skin-mc.hiyyg.com
Open in
urlscan Pro
2606:4700:3037::6815:5e29
Public Scan
Submission Tags: phishingrod
Submission: On December 25 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 23rd 2023. Valid for: 3 months.
This is the only time skin-mc.hiyyg.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 2606:4700:303... 2606:4700:3037::6815:5e29 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 2 |
ASN13335 (CLOUDFLARENET, US)
skin-mc.hiyyg.com | |
i.hiyyg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
hiyyg.com
1 redirects
skin-mc.hiyyg.com i.hiyyg.com |
444 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
11 | skin-mc.hiyyg.com |
1 redirects
skin-mc.hiyyg.com
|
2 | i.hiyyg.com |
skin-mc.hiyyg.com
i.hiyyg.com |
12 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
mc.hiyyg.com |
github.com |
skin.mc.hiyyg.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hiyyg.com GTS CA 1P5 |
2023-12-23 - 2024-03-22 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://skin-mc.hiyyg.com/
Frame ID: EF83D027E7067E9C2A09FDEB4E93DABC
Requests: 11 HTTP requests in this frame
Frame:
https://skin-mc.hiyyg.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: ACBB7EDF5D911195A4C2E39941034963
Requests: 2 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: TCraft
Search URL Search Domain Scan URL
Title: Blessing Skin Server
Search URL Search Domain Scan URL
Title: TCraft
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://skin-mc.hiyyg.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://skin-mc.hiyyg.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
skin-mc.hiyyg.com/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta.js
skin-mc.hiyyg.com/ |
208 B 646 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
i.hiyyg.com/static/css/ |
58 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.7eb5d06.css
skin-mc.hiyyg.com/app/ |
1 MB 129 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.webp
skin-mc.hiyyg.com/app/ |
80 KB 81 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-css.bef20ec.css
skin-mc.hiyyg.com/app/ |
11 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.a41d59d.js
skin-mc.hiyyg.com/app/ |
458 B 756 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zh_CN.js
skin-mc.hiyyg.com/lang/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.672e119.js
skin-mc.hiyyg.com/app/ |
384 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 3 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
i.hiyyg.com/static/webfonts/ |
76 KB 77 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
skin-mc.hiyyg.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame ACBB Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
83ae35169a4a6ffc
skin-mc.hiyyg.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame ACBB |
0 561 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| blessing object| webpackChunkblessing_skin_server function| trans object| React object| ReactDOM function| $4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hiyyg.com/ | Name: XSRF-TOKEN Value: eyJpdiI6Ikx4RUl1VmFDRDJGdjFiRHJQU0YzbkE9PSIsInZhbHVlIjoieGpkcFM0TDV2aktCS0g1enNxd0VCNUwrT1JBZ0VaRnpiZjQzclJyTk1vUUxDdGlNUEZXNk5jTjZockp5alh6dlVreGxQbGYxUGFsazc5aUlHK0tMNGV2enRva1dRTCs0eDMvSUx6dTY3Z2ZlVkc0QkJvZ1RrWUZwekI0MWFHZ0siLCJtYWMiOiJkOWFhNTQzMDIwNTNlYjdlNDRjODlhNmVlMTdhNmYzMzdhODcxZjhiYzVkY2YxYjllMTYzNjJlYTNiODUxOGU3IiwidGFnIjoiIn0%3D |
|
.hiyyg.com/ | Name: TCraftSESSION Value: eyJpdiI6IjlzTnlrdEU0TnV4bXFPTWF4UHFHSFE9PSIsInZhbHVlIjoiRlY2blp2WStLR1F2eVUvV2tIOThuOHdnYWdvUy9yVW1sSHUzeFFVclhHWjhWRkpJT1hKNzFTemI2bERXU2wySjM1VGV3U3NXRWwzUEVrM2JKRmlzSTl6QzVnenVxanBkd0kvNTA1eDFQVG5tRXZDb3JMNG5PUExUVlU0dUZRYngiLCJtYWMiOiJmODc5M2VmZjA5OTBhN2FhZDg2Y2I4ZmQ1YWE5MGFhNzVhOWNhOTVkZGYyNzhjMTEzY2MyYzgxMGVmODQzZTNmIiwidGFnIjoiIn0%3D |
|
.hiyyg.com/ | Name: locale Value: zh_CN |
|
.hiyyg.com/ | Name: cf_clearance Value: _WQpzJxQ5hcCVco5y4B7oVw2u0FuPqGCHxYLPZRMeA4-1703477148-0-2-3f9ef544.6a80d477.ba143d68-0.2.1703477148 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
i.hiyyg.com
skin-mc.hiyyg.com
2606:4700:3037::6815:5e29
028b4e85d1ed2cd3f8b0adab7acba88d3efa3b026524c64cc2d4bed0da1707c2
0740df0048b6bb4460f8471bf79ed0f9e450745ceed8b3ddbc256925c3d7deed
400128655a760488da618c179de1ef3de26aa6a3a659a1f8216a69eb8f864af9
42396f5dbfe3e1804f4af92d54b7c590829029a9786cb7c425c5eda195e2e0d7
4990f7fafee810a4d826443ff417a9ac93c40ca5b4bd50076e444fa54fe6ff62
5eea83091f6d360f77550063f990172fc2cc70217188169e97d09e4f828fbd87
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
af1c5a68ca0dbce6f389c12a31ef4c9509704b29c5a8d754ef1c2e7a99aaaaa1
d146c8a96d89e96eb5988e87a6fcc01b85c6bb46d4cc3c00ef4896a81f851895
df688918e5ae616f85829a139beecc3518dcb605ef7c18ee235becc3733d2d79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5e3f439aa6606260717885eecf6d716b7d678330c7db8c7e11545a1c87ee2b