www.gy33.xyz Open in urlscan Pro
2606:4700:3032::ac43:ae64  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://zhengdianebn.com/vod/?B6Sz.html Page URL
2. https://www.gy33.xyz/ Page URL
3. https://www.gy33.xyz/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ zhengdianebn.com/vod/	7 KB 3 KB	5456ms 1296ms	Document text/html	123.57.204.67 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://zhengdianebn.com/vod/?B6Sz.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 123.57.204.67 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 3069 Content-Type text/html; charset=utf-8 Date Sat, 04 Nov 2023 13:49:10 GMT Server Apache Vary Accept-Encoding,User-Agent
GET		s.gif sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/	0 0
GET		go1 ia.51.la/	0 0
GET H2	403	/ Show response www.gy33.xyz/	6 KB 5 KB	70ms 21ms	Document text/html	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/ Requested by Host: zhengdianebn.com URL: https://zhengdianebn.com/vod/?B6Sz.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d085e3c5814cf38d23ebd605bb71b002dea3662d65360ce9cc996b8bc9540f7 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://zhengdianebn.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 820d51a6aba6660a-AMS content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Sat, 04 Nov 2023 13:49:12 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p%2BtBClpFq2LqvDvRTuj5E38MVW3uAO0hWB8fAPVGR0uGNBFc7sW%2FUKiPucaCkZkMAui%2BELbTlKNZyAEaXi8sa0srGUB77QslpP128lp3GD6Dg4xWF%2FqeW%2BSI8tPzteennKkctYkVPoK8SM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css www.gy33.xyz/cdn-cgi/styles/	6 KB 3 KB	15ms 15ms	Stylesheet text/css	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/styles/challenges.css Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 24 Oct 2023 17:54:11 GMT server cloudflare etag W/"653804c3-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 820d51a6ec12660a-AMS expires Sat, 04 Nov 2023 15:49:12 GMT
GET H2	200	v1 Show response www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	171 KB 58 KB	26ms 25ms	Script application/javascript	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51a6aba6660a Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b424bf99a94975425020938f99b40c59af28847bd63d9de9dbf1929b24f3b27a Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/?__cf_chl_rt_tk=aiX92dKgAXaWRWV1cv6HV.42S.p24YPepYFHaMl53jI-1699105752-0-gaNycGzNDBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:12 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH3U15uhINl%2FU8vOrxzlOUxfafTLrrS9ZHnrOHhEpdlfJbKPs1IK%2FzOFJSgIRrrCyX9NRIi05%2Ft5DVigey%2Fg%2FW%2BkuFGAggsqxbbRFnOErHppBfP58QQ2GOusZ1LdtB%2F8w5Bk79QSBAeQ6dg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 820d51a71c47660a-AMS alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/61b90d1d/	33 KB 11 KB	47ms 30ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/61b90d1d/api.js?onload=rOnjNn4&render=explicit Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51a6aba6660a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47651e05cbf8b23aee60b901bb914f56609eb1848970c1cc7a2b2fe9fd034d3b Request headers Referer Origin https://www.gy33.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:12 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 820d51a78dab9b45-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico www.gy33.xyz/	6 KB 6 KB	27ms 26ms	Image text/html	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gy33.xyz/favicon.ico Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ca794d7c3f170b4666b6237331bd2affdfc5cb94784d5b757af60674a2268c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:12 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4Jap4eMi4oNwvyxs1LSLDVu5V6uwBBP0RTlzWjhgbTefNtLmTBJ80rVMttyZIPsOeZHHcuXhsqaj4kljaes7tTmZctIJ%2BS9m3vNMYr1Bx6%2FvCA16wnZvQE4Zm5usDjezreNDkLKFRoUNF4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 820d51a77cd8419a-LHR expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	5b204e27-426b-4fdf-93a2-c243014021b6 https://www.gy33.xyz/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.gy33.xyz/5b204e27-426b-4fdf-93a2-c243014021b6 Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	293f30be6b04669 Show response www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1513515215:1699103166:Z9tzwux7KkPYcF72aNwdJTrB8tpZtYoECc4UXSmrScM/820d51a6aba6660a/	10 KB 8 KB	42ms 42ms	XHR text/plain	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1513515215:1699103166:Z9tzwux7KkPYcF72aNwdJTrB8tpZtYoECc4UXSmrScM/820d51a6aba6660a/293f30be6b04669 Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51a6aba6660a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6131a0f4d71d7bcfc50d062b1264109f915ff29b78e0979344967ca38a3bf8c Request headers Referer https://www.gy33.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 CF-Challenge 293f30be6b04669 Content-type application/x-www-form-urlencoded Response headers date Sat, 04 Nov 2023 13:49:12 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T21qaUexcvdie31JGZP%2F8ijYETJDZx9Bi7zIg2XZXvIwJ%2BCX%2FCw7JGgfjKijXSTvV%2BpiEjdyxOo96nyf192cx4vVdEShGwq1%2FXsAQKrMLL%2BOgMnuY5jjlsBibH5%2FW127N1cZUoe1wsJu%2BeY%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 820d51a81e31419a-LHR alt-svc h3=":443"; ma=86400 cf-chl-gen gsYf0gFfLUGQynaRZPQRoJ12d0426fA7kf2CipudKbnKuGbPVFxIuMEX7vViAFrz$FUyhC+XL74e/Q4G+YOCR4Q==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3fno5/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 6D6A	0 0	28ms 18ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3fno5/0x4AAAAAAADnOjc0PNeA8qVm/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/61b90d1d/api.js?onload=rOnjNn4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 820d51a88ebd902e-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 13:49:12 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	293f30be6b04669 Show response www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1513515215:1699103166:Z9tzwux7KkPYcF72aNwdJTrB8tpZtYoECc4UXSmrScM/820d51a6aba6660a/	2 KB 2 KB	40ms 40ms	XHR text/html	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1513515215:1699103166:Z9tzwux7KkPYcF72aNwdJTrB8tpZtYoECc4UXSmrScM/820d51a6aba6660a/293f30be6b04669 Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51a6aba6660a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7875dc1b7b31b89118ca19b1333d58b7db1ac00cee5d108c494302df3fbe8c3e Request headers Referer https://www.gy33.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 CF-Challenge 293f30be6b04669 Content-type application/x-www-form-urlencoded Response headers cf-chl-out jrqZpHFvJcis7IJGLGpANqOQuz0ATbgHllWThJIPgiDeR4EEAsEjY7c4rRXDVyor3mcP3ec0G4OMk61gIL2kfeGXhYx6Fweeb/4th63lPTs=$FNGMVioHugDgreEp9rt7cA== cf-chl-out-s MYyyldRPvvvLZ+aIaZLiZQ7FFUFk0Ufi0az4T9OO9E/i6llCHGCNWG4LugK20WJgve+gmfM3JqD3HiNlCCookw==$9gewwpM7JPz+NhZdWijZsw== date Sat, 04 Nov 2023 13:49:12 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfQiDKyypSpQgL8xKrDILrEkOVlH0hdqG5rjjD09Xw1HN4UWLNI67JMnb%2Be0iZp9OpLIok2kJJe9HCtyPjWwVEH%2BO7LWmtm8SHivQPPlwqxPQLwV7v2syn%2Fn3yiPMeq9Zszm9IVDG%2B6OfKw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 820d51aa3a9f419a-LHR alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request / Show response www.gy33.xyz/	5 KB 4 KB	25ms 25ms	Document text/html	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/ Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51a6aba6660a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 662c55eacec774e18ec2709813a655d4f3ec7c0fe97c1c40581e7279a70ce181 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.gy33.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 820d51ba389c419a-LHR content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Sat, 04 Nov 2023 13:49:15 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dns1N9%2Bv9k1k7Ulzq5IX3tAHAUTQHKeAniMRF1ztaHogNrQPahXCdTAH0qCEoG2maA70si6zwHrc3QjdMHeB1KWKGLkebgVV4DO%2BVbGmXNSYFWjr0PucYokBlhO7L2YjB8STbKlCwBDoXfc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H3	200	challenges.css www.gy33.xyz/cdn-cgi/styles/	6 KB 3 KB	22ms 21ms	Stylesheet text/css	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/styles/challenges.css Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:15 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 27 Oct 2023 14:30:26 GMT server cloudflare etag W/"653bc982-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 820d51ba68dc419a-LHR expires Sat, 04 Nov 2023 15:49:15 GMT
GET H3	200	v1 Show response www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	172 KB 60 KB	32ms 32ms	Script application/javascript	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51ba389c419a Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dacf2c367f36924443dc79575bfb0607c5849f888ef52075bf6cfabaf8b15ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/?__cf_chl_rt_tk=v_KJQVuy4BCybD.88K_7qNRcUs..Kw4h7vXePHyOrZI-1699105755-0-gaNycGzNCSU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:15 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqL1gAn1hUSvjyaMJn9Bt%2BsNrtTHlJdDofQBFdKhYAZr50DghKBjEthnVu5rVk9k%2F2ym%2BcdNPX1T8daxnXtNoxR9VdjrWnKVyQaAgQfRpQAVZYWkXeO%2FMOHykWPF5153ZTrKc9HLsTF5QK0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 820d51ba8917419a-LHR alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/61b90d1d/	33 KB 11 KB	29ms 28ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/61b90d1d/api.js?onload=rOnjNn4&render=explicit Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51ba389c419a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47651e05cbf8b23aee60b901bb914f56609eb1848970c1cc7a2b2fe9fd034d3b Request headers Referer Origin https://www.gy33.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:15 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 820d51bb0b189b45-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico www.gy33.xyz/	5 KB 5 KB	26ms 25ms	Image text/html	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gy33.xyz/favicon.ico Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61e39a7ca416fa4ea86e78caded35850c74fefa0c3ff7a6b3479c9073a366112 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 13:49:15 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaA6BF804oajWUUub4CnT4K1DoD7H8aUuSEfkUT3qBTRp1B7hKoFVZMbmrX7fhrJOTa95Rdyo%2BWEGbC0hj%2BwWV0AixSknDV6drHCiJay96VsNOgePXDSExlFMb0jdMkJwtOHrHS2kJIFuO4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 820d51bb1a06419a-LHR expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	f45679a6-d75c-447c-8b21-4b981da16eb7 https://www.gy33.xyz/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.gy33.xyz/f45679a6-d75c-447c-8b21-4b981da16eb7 Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gy33.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	0176664845784e6 Show response www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1162433689:1699103323:-1_jvuucFUF23FWhSnaPNjsEssw0OkHJeIwLMPjNTXY/820d51ba389c419a/	10 KB 8 KB	47ms 47ms	XHR text/plain	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1162433689:1699103323:-1_jvuucFUF23FWhSnaPNjsEssw0OkHJeIwLMPjNTXY/820d51ba389c419a/0176664845784e6 Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51ba389c419a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f625af647ac9821184d0d613e64bf02b515beda4195f5660676eff5416b05244 Request headers Referer https://www.gy33.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 CF-Challenge 0176664845784e6 Content-type application/x-www-form-urlencoded Response headers date Sat, 04 Nov 2023 13:49:15 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JL3FXVxm7ADOqLUJd%2BVnBc1Xar0H9cR%2BAR1LxzSep9fdm0ovNPu396RuSiy4q%2FdiklYBuqumvS0mUk52QmdcZe%2BndNKse65smxm3kZY08QRS3iRkjEiSZ1DLAzYdWHBcsQFlNALIJMgQLNQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 820d51bbbb76419a-LHR alt-svc h3=":443"; ma=86400 cf-chl-gen PwRVaZKfojYnhCG2ixl9s9f+NljR0nptDVzQJO1ErLFa7n0CV9H8pjlUlazUbN3D$WCiLTUTi6OCJeX0Py5//pg==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w727r/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame F4F9	0 0	20ms 19ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/w727r/0x4AAAAAAADnOjc0PNeA8qVm/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/61b90d1d/api.js?onload=rOnjNn4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 820d51bc2d38902e-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Sat, 04 Nov 2023 13:49:15 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	0176664845784e6 Show response www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1162433689:1699103323:-1_jvuucFUF23FWhSnaPNjsEssw0OkHJeIwLMPjNTXY/820d51ba389c419a/	2 KB 2 KB	42ms 41ms	XHR text/html	2606:4700:3032::ac43:ae64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/flow/ov1/1162433689:1699103323:-1_jvuucFUF23FWhSnaPNjsEssw0OkHJeIwLMPjNTXY/820d51ba389c419a/0176664845784e6 Requested by Host: www.gy33.xyz URL: https://www.gy33.xyz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=820d51ba389c419a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:ae64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e4e538dac1c824551cf499550067097abb9d1c6e137f601563359e9e291dca5 Request headers Referer https://www.gy33.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 CF-Challenge 0176664845784e6 Content-type application/x-www-form-urlencoded Response headers cf-chl-out Te/a264Ai+SXftVGeKyiTXRyr1ad4R92xvCQgnBdcpSJ+7rAgB3U/C0vQwwu9eTsC+in2n5Mz76oc7tfERrzlOrmGxVU0yNBB6dCPbhH88Y=$MI/1W1fbC3VVq3QjMQGQlw== cf-chl-out-s tbvRaz6q6VB2UII6hZOABbXOf/fsF5HasQ/LEyLlMKWuPDtYq627FcKOpANXBoMM3qLGsb1FfK/0iwd/sjgdn6hoFJXNpw9/yCTS9P054Bt9hEf1h0ULYf0MOjhuSWBjK8iHUCbyuUyEcIuaLav2M2apej5ONXt168xmmZX2PFzMiaUEqxRano6F7F/X9yKw$1YXFv2M994aKF2iokzqMJA== date Sat, 04 Nov 2023 13:49:15 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JryhbxPaH41u3AxxsDMrKp%2FfdCtVOBfaqOyaHHpkA5s7Z5dUQIpdDV0IyOaawhQfW1H5VeqroxylxlnJFtd3BUQ5HGveRQES7bsiP3b17beUIupx%2FFXv8zzvBfw1086bdjuB8HiMNpSvK48%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 820d51bdbf58419a-LHR alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sp0.baidu.com

