Report - 4g2y.top/

Report Overview

Submitted URL
4g2y.top/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 15:31:29
Access
public
Website Title
PMYP Prime Minister Laptop Scheme 2024 – Apply Online
Final URL
4g2y.top/#1714836664646
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
563cdn.com	unknown	2023-05-12	2023-05-12	2024-04-12	435 B	91 kB	188.114.97.1
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	424 B	34 kB	142.250.74.170
tj.657g.xyz	unknown	2023-07-13	2023-12-07	2024-04-18	864 B	3.0 kB	188.114.97.1
hm.baidu.com	8254	1999-10-11	2012-05-26	2024-05-03	1.1 kB	12 kB	183.240.98.228
4g2y.top	unknown	2023-09-03	2024-02-28	2024-04-09	896 B	82 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-19	medium	tj.657g.xyz/	PayPal Inc.
2024-03-19	medium	tj.657g.xyz/	PayPal Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-18 12:58:06 Times Seen48008 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	4g2y.top/	2.6 kB	2024-04-18	2024-05-09
Pretty URL 4g2y.top/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 11:21:27 Last Seen2024-05-09 22:14:13 Times Seen15 Hash bcb1aaa49a20e7b1dc786cd06f7ac01d 0e6e845f89e45bdc0bee07fe087885701b07d2dd ce5ff23d4090423a12e6d03868deba69eb6dce3f3a31f2e80cf9b9a3c8fe7933 Loading...

	4g2y.top/	345 B	2023-12-13	2024-05-09
Pretty URL 4g2y.top/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-13 18:56:14 Last Seen2024-05-09 22:14:13 Times Seen41 Hash ecffbe366e1b36e55da681315cda4e78 4932abca38dc9d841be2c4cd52207207b29c2714 214f1274f0b94b658764f6179e2de89e09de88248f35e3d9bf506ce9049c5a14 Loading...

	tj.657g.xyz/js/script.js	1.3 kB	2023-05-22	2024-05-18
Pretty URL tj.657g.xyz/js/script.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 17:22:24 Last Seen2024-05-18 14:10:30 Times Seen3534 Hash abd4e2373b2e8c4dac2e80159641c5f1 e273656e58ca934d873204e68dd35670fde657ed 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Loading...

	unknown	37 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49:14 Last Seen2024-05-18 13:56:24 Times Seen22611 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	unknown	332 B	2024-05-04	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 17:31:33 Last Seen2024-05-04 17:31:33 Times Seen1 Hash 148bd21b3763833fe2d9941100ed7d6d e902597dca2e198116e4ad10ee14848b6ed15969 84631beb3b0e9e5ce27c4707bfd3c6bf4c9bfe5105bed2024584e56224b7f2a5 Loading...

	4g2y.top/	228 B	2024-01-22	2024-05-09
Pretty URL 4g2y.top/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-22 18:55:06 Last Seen2024-05-09 22:14:13 Times Seen22 Hash 2768b69fa39beebc2afa7874bf5482e3 aff70fe363268c0b9d68b4580e998a68bf051c34 7a4a9bdcb8e68e6ad5628d6460333092224e7db0c7fa7425127050393238b580 Loading...

	unknown	316 B	2024-01-22	2024-05-09
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-01-22 00:15:49 Last Seen2024-05-09 22:14:13 Times Seen19 Hash f29d942572b68cc8c76d5067c2d4d6c6 6257f1620f626907778d0d10daf2211c9a52697f cbcb07a5ac544e58895e869208dfa323a5d304c1f2e10d190084f2b598356b9f Loading...

	hm.baidu.com/hm.js?499e8c96f07e810d9e479117ebfaf473	30 kB	2024-05-04	2024-05-04
Pretty URL hm.baidu.com/hm.js?499e8c96f07e810d9e479117ebfaf473 IP 183.240.98.228 ASN #56040 China Mobile communications corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 17:31:33 Last Seen2024-05-04 17:31:33 Times Seen2 Hash 2105564d543f76a0e492603440e8b765 cbab9bcdfd66d1f096d89b99f711aebc938d477c 377b287ca804843b4dd8f422567f83686570d974a2c9a9e55300ec941a517d39 Loading...

HTTP Transactions (8)

URL IP Response Size

563cdn.com/images/laptopfree.jpeg

188.114.97.1

200 OK

91 kB

URL GET HTTP/2
563cdn.com/images/laptopfree.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4g2y.top/
Certificate
IssuerLet's Encrypt
Subject563cdn.com
Fingerprint9C:97:7F:B8:CE:1C:FD:45:D8:D6:47:6B:0E:AA:47:47:24:8E:7A:4E
ValidityWed, 10 Apr 2024 01:29:56 GMT - Tue, 09 Jul 2024 01:29:55 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1082x672, components 3
Size
91 kB (90602 bytes)
Hash
ad43c64a98ce069e008bd61dbd64f87e
c8882647f2bc82bcb66752ed094dd4d9e5c6ec4c
7887bebae5fca7fb2139245ab9ae67b401da166c6737367a98097b73b7db8dda

HTTP Headers

GET /images/laptopfree.jpeg HTTP/1.1
Host: 563cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 15:31:04 GMT
content-type: image/jpeg
content-length: 90602
etag: "ad43c64a98ce069e008bd61dbd64f87e"
last-modified: Wed, 24 Jan 2024 01:59:12 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3662
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UL%2FBUGiNidO2A9Rk3IxdquIRSUtLmIwulNtCAhXPzVK%2BUEmEjkN14Rx2V3eCnUDv0%2BpHKKGYxb3iBXVB1vuNbZneLjXyJSu6v7INhTOC%2FPXxKnH1e32865%2FEAnkP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e98920e9785697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.170

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://4g2y.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:54:46 GMT
expires: Fri, 02 May 2025 19:54:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 156978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tj.657g.xyz/api/event

188.114.97.1

202 Accepted

2 B

URL POST HTTP/3
tj.657g.xyz/api/event
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4g2y.top/
Certificate
IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint62:A7:5F:68:68:61:92:3D:96:17:20:8B:09:D3:38:03:80:11:C4:39
ValidityFri, 03 May 2024 08:38:58 GMT - Thu, 01 Aug 2024 08:38:57 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

POST /api/event HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 79
Origin: https://4g2y.top
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 202 Accepted
date: Sat, 04 May 2024 15:31:04 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
x-request-id: F8xS-mzGdbskyEIWeM5h
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2Taeot1xuNP5nx%2FJ%2BIGJVr6yHvcl2iOi5ptOFHECU3ZJ%2BS%2BgntAR76O2R%2BzwfJV8CU9JY1RndYM%2BF7SdSRNijluL0N249LgxVa%2Fnvuid2vxibRJagmkjrLt4NOhDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e98922485bb512-OSL
alt-svc: h3=":443"; ma=86400

hm.baidu.com/hm.js?499e8c96f07e810d9e479117ebfaf473

183.240.98.228

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?499e8c96f07e810d9e479117ebfaf473
IP
183.240.98.228:443
ASN
#56040 China Mobile communications corporation

Requested by
https://4g2y.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
JavaScript source, ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
2105564d543f76a0e492603440e8b765
cbab9bcdfd66d1f096d89b99f711aebc938d477c
377b287ca804843b4dd8f422567f83686570d974a2c9a9e55300ec941a517d39

HTTP Headers

GET /hm.js?499e8c96f07e810d9e479117ebfaf473 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 04 May 2024 15:31:05 GMT
Etag: 77950b41be61f54eb2aa86f90f5af773
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BD6DF29E68DC1D6D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=299549210&si=499e8c96f07e810d9e479117ebfaf473&v=1.3.0&lv=1&sn=47856&r=0&ww=1280&u=https%3A%2F%2F4g2y.top%2F%231714836664646&tt=PMYP%20Prime%20Minister%20Laptop%20Scheme%202024%20%E2%80%93%20Apply%20Online

183.240.98.228

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=299549210&si=499e8c96f07e810d9e479117ebfaf473&v=1.3.0&lv=1&sn=47856&r=0&ww=1280&u=https%3A%2F%2F4g2y.top%2F%231714836664646&tt=PMYP%20Prime%20Minister%20Laptop%20Scheme%202024%20%E2%80%93%20Apply%20Online
IP
183.240.98.228:443
ASN
#56040 China Mobile communications corporation

Requested by
https://4g2y.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=299549210&si=499e8c96f07e810d9e479117ebfaf473&v=1.3.0&lv=1&sn=47856&r=0&ww=1280&u=https%3A%2F%2F4g2y.top%2F%231714836664646&tt=PMYP%20Prime%20Minister%20Laptop%20Scheme%202024%20%E2%80%93%20Apply%20Online HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 May 2024 15:31:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=46047D271A1E5832; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

tj.657g.xyz/js/script.js

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/2
tj.657g.xyz/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4g2y.top/
Certificate
IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint62:A7:5F:68:68:61:92:3D:96:17:20:8B:09:D3:38:03:80:11:C4:39
ValidityFri, 03 May 2024 08:38:58 GMT - Thu, 01 Aug 2024 08:38:57 GMT

File type
ASCII text, with very long lines (1384), with no line terminators
Size
1.3 kB (1346 bytes)
Hash
16cfd1982a40489c41a52add24d36b85
344f1896d895c5d0a7c4caecafcf1942603cd026
72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /js/script.js HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 15:31:04 GMT
content-type: application/javascript
cf-bgj: minify
expires: Sat, 04 May 2024 22:58:37 GMT
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16476
last-modified: Sat, 04 May 2024 10:56:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VUOib7FvDMvpROWv3ZORPjdEKvv2LxD8aeJHuMaccvi%2FQQEyyeJnXXoiKR%2B0%2B0TVO1GBMW8koLq5L%2FMQWa8O%2FXLrM6XkNktTLn4JgDUha0Y%2BLW77WgegEBsjcYiQKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e98920fa00b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

4g2y.top/

188.114.96.1

200 OK

18 kB

URL User Request GET HTTP/2
4g2y.top/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject4g2y.top
Fingerprint80:D9:DD:4F:EA:1E:75:84:23:19:F1:75:E7:88:D0:DC:75:06:56:25
ValiditySun, 21 Apr 2024 13:47:36 GMT - Sat, 20 Jul 2024 13:47:35 GMT

File type

Size
18 kB (17913 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 4g2y.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 15:31:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Sun, 05-May-2024 15:31:04 GMT; Max-Age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXz7ek3ojqAJWcJtdu9VEMbE5EtyVn8p0sxwxSVMploIbB6tmnHy8Oiju6dyAOOtF7yYgeK%2FQLZ72CT1z3BLnxnwOcXhsQLfxV7I6zYTolyiw5Ub1e47VVkyOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e9891c7d010afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

4g2y.top/favicon.ico

188.114.96.1

404 Not Found

63 kB

URL GET HTTP/3
4g2y.top/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://4g2y.top/
Certificate
IssuerLet's Encrypt
Subject4g2y.top
Fingerprint80:D9:DD:4F:EA:1E:75:84:23:19:F1:75:E7:88:D0:DC:75:06:56:25
ValiditySun, 21 Apr 2024 13:47:36 GMT - Sat, 20 Jul 2024 13:47:35 GMT

File type

Size
63 kB (63043 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 4g2y.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4g2y.top/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 04 May 2024 15:31:05 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0w1NaekNNjC5fW3plhxptQV1FbzQsVLK1XDWNpeESPFk4xs9l8TzHxFn2EbEaWuwPiz3X7TtX77qGAhhVOUhRcMM22GKVuw4JjCVzH%2B2ykxg8U%2FAiw3PlU3kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e989245b42568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash