![](/screenshots/a16739e8-2d5e-4388-82f5-35c5dd56d504.png)
captcha.aiysai.xyz
Open in
urlscan Pro
65.9.86.85
Public Scan
Submission Tags: phishingrod
Submission: On February 01 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on January 31st 2023. Valid for: a year.
This is the only time captcha.aiysai.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 65.9.86.85 65.9.86.85 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.17.28 18.66.17.28 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2402:4e00:803... 2402:4e00:8030:1::71 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
1 | 43.152.137.23 43.152.137.23 | () () | |
5 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-85.ams1.r.cloudfront.net
captcha.aiysai.xyz |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-28.vie50.r.cloudfront.net
d2rsov1e776uy0.cloudfront.net |
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
ssl.captcha.qq.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
gtimg.com
captcha.gtimg.com |
43 KB |
1 |
qq.com
ssl.captcha.qq.com — Cisco Umbrella Rank: 86694 t.captcha.qq.com Failed |
61 KB |
1 |
cloudfront.net
d2rsov1e776uy0.cloudfront.net |
1 KB |
1 |
aiysai.xyz
captcha.aiysai.xyz |
6 KB |
5 | 4 |
Domain | Requested by | |
---|---|---|
1 | captcha.gtimg.com |
ssl.captcha.qq.com
|
1 | ssl.captcha.qq.com |
d2rsov1e776uy0.cloudfront.net
|
1 | d2rsov1e776uy0.cloudfront.net |
captcha.aiysai.xyz
|
1 | captcha.aiysai.xyz | |
0 | t.captcha.qq.com Failed |
captcha.gtimg.com
|
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
captcha.aiysai.xyz Amazon RSA 2048 M01 |
2023-01-31 - 2024-02-29 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.captcha.qq.com DigiCert Secure Site CN CA G3 |
2022-09-19 - 2023-10-20 |
a year | crt.sh |
*.captcha.gtimg.com DigiCert Secure Site CN CA G3 |
2022-12-06 - 2023-12-06 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://captcha.aiysai.xyz/
Frame ID: 83A1DB0A7EC7CDCCEB248ED717C75A18
Requests: 1 HTTP requests in this frame
Frame:
https://d2rsov1e776uy0.cloudfront.net/
Frame ID: 54F4BABCDCF5F4D9A729F09290752F59
Requests: 3 HTTP requests in this frame
Frame:
https://t.captcha.qq.com/template/drag_ele.html
Frame ID: E127A9096741810DE529B3F3002C403C
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/a16739e8-2d5e-4388-82f5-35c5dd56d504.png)
Page Title
人机验证Detected technologies
![](/vendor/wappa/icons/TencentWaterproofWall.png)
Detected patterns
- /TCaptcha\.js
- captcha\.qq\.com/.*
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
captcha.aiysai.xyz/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d2rsov1e776uy0.cloudfront.net/ Frame 54F4 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TCaptcha.js
ssl.captcha.qq.com/ Frame 54F4 |
61 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcaptcha-frame.54fe033f.js
captcha.gtimg.com/1/ Frame 54F4 |
138 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
drag_ele.html
t.captcha.qq.com/template/ Frame E127 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- t.captcha.qq.com
- URL
- https://t.captcha.qq.com/template/drag_ele.html
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
captcha.aiysai.xyz
captcha.gtimg.com
d2rsov1e776uy0.cloudfront.net
ssl.captcha.qq.com
t.captcha.qq.com
t.captcha.qq.com
18.66.17.28
2402:4e00:8030:1::71
43.152.137.23
65.9.86.85
2c8dbe1df56535108eb91cbf087a6d1869f53eb3bb992284f948a9e1d80f2722
5562f000f6fb14850f36a82e6f78a8de4b9bb890a49335ca21fda555dc5eda49
d9b06d26fbf59499f1eaabfe4260ee24faef2cda301408782765c0ac3d643d77
e748a28d60204a8c5056974392f018858a44e70fd80d2ab3505e91c3d16a3d3e