ggthreeland.com
Open in
urlscan Pro
104.21.68.128
Public Scan
Submitted URL: http://apple-cider-vinegar.life/
Effective URL: https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a...
Submission: On July 24 via api from GB — Scanned from AU
Effective URL: https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a...
Submission: On July 24 via api from GB — Scanned from AU
Summary
This website contacted 5 IPs
in 3 countries
across 7 domains to perform 13 HTTP transactions.
The main IP is 104.21.68.128, located in
and
belongs to CLOUDFLARENET, US.
The main domain is ggthreeland.com.
The Cisco Umbrella rank of the primary domain is 307251.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time ggthreeland.com was scanned on urlscan.io!
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time ggthreeland.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 103.224.182.250 103.224.182.250 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 1 1 | 65.8.161.83 65.8.161.83 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 104.21.68.128 104.21.68.128 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 104.18.186.31 104.18.186.31 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 13 | 5 |
1
103.224.182.250
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-250.above.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-250.above.com
| apple-cider-vinegar.life |
4
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| omause.com |
1
65.8.161.83
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-8-161-83.sfo53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-8-161-83.sfo53.r.cloudfront.net
| my.toruftuiov.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
omause.com
1 redirects
omause.com — Cisco Umbrella Rank: 902466 |
3 KB |
| 3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
133 KB |
| 3 |
ggthreeland.com
ggthreeland.com — Cisco Umbrella Rank: 307251 |
6 KB |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410 |
53 KB |
| 1 |
toruftuiov.com
1 redirects
my.toruftuiov.com — Cisco Umbrella Rank: 94230 |
1 KB |
| 1 |
apple-cider-vinegar.life
1 redirects
apple-cider-vinegar.life |
2 KB |
| 0 |
redrotou.net
Failed
redrotou.net Failed |
|
| 13 | 7 |
| Domain | Requested by | |
|---|---|---|
| 4 | omause.com |
1 redirects
omause.com
|
| 3 | cdnjs.cloudflare.com |
ggthreeland.com
cdnjs.cloudflare.com |
| 3 | ggthreeland.com |
omause.com
ggthreeland.com |
| 2 | cdn.jsdelivr.net |
ggthreeland.com
|
| 1 | my.toruftuiov.com | 1 redirects |
| 1 | apple-cider-vinegar.life | 1 redirects |
| 0 | redrotou.net Failed |
ggthreeland.com
|
| 13 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cw-warpaint-ranch.com R3 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
| ggthreeland.com WE1 |
2024-06-19 - 2024-09-17 |
3 months | crt.sh |
| *.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA |
2024-05-04 - 2025-05-04 |
a year | crt.sh |
| cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a&cid=wv34i6i7s2bus1v23or6kt2a&campaign.id=b7e400b6-2d54-4537-aba4-bb03c913174b&country=AU&cep=098Xe5Q0BpfAW6JmnyiW1090QVuJrFqpCZKpTP59wz1MSaxiXM5VvEOBfK-vAuYA63SGGUyNPZi19jFyZH4TTNq0YDPC_fLL1Ie_ExzoELe0Mq19-3QPic12zVqMopSpdpNJwMTIYK_xpGirX0g9b9jDCerpv6hXEgHDny5uSIior0gosgW4I7sWA9wu1VXc5t5wNbcXmzn-UzZEtcSftFRvkcGinYv3Tuh-_R1gWgi6NQvTzJ34uSnk0xXURyhO9loTSN9Q-86YdLQWIrCRReuFkMJAoW45iAocSNczytxFxQX-nmRGsU0Ui_noeMCC622AvcmuftewZQtcVUt9TWLuUTrgoOIDWrloCSoKzLfWLhHEVVCm3KBXRnaHPjB1yuXCFafn_-_mEaUW0wkZ3MjRaCI7H-3KYKi-ZI6H_4xT8mkd0j908EguOq99Cdq3&lptoken=1708217084bc3030782c&subid=781843945&kw=.au.subp.mobile.android&cpv=0.005
Frame ID: E070B29C00C64CB06CF5FF6F10FE562C
Requests: 12 HTTP requests in this frame
Frame:
https://ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: FCD91EDE6405A79932BDA58439204AE1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Mix VPN - Protect Your PrivacyPage URL History Show full URLs
-
http://apple-cider-vinegar.life/
HTTP 307
https://apple-cider-vinegar.life/ HTTP 302
http://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEb... HTTP 307
https://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEb... Page URL
-
https://omause.com/r.php?u=https%3A%2F%2Fmy.toruftuiov.com%2Fb7e400b6-2d54-4537-aba4-bb03c91317...