URL

https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://zhengdianebn.com/vod/?B6Sz.html

Domain

ia.51.la

URL

https://ia.51.la/go1?id=21123471&rt=1699105752043&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1699105752043&tt=%25E6%25AD%25A3%25E5%259C%25A8%25E5%258A%25A0%25E8%25BD%25BD....&kw=&cu=https%253A%252F%252Fzhengdianebn.com%252Fvod%252F%253FB6Sz.html&pu=

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _cf_chl_opt function| eldO5 function| RmOgX9 function| BUWlFz4 object| LjWGF9 function| rOnjNn4 boolean| tjBfj8 function| QJAPV3 function| FVRSIlKurV function| qOes2 object| vruOBE0 object| turnstile boolean| cdiyL7 string| KnSkg6

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zhengdianebn.com/	1969-12-31 23:59:59	Name: __tins__21123471 Value: %7B%22sid%22%3A%201699105752043%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201699107552043%7D
			zhengdianebn.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
			zhengdianebn.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
			www.gy33.xyz/	1970-01-20 15:58:29	Name: cf_chl_rc_ni Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.gy33.xyz/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.gy33.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.gy33.xyz/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.gy33.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
ia.51.la
sp0.baidu.com
www.gy33.xyz
zhengdianebn.com
ia.51.la
sp0.baidu.com
123.57.204.67
2606:4700:3032::ac43:ae64
2606:4700::6811:2b8
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
47651e05cbf8b23aee60b901bb914f56609eb1848970c1cc7a2b2fe9fd034d3b
61e39a7ca416fa4ea86e78caded35850c74fefa0c3ff7a6b3479c9073a366112
63ca794d7c3f170b4666b6237331bd2affdfc5cb94784d5b757af60674a2268c
662c55eacec774e18ec2709813a655d4f3ec7c0fe97c1c40581e7279a70ce181
6d085e3c5814cf38d23ebd605bb71b002dea3662d65360ce9cc996b8bc9540f7
7875dc1b7b31b89118ca19b1333d58b7db1ac00cee5d108c494302df3fbe8c3e
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
9e4e538dac1c824551cf499550067097abb9d1c6e137f601563359e9e291dca5
b424bf99a94975425020938f99b40c59af28847bd63d9de9dbf1929b24f3b27a
b6131a0f4d71d7bcfc50d062b1264109f915ff29b78e0979344967ca38a3bf8c
dacf2c367f36924443dc79575bfb0607c5849f888ef52075bf6cfabaf8b15ef2
f625af647ac9821184d0d613e64bf02b515beda4195f5660676eff5416b05244
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa