTimOLY%2FyFrQvKHBOvFkn4YwShrDB8JRb%2FuMe4"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=31470&sent=8&recv=9&lost=0&retrans=0&sent_bytes=3924&recv_bytes=2304&delivery_rate=123116&cwnd=85&unsent_bytes=0&cid=fe98e52580966999&ts=423&x=0" vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	h5ui.min.css hl1rly8j.gdct6kyr3.top/Public/index/h5ui/css/	42 KB 8 KB	357ms 355ms	Stylesheet text/css	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/Public/index/h5ui/css/h5ui.min.css Requested by Host: hl1rly8j.gdct6kyr3.top URL: https://hl1rly8j.gdct6kyr3.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `86cda42cf24694e2bd3cb8a52dbc6a2cb38843111cac3945269570121e3be24e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://hl1rly8j.gdct6kyr3.top/ Response headers content-encoding gzip cf-cache-status MISS etag "a8f0-5e7ada8266400-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaTxgwyQvuHm1shJPleQQDlpq5FxeK2rMQ1q8VaJDMf%2FJTyUC68unmZgD1qJYm535sIfPwePJ2AX6lxkk%2BKDpF0%2B1FSnyY8ofii5XYGFTQZCTeECTJp8EeY2HVnq6wikDBdSqhP2p7ps"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=31697&sent=21&recv=12&lost=0&retrans=0&sent_bytes=9430&recv_bytes=2701&delivery_rate=193474&cwnd=85&unsent_bytes=0&cid=fe98e52580966999&ts=813&x=0" date Tue, 19 Nov 2024 08:32:06 GMT content-type text/css last-modified Fri, 02 Sep 2022 08:38:40 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed904cd1febad-CDG accept-ranges bytes content-length 7473 server cloudflare
GET H2	200	jquery-1.9.1.min.js Show response hl1rly8j.gdct6kyr3.top/Public/h5/js/	92 KB 33 KB	508ms 507ms	Script text/javascript	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/Public/h5/js/jquery-1.9.1.min.js Requested by Host: hl1rly8j.gdct6kyr3.top URL: https://hl1rly8j.gdct6kyr3.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef7c0f9f57b289d6fbb8fb5fa95a4687c7f9a4e89753cc4f0374256901421ba9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://hl1rly8j.gdct6kyr3.top/ Response headers content-encoding gzip cf-cache-status MISS etag "16ea1-5ec3884ecfa00-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IND7THyF9M4S4YWD7wmRL9N6HVMasyJd1ejtT4geDBmJggKUtpGckPn2pOMBQaaM1UME1FXRzpQYVD7lXNs9l6fQxN13gZ6Dz4nToBCPzkBNBMuV1jwoMt%2F5nFe72%2BR4t54wjJTXbry2"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=37727&sent=31&recv=19&lost=0&retrans=0&sent_bytes=17540&recv_bytes=2701&delivery_rate=349373&cwnd=85&unsent_bytes=0&cid=fe98e52580966999&ts=964&x=0" date Tue, 19 Nov 2024 08:32:06 GMT content-type text/javascript last-modified Sun, 30 Oct 2022 03:59:36 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed904cd21ebad-CDG accept-ranges bytes content-length 33265 server cloudflare
GET H2	200	base64.js Show response hl1rly8j.gdct6kyr3.top/Public/h5/js/	4 KB 2 KB	345ms 344ms	Script text/javascript	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/Public/h5/js/base64.js Requested by Host: hl1rly8j.gdct6kyr3.top URL: https://hl1rly8j.gdct6kyr3.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3a7f60f483cdbf74f05e86c47b81f50464cb0439469a99525a893c0dfec297a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://hl1rly8j.gdct6kyr3.top/ Response headers content-encoding gzip cf-cache-status MISS etag "e50-614366b1b3a80-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4i%2FE0TvhOAdk9BP2dSktLzgl4yydmNeQtagOQbELLXFAVBtcT5P4PbTjPGTVFkypVheCJcGkCdGionKA1AGIoMqyzK%2FS%2BgXRwO%2FvMGhWts%2FmvkigmvCGfNEf4lqn%2FZJYEq%2F%2B9TmaISE"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=31697&sent=18&recv=12&lost=0&retrans=0&sent_bytes=7653&recv_bytes=2701&delivery_rate=193474&cwnd=85&unsent_bytes=0&cid=fe98e52580966999&ts=802&x=0" date Tue, 19 Nov 2024 08:32:06 GMT content-type text/javascript last-modified Fri, 22 Mar 2024 02:16:58 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed904cd23ebad-CDG accept-ranges bytes content-length 1248 server cloudflare
GET H2	200	h5.js Show response hl1rly8j.gdct6kyr3.top/Public/h5/js/	458 B 856 B	334ms 333ms	Script text/javascript	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/Public/h5/js/h5.js Requested by Host: hl1rly8j.gdct6kyr3.top URL: https://hl1rly8j.gdct6kyr3.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed0a7becabdeed03e7ca2158295b25b8132c3432b2394de674df2185d3e2da64` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://hl1rly8j.gdct6kyr3.top/ Response headers content-encoding gzip cf-cache-status MISS etag "1ca-61436d99d0600-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ALY%2B8gYBntvCJnkF%2Bp6%2Fz8uPZBnoq%2BLMcN%2FqqswvahJRuZNEvX5wPGJwgOo1DZTnUgk2PUZR40A2iEBUlZ5r5itu1opQD8izj%2Bd3mcYysjHjmFqcbvvYgsznzDFkRAZKjtjXUn%2BcZnK"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=31697&sent=15&recv=12&lost=0&retrans=0&sent_bytes=6731&recv_bytes=2701&delivery_rate=193474&cwnd=85&unsent_bytes=0&cid=fe98e52580966999&ts=790&x=0" date Tue, 19 Nov 2024 08:32:06 GMT content-type text/javascript last-modified Fri, 22 Mar 2024 02:47:52 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e4ed904cd24ebad-CDG accept-ranges bytes content-length 334 server cloudflare
POST H2	200	index_show.html Show response hl1rly8j.gdct6kyr3.top/index.php/H5/H5/	2 KB 1 KB	382ms 381ms	XHR application/json	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/index.php/H5/H5/index_show.html Requested by Host: hl1rly8j.gdct6kyr3.top URL: https://hl1rly8j.gdct6kyr3.top/Public/h5/js/jquery-1.9.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d9e4b36842fa94849c3126972230124009c9d03fc84a6c5baed661bd04af434c` Request headers Referer https://hl1rly8j.gdct6kyr3.top/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wLq8FDB328W6eNCX9YnhCFehDHnty%2FsBp12JuGUhd3%2BLNNEda%2BcgiAHJ9PvnZpeLTv%2BuRY0RaDNPxsJ0dg3WaoSBTUqZdP9EYQ3W2XpbbT2%2FDCEJyeK23rPSa9GmslOjlQu5939ugw5"}],"group":"cf-nel","max_age":604800} cf-ray 8e4ed9082d8cebad-CDG expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=33147&sent=68&recv=32&lost=0&retrans=0&sent_bytes=52605&recv_bytes=3079&delivery_rate=1137355&cwnd=96&unsent_bytes=0&cid=fe98e52580966999&ts=1376&x=0" content-length 697 date Tue, 19 Nov 2024 08:32:06 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server cloudflare
POST H2	200	show_title Show response hl1rly8j.gdct6kyr3.top/index.php/H5/H5/	66 B 692 B	378ms 378ms	XHR application/json	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/index.php/H5/H5/show_title Requested by Host: hl1rly8j.gdct6kyr3.top URL: https://hl1rly8j.gdct6kyr3.top/Public/h5/js/jquery-1.9.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4ad9e17bc8338ef598a548756ac66db34c0e6a6e8d042bcb87f64f107c8392fb` Request headers Referer https://hl1rly8j.gdct6kyr3.top/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAb%2Fn5IPTpWyXChGXyjFYKHT%2Br%2BBLu6QIQxuov89TdbfszuhMQC7eutwhQaMXbrJgP9NeApkkTUN69M1Gw3qOZFg%2BL6%2F9iD0Jho9jqgGRdV6Q9b525Y%2BsPsk1CM30W%2F1mL28iUR9iDAP"}],"group":"cf-nel","max_age":604800} cf-ray 8e4ed9082d9bebad-CDG expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=33147&sent=65&recv=32&lost=0&retrans=0&sent_bytes=51847&recv_bytes=3079&delivery_rate=1137355&cwnd=96&unsent_bytes=0&cid=fe98e52580966999&ts=1371&x=0" content-length 84 date Tue, 19 Nov 2024 08:32:06 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server cloudflare
GET H2	404	favicon.ico hl1rly8j.gdct6kyr3.top/	2 KB 1 KB	382ms 382ms	Other text/html	172.67.187.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hl1rly8j.gdct6kyr3.top/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.187.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8504b233a15d1384f611ee937f5dd951fd493598946f9942d8422f4cf6710d37` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://hl1rly8j.gdct6kyr3.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9lnWhjNeqVe5Z6xFFBLuoL1dbq000oFfyc5d098RtETg7QCB5B53dpDdwWhEdKqxrCEaOHF9d7HOG3n53iO6nvNZzK5jtKapeGPItaIe0ZhCp0BoplAYbwX4RZ8WARTM9C7VtnPENle"}],"group":"cf-nel","max_age":604800} cf-ray 8e4ed9082da7ebad-CDG alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=33147&sent=71&recv=32&lost=0&retrans=0&sent_bytes=53810&recv_bytes=3079&delivery_rate=1137355&cwnd=96&unsent_bytes=0&cid=fe98e52580966999&ts=1381&x=0" date Tue, 19 Nov 2024 08:32:06 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yd10086fdueux.com/	1970-01-21 01:06:48	Name: think_language Value: it-IT
yd10086fdueux.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1ctmn9ek8ce2lpkc1jl4m481i7
hl1rly8j.gdct6kyr3.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4pt0f2jggbvq4snrnaeuun7vln

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hl1rly8j.gdct6kyr3.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hl1rly8j.gdct6kyr3.top
yd10086fdueux.com
172.67.172.70
172.67.187.122
050d2b0f367c109b6c4df53794e3ebf6add0d210618cd10247341b0d396d2170
0eafad028adde0f14edbd7e8a4fc71b91335cc78bad878f28f4c5a9f351a85e5
3053dfce8a4beafaba1d0cc79d6275d0892f004d6db2fe3b7282c83115579607
4ad9e17bc8338ef598a548756ac66db34c0e6a6e8d042bcb87f64f107c8392fb
4b01b4cb4ef179db04adf6e56ae4297295e01c85792f80d6dc5eba606467bd86
54549ac8821005cb8276ad5f75ca95f7d56954b7831f4ce8d79f6b30bd9cf41a
8504b233a15d1384f611ee937f5dd951fd493598946f9942d8422f4cf6710d37
86cda42cf24694e2bd3cb8a52dbc6a2cb38843111cac3945269570121e3be24e
d3a7f60f483cdbf74f05e86c47b81f50464cb0439469a99525a893c0dfec297a
d9e4b36842fa94849c3126972230124009c9d03fc84a6c5baed661bd04af434c
dbbb2e6d4befc0e550be39ca64aa5b9bc25350bed1b5119b4731cc805012495b
ed0a7becabdeed03e7ca2158295b25b8132c3432b2394de674df2185d3e2da64
ef7c0f9f57b289d6fbb8fb5fa95a4687c7f9a4e89753cc4f0374256901421ba9
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

hl1rly8j.gdct6kyr3.top Open in urlscan Pro 172.67.187.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

111 kBTransfer

330 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

hl1rly8j.gdct6kyr3.top Open in urlscan Pro
172.67.187.122 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

111 kB
Transfer

330 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions