ggthreeland.com
Open in
urlscan Pro
104.21.68.128
Public Scan
Effective URL: https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a...
Submission: On July 24 via api from GB — Scanned from AU
Summary
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time ggthreeland.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.224.182.250 103.224.182.250 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 1 | 65.8.161.83 65.8.161.83 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 104.21.68.128 104.21.68.128 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.18.186.31 104.18.186.31 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 5 |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-250.above.com
apple-cider-vinegar.life |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
omause.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-8-161-83.sfo53.r.cloudfront.net
my.toruftuiov.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
omause.com
1 redirects
omause.com — Cisco Umbrella Rank: 902466 |
3 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
133 KB |
3 |
ggthreeland.com
ggthreeland.com — Cisco Umbrella Rank: 307251 |
6 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410 |
53 KB |
1 |
toruftuiov.com
1 redirects
my.toruftuiov.com — Cisco Umbrella Rank: 94230 |
1 KB |
1 |
apple-cider-vinegar.life
1 redirects
apple-cider-vinegar.life |
2 KB |
0 |
redrotou.net
Failed
redrotou.net Failed |
|
13 | 7 |
Domain | Requested by | |
---|---|---|
4 | omause.com |
1 redirects
omause.com
|
3 | cdnjs.cloudflare.com |
ggthreeland.com
cdnjs.cloudflare.com |
3 | ggthreeland.com |
omause.com
ggthreeland.com |
2 | cdn.jsdelivr.net |
ggthreeland.com
|
1 | my.toruftuiov.com | 1 redirects |
1 | apple-cider-vinegar.life | 1 redirects |
0 | redrotou.net Failed |
ggthreeland.com
|
13 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cw-warpaint-ranch.com R3 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
ggthreeland.com WE1 |
2024-06-19 - 2024-09-17 |
3 months | crt.sh |
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA |
2024-05-04 - 2025-05-04 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a&cid=wv34i6i7s2bus1v23or6kt2a&campaign.id=b7e400b6-2d54-4537-aba4-bb03c913174b&country=AU&cep=098Xe5Q0BpfAW6JmnyiW1090QVuJrFqpCZKpTP59wz1MSaxiXM5VvEOBfK-vAuYA63SGGUyNPZi19jFyZH4TTNq0YDPC_fLL1Ie_ExzoELe0Mq19-3QPic12zVqMopSpdpNJwMTIYK_xpGirX0g9b9jDCerpv6hXEgHDny5uSIior0gosgW4I7sWA9wu1VXc5t5wNbcXmzn-UzZEtcSftFRvkcGinYv3Tuh-_R1gWgi6NQvTzJ34uSnk0xXURyhO9loTSN9Q-86YdLQWIrCRReuFkMJAoW45iAocSNczytxFxQX-nmRGsU0Ui_noeMCC622AvcmuftewZQtcVUt9TWLuUTrgoOIDWrloCSoKzLfWLhHEVVCm3KBXRnaHPjB1yuXCFafn_-_mEaUW0wkZ3MjRaCI7H-3KYKi-ZI6H_4xT8mkd0j908EguOq99Cdq3&lptoken=1708217084bc3030782c&subid=781843945&kw=.au.subp.mobile.android&cpv=0.005
Frame ID: E070B29C00C64CB06CF5FF6F10FE562C
Requests: 12 HTTP requests in this frame
Frame:
https://ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: FCD91EDE6405A79932BDA58439204AE1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Mix VPN - Protect Your PrivacyPage URL History Show full URLs
-
http://apple-cider-vinegar.life/
HTTP 307
https://apple-cider-vinegar.life/ HTTP 302
http://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEb... HTTP 307
https://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEb... Page URL
-
https://omause.com/r.php?u=https%3A%2F%2Fmy.toruftuiov.com%2Fb7e400b6-2d54-4537-aba4-bb03c91317...
HTTP 302
https://my.toruftuiov.com/b7e400b6-2d54-4537-aba4-bb03c913174b?subid=781843945&kw=.au.subp.mobile.andr... HTTP 302
https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://apple-cider-vinegar.life/
HTTP 307
https://apple-cider-vinegar.life/ HTTP 302
http://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09 HTTP 307
https://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09 Page URL
-
https://omause.com/r.php?u=https%3A%2F%2Fmy.toruftuiov.com%2Fb7e400b6-2d54-4537-aba4-bb03c913174b%3Fsubid%3D781843945%26kw%3D.au.subp.mobile.android%26cpv%3D0.005&s=j&enc=mcqGzs80eGtkG1QmQtSEW349fll2ZjZPQmt5VUw5N1V5QytISCtHR0loZ3J4ZGZxeHAzMUtGWjExaGdaRkVJa00ycURibGdvSS8vWkREbW9zYjA0YXJyamJ4ak50ejFUVFM3UUhHZVBaMzhwNmlXNGZIVUlFc2Y3bzU5aDEwMmV5Q2VOMnZ0enh5Zml2dWVJNXZaZTRTVGRWRmsvMUZ2a1NKVGI0S0sxVWZMZkxvdXVqMEJUNzV1WUdNNjIxTkhxT1JXUlJucjdmK0JxakpGcFMzS3dWalQvZ21paUhBT2lFajZoQ3FEZW1jdlhlVFU5dVR3b2dXTlhrNFllVnFUa29LRVJYL1pxcFFjMTJSemM0SzlTSXlOdmN0bG5hRWdDSkhXd1hEVmkvakhCbldRVTJOZGZNVEEreG9DUHB3SW5xNmd3V3AvYXcvRVQ1cGtualBuelQxTERCZTI0SDl0a0RSWlhlcm00eHJQS1c0L00xdnFNdUFHcWs2c1VSZzB0bzRJODFDNEV3NGQzQmFLSVUyZGtaTkxTSW5NSlRic3dVaDZNQmtsM2c0ODhidjY5TmtWTTV1WTltZkJkYkt6aGlqRjJtVklic0N3anRrSzBhK1ZOWUlzeTFuWlJXcm95ekhjU21uRWlFQjJJa1ExMXVYYUVNcVZzWmcrNVhiaitBTDFkOElwOHUrckh0QWZyS1Bkb0M5dlJ1Uk9iUTIybmEzd1l0dmdJN1ZPZzFpc2pMT0p4VExlOU5LUDJQbktlUzdGZzRYRXZoM2lsRkZlS292bThYL3pXL01VRFdpRXdsdDd0eUJNNk1rUGk3RFVIbHYySDcyaXRCU1JTb3M0ZVNXTll2VW5QanBBWVB3dTVQMTF0dTc5R3VJcTl4cmRhVzlzMFVoN2tpaGlsK2hVYzY4NUk4UXBLK1UrSFhieUxZZ014a0NGR0dpbnZhbW5sY0FYRTlNR29GQ1dFbnpjajBtbGxPd1NxMWZIWm45NFB6eS9RbG9IRWUwNWtpOElLZXhteFEzZENZSjVPTDhsMG5WNlhzakp5dVArcEtrR2E1MmdlVGI0MkZwOGdjSWI5dXcxbTZCcE5qcllHbVNyY1dSbzRaeUVVTVFQUFFObUVVempWemxxanZ0bWJ1N2w1MGdxRHdGSFJvNG5Ta1FhSTJrWGdtL29mcWladzVLZURCVHdsbGh4eHNNREtPVm11Vjc1Q3AwZVJnd0JybmxubEdDSFlrT0RaK29YSloxbFVmOHdCSCtKNEpZeDNBUjRDcjVhQWUxclZHYVcvYzBTZDRoVE1SdEpyeTdEM1BxeGtiR0JZb1JUWURneThtaHp4cGlEMHlwcnk1ZW1KemVvaTczcS9ZcEQwVk5MZXpyWm01Zm0%3D&vs=1600:1200&ds=1600:1200&sl=60:60&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
HTTP 302
https://my.toruftuiov.com/b7e400b6-2d54-4537-aba4-bb03c913174b?subid=781843945&kw=.au.subp.mobile.android&cpv=0.005 HTTP 302
https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a&cid=wv34i6i7s2bus1v23or6kt2a&campaign.id=b7e400b6-2d54-4537-aba4-bb03c913174b&country=AU&cep=098Xe5Q0BpfAW6JmnyiW1090QVuJrFqpCZKpTP59wz1MSaxiXM5VvEOBfK-vAuYA63SGGUyNPZi19jFyZH4TTNq0YDPC_fLL1Ie_ExzoELe0Mq19-3QPic12zVqMopSpdpNJwMTIYK_xpGirX0g9b9jDCerpv6hXEgHDny5uSIior0gosgW4I7sWA9wu1VXc5t5wNbcXmzn-UzZEtcSftFRvkcGinYv3Tuh-_R1gWgi6NQvTzJ34uSnk0xXURyhO9loTSN9Q-86YdLQWIrCRReuFkMJAoW45iAocSNczytxFxQX-nmRGsU0Ui_noeMCC622AvcmuftewZQtcVUt9TWLuUTrgoOIDWrloCSoKzLfWLhHEVVCm3KBXRnaHPjB1yuXCFafn_-_mEaUW0wkZ3MjRaCI7H-3KYKi-ZI6H_4xT8mkd0j908EguOq99Cdq3&lptoken=1708217084bc3030782c&subid=781843945&kw=.au.subp.mobile.android&cpv=0.005 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://apple-cider-vinegar.life/ HTTP 307
- https://apple-cider-vinegar.life/ HTTP 302
- http://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09 HTTP 307
- https://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09
- https://ggthreeland.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
xr.php
omause.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
omause.com/ |
0 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
omause.com/ |
94 B 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
ggthreeland.com/en/securevpn/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ |
216 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ |
82 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
ggthreeland.com/en/securevpn/ |
2 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translations.js
ggthreeland.com/en/securevpn/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ |
10 KB 0 |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
micro.tag.min.js
redrotou.net/act/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.js
ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame FCD9 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.ttf
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ |
291 KB 117 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- redrotou.net
- URL
- https://redrotou.net/act/files/micro.tag.min.js?z=7628655&ymid=wv34i6i7s2bus1v23or6kt2a&var=b7e400b6-2d54-4537-aba4-bb03c913174b&sw=/sw-check-permissions-fabae.js
- Domain
- ggthreeland.com
- URL
- https://ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 number| uidEvent object| bootstrap function| setLanguage function| getLanguageFromURL function| updateTimer object| url string| pci string| ppi object| s4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
apple-cider-vinegar.life/ | Name: __tad Value: 1721841274.8191105 |
|
.omause.com/ | Name: __dsnsid Value: 2024072503143487aca957bbe2e02123 |
|
.my.toruftuiov.com/ | Name: b7e400b6-2d54-4537-aba4-bb03c913174b-v4 Value: uO9RKE_9yKtxssg-CoxgZXWAJg8ze6RKlzTbV-ZWLYc |
|
.my.toruftuiov.com/ | Name: cep-v4 Value: mYQDMH-dYZFoxUi0J2zSDhYTfaCO_xWvsNx0qHymNBFxgXMNEm5PAAG3BVQL2m9pw-rkEk3qPKuugzY0nrLf9lU-8xEBRi5rK-0JZpUoU6eD515tMLGb1Qh_vC1rEWRav6jj5zFFHWl8adnxGSqiJALffk8-6tTWOBgjajhx9ZOtV26S9YXYVJ-G2Z7A6AUlrkQ5ye5F-4CDYu-dK2Yrbi5JbXbDjydMXmlCnb3O_ar_cUJogqnJwUQOkVQvYLnzNIqUZnaEIh6-Ju3w7vdwvtR1u8Y9tyhkYXI7tQlOsHbV2-JWiVltLux51y1xd6B5Y35HZ788DCqS198hbUWPBDGe76nKwklN8EYLTO48fcyj6_ofIYAK4xgxijf0zRR-1jgM60pPVlMxd9pG4gh6jQRPd2_2IYF5fOTfWKixbQe7YsY-MJc0DfNTxmg6D5ms |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apple-cider-vinegar.life
cdn.jsdelivr.net
cdnjs.cloudflare.com
ggthreeland.com
my.toruftuiov.com
omause.com
redrotou.net
ggthreeland.com
redrotou.net
103.224.182.206
103.224.182.250
104.17.24.14
104.18.186.31
104.21.68.128
65.8.161.83
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
146c052865d7e21734d44239c9284591cca13b870cb464c915ffe4700ad52876
1834040a7cd57f026483f0f0c2d3ed8289870027e8f66d9b70d85a8b9d2a8ca2
192bfc3cf1f16fd369d3d2b4cefb3f6edc7fa7aafc09d67312448765be7752c1
1c210c134c340a1133991a605b0aac990ce8505c48fce37c915063402964e994
9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
c1ebe8eef0a52cb29147bc395c1f4ce9fd917cec6fcd39d5c0ee79ca1a0dcd4d