HTTP 302
https://my.toruftuiov.com/b7e400b6-2d54-4537-aba4-bb03c913174b?subid=781843945&kw=.au.subp.mobile.andr... HTTP 302
https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://apple-cider-vinegar.life/
HTTP 307
https://apple-cider-vinegar.life/ HTTP 302
http://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09 HTTP 307
https://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09 Page URL
-
https://omause.com/r.php?u=https%3A%2F%2Fmy.toruftuiov.com%2Fb7e400b6-2d54-4537-aba4-bb03c913174b%3Fsubid%3D781843945%26kw%3D.au.subp.mobile.android%26cpv%3D0.005&s=j&enc=mcqGzs80eGtkG1QmQtSEW349fll2ZjZPQmt5VUw5N1V5QytISCtHR0loZ3J4ZGZxeHAzMUtGWjExaGdaRkVJa00ycURibGdvSS8vWkREbW9zYjA0YXJyamJ4ak50ejFUVFM3UUhHZVBaMzhwNmlXNGZIVUlFc2Y3bzU5aDEwMmV5Q2VOMnZ0enh5Zml2dWVJNXZaZTRTVGRWRmsvMUZ2a1NKVGI0S0sxVWZMZkxvdXVqMEJUNzV1WUdNNjIxTkhxT1JXUlJucjdmK0JxakpGcFMzS3dWalQvZ21paUhBT2lFajZoQ3FEZW1jdlhlVFU5dVR3b2dXTlhrNFllVnFUa29LRVJYL1pxcFFjMTJSemM0SzlTSXlOdmN0bG5hRWdDSkhXd1hEVmkvakhCbldRVTJOZGZNVEEreG9DUHB3SW5xNmd3V3AvYXcvRVQ1cGtualBuelQxTERCZTI0SDl0a0RSWlhlcm00eHJQS1c0L00xdnFNdUFHcWs2c1VSZzB0bzRJODFDNEV3NGQzQmFLSVUyZGtaTkxTSW5NSlRic3dVaDZNQmtsM2c0ODhidjY5TmtWTTV1WTltZkJkYkt6aGlqRjJtVklic0N3anRrSzBhK1ZOWUlzeTFuWlJXcm95ekhjU21uRWlFQjJJa1ExMXVYYUVNcVZzWmcrNVhiaitBTDFkOElwOHUrckh0QWZyS1Bkb0M5dlJ1Uk9iUTIybmEzd1l0dmdJN1ZPZzFpc2pMT0p4VExlOU5LUDJQbktlUzdGZzRYRXZoM2lsRkZlS292bThYL3pXL01VRFdpRXdsdDd0eUJNNk1rUGk3RFVIbHYySDcyaXRCU1JTb3M0ZVNXTll2VW5QanBBWVB3dTVQMTF0dTc5R3VJcTl4cmRhVzlzMFVoN2tpaGlsK2hVYzY4NUk4UXBLK1UrSFhieUxZZ014a0NGR0dpbnZhbW5sY0FYRTlNR29GQ1dFbnpjajBtbGxPd1NxMWZIWm45NFB6eS9RbG9IRWUwNWtpOElLZXhteFEzZENZSjVPTDhsMG5WNlhzakp5dVArcEtrR2E1MmdlVGI0MkZwOGdjSWI5dXcxbTZCcE5qcllHbVNyY1dSbzRaeUVVTVFQUFFObUVVempWemxxanZ0bWJ1N2w1MGdxRHdGSFJvNG5Ta1FhSTJrWGdtL29mcWladzVLZURCVHdsbGh4eHNNREtPVm11Vjc1Q3AwZVJnd0JybmxubEdDSFlrT0RaK29YSloxbFVmOHdCSCtKNEpZeDNBUjRDcjVhQWUxclZHYVcvYzBTZDRoVE1SdEpyeTdEM1BxeGtiR0JZb1JUWURneThtaHp4cGlEMHlwcnk1ZW1KemVvaTczcS9ZcEQwVk5MZXpyWm01Zm0%3D&vs=1600:1200&ds=1600:1200&sl=60:60&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
HTTP 302
https://my.toruftuiov.com/b7e400b6-2d54-4537-aba4-bb03c913174b?subid=781843945&kw=.au.subp.mobile.android&cpv=0.005 HTTP 302
https://ggthreeland.com/en/securevpn/index.html?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wv34i6i7s2bus1v23or6kt2a&cid=wv34i6i7s2bus1v23or6kt2a&campaign.id=b7e400b6-2d54-4537-aba4-bb03c913174b&country=AU&cep=098Xe5Q0BpfAW6JmnyiW1090QVuJrFqpCZKpTP59wz1MSaxiXM5VvEOBfK-vAuYA63SGGUyNPZi19jFyZH4TTNq0YDPC_fLL1Ie_ExzoELe0Mq19-3QPic12zVqMopSpdpNJwMTIYK_xpGirX0g9b9jDCerpv6hXEgHDny5uSIior0gosgW4I7sWA9wu1VXc5t5wNbcXmzn-UzZEtcSftFRvkcGinYv3Tuh-_R1gWgi6NQvTzJ34uSnk0xXURyhO9loTSN9Q-86YdLQWIrCRReuFkMJAoW45iAocSNczytxFxQX-nmRGsU0Ui_noeMCC622AvcmuftewZQtcVUt9TWLuUTrgoOIDWrloCSoKzLfWLhHEVVCm3KBXRnaHPjB1yuXCFafn_-_mEaUW0wkZ3MjRaCI7H-3KYKi-ZI6H_4xT8mkd0j908EguOq99Cdq3&lptoken=1708217084bc3030782c&subid=781843945&kw=.au.subp.mobile.android&cpv=0.005 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://apple-cider-vinegar.life/ HTTP 307
- https://apple-cider-vinegar.life/ HTTP 302
- http://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09 HTTP 307
- https://omause.com/xr.php?e=TCJ%2F5F5dGBYAbGRxJ0ibXH49fmROZ0dMQitWbi9mNEFHOFEzVkQyM21MWmVzNkhEbW03em9UT21Ta0huVVNqdjdJTmtsazdPS1pvczRYMk1nT3NvMXhwZzlOVHNHR2lVMHl5NUpjSmxHSCtzQ2xFQ3ZyMHllaG1mckhwWDdXN1Z1dEQ3aHp6ejZNTkZqYVRwdHphblUrcDFpdEMyeEQ2V0RYSmoyYmdjVGRielB4RXhveWx5QjhFeU9JZjNrWjZQZkhGRm93S3BYdU9lYzZIRFhhS1I2cStkVlNHaUlnaEY5WnU5aEIvbndzeEwxRCswU2UycW42YXBsY1lwbjdWMVJZOTBtdit3am9qVXMvNGR2eFQ5TzdTcHF4ZkhBdmZMTEhYWnV4Q0I5c0ZhZnhYOUZqeEhoNHZjaFczVGRpOVEwSkF2MFNoYTN4Uk8vZWlud1hlK0srSUlLaDZDTVZsNXV4K0xRdTRUVDhIK2xzNUJLME9ucWVwR21sMWVzMnMvbEZRYlFOd3JPRUxLajl4YUJZd2wzSVdaaE8vbmRZNW04YzlzSDNlTHlVa1poQXFyYW0xMXdTRXlXdzRFOXNma09ORGhqYUttNGZUenR5ZTl4QmZiQWU5bzBIVlo5eHNvang5VGJMRFZCTGxNRFZQU3VYZDdBTHhaRmMwZ3lOVXFwTkFGM1J3Z2ZuT2JtRHk3VzhTRXRUYzRZak1iWWZMNHdhdlBxWEZOaDNXQVpMSHJpVTZNbkdiQ0prL216SkQxZW5KUElCa0ozS3FKM1QvSEJycVlCNW50dElramMyKzZZY0V5ckFETlVNTWNZVWpkSzhnREs4NkxxbnNOdHNUOFROMEVOclFXVzlUK2ljZFlwV0k1dVczemhONDd1eGpOb3RUeE1KRTlGV0RyRklDRjMxN00rMVFtblI2VVZ4OWdMdFlreGNtaDlvUW5LMG80ZUNNZnJuTkpFR3lsbi8rNk9id3VHUCtJZGJtMkk2eUVONEwyL29kaXRCWEdZT1pTQjdIYVB3R3FIYUZCaHNlRnhpMHhXdG9uUFVrMWMwYThmTG1VUzRHQlMyV1o1TlV4OXJlb0pFVzZlcmRVTVIzdEJMeWRhYVFyUmU0alBta2hETmUzR1ZDc08vOHJiNUxGVVlSUzZkWHdjbHlnV2h3Y2o4bHNhU1lBMmlBRVpLcnlJTm9BeEc1SXQ4amU5akxMdlFmL1piUFlVTmxseE9wVmtvb3UwVFdaZz09
- https://ggthreeland.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
xr.php
omause.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
omause.com/ |
0 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.0 |
favicon.ico
omause.com/ |
94 B 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
index.html
ggthreeland.com/en/securevpn/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ |
216 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ |
82 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
ggthreeland.com/en/securevpn/ |
2 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
translations.js
ggthreeland.com/en/securevpn/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ |
10 KB 0 |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
micro.tag.min.js
redrotou.net/act/files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
main.js
ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame FCD9 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fa-solid-900.ttf
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ |
291 KB 117 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- redrotou.net
- URL
- https://redrotou.net/act/files/micro.tag.min.js?z=7628655&ymid=wv34i6i7s2bus1v23or6kt2a&var=b7e400b6-2d54-4537-aba4-bb03c913174b&sw=/sw-check-permissions-fabae.js
- Domain
- ggthreeland.com
- URL
- https://ggthreeland.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 number| uidEvent object| bootstrap function| setLanguage function| getLanguageFromURL function| updateTimer object| url string| pci string| ppi object| s4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| apple-cider-vinegar.life/ | Name: __tad Value: 1721841274.8191105 |
|
| .omause.com/ | Name: __dsnsid Value: 2024072503143487aca957bbe2e02123 |
|
| .my.toruftuiov.com/ | Name: b7e400b6-2d54-4537-aba4-bb03c913174b-v4 Value: uO9RKE_9yKtxssg-CoxgZXWAJg8ze6RKlzTbV-ZWLYc |
|
| .my.toruftuiov.com/ | Name: cep-v4 Value: mYQDMH-dYZFoxUi0J2zSDhYTfaCO_xWvsNx0qHymNBFxgXMNEm5PAAG3BVQL2m9pw-rkEk3qPKuugzY0nrLf9lU-8xEBRi5rK-0JZpUoU6eD515tMLGb1Qh_vC1rEWRav6jj5zFFHWl8adnxGSqiJALffk8-6tTWOBgjajhx9ZOtV26S9YXYVJ-G2Z7A6AUlrkQ5ye5F-4CDYu-dK2Yrbi5JbXbDjydMXmlCnb3O_ar_cUJogqnJwUQOkVQvYLnzNIqUZnaEIh6-Ju3w7vdwvtR1u8Y9tyhkYXI7tQlOsHbV2-JWiVltLux51y1xd6B5Y35HZ788DCqS198hbUWPBDGe76nKwklN8EYLTO48fcyj6_ofIYAK4xgxijf0zRR-1jgM60pPVlMxd9pG4gh6jQRPd2_2IYF5fOTfWKixbQe7YsY-MJc0DfNTxmg6D5ms |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apple-cider-vinegar.life
cdn.jsdelivr.net
cdnjs.cloudflare.com
ggthreeland.com
my.toruftuiov.com
omause.com
redrotou.net
ggthreeland.com
redrotou.net
103.224.182.206
103.224.182.250
104.17.24.14
104.18.186.31
104.21.68.128
65.8.161.83
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
146c052865d7e21734d44239c9284591cca13b870cb464c915ffe4700ad52876
1834040a7cd57f026483f0f0c2d3ed8289870027e8f66d9b70d85a8b9d2a8ca2
192bfc3cf1f16fd369d3d2b4cefb3f6edc7fa7aafc09d67312448765be7752c1
1c210c134c340a1133991a605b0aac990ce8505c48fce37c915063402964e994
9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
c1ebe8eef0a52cb29147bc395c1f4ce9fd917cec6fcd39d5c0ee79ca1a0dcd4d