down.xktv1.icu Open in urlscan Pro
2a06:98c1:3120::9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://down.xktv1.icu/
Submission: On April 18 via api (April 18th 2024, 3:51:02 am UTC) from US — Scanned from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is down.xktv1.icu.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.

This is the only time down.xktv1.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:2280:1cc... 2404:2280:1cc:0:715::3fc	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
5	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2408:4001:f00... 2408:4001:f00::169	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
13	5

4 2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)

down.xktv1.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:1cc:0:715::3fc (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

g.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

down.xktv1.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2408:4001:f00::169 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

c.umsns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	xktv1.icu down.xktv1.icu	3 MB
2	umsns.com c.umsns.com	1 KB
1	alicdn.com g.alicdn.com — Cisco Umbrella Rank: 8242	7 KB
0	xn--0sqq60a.cc Failed xn--0sqq60a.cc Failed
13	4

	Domain	Requested by
9	down.xktv1.icu	down.xktv1.icu
2	c.umsns.com	g.alicdn.com
1	g.alicdn.com	down.xktv1.icu
0	xn--0sqq60a.cc Failed	g.alicdn.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
xktv1.icu GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2023-12-26` - `2024-07-30`	7 months	crt.sh
*.umeng.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-11-13` - `2024-12-14`	a year	crt.sh

This page contains 1 frames:

Frame: use://xn--0sqq60a.cc/main?_ukid=f7d3173808324657b44090f69baaba40&_sdk_=umeng&_linkid_=usr1ktc1nvuse08f&pid=0&_bizType_=ushare
Frame ID: E2426677A7F02839BAED551C1021CFF6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

侠客APP官方下载

Page Statistics

13
Requests

92 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

3020 kB
Transfer

3603 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
down.xktv1.icu/ 2 KB
2 KB 609ms
558ms Document
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://down.xktv1.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f819093977a0b9e433a54e5f6ea0b7f76ef2e25ae68d34eb38892ba428a215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8761b1530caf9f8a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 03:50:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvV%2FTXl7tOhlOLx4viZyiMDMS5%2Byy5H9283YsonY8Kv7fWrxQvLroErsoCSuYsZmgsjhIsEHaV1zX%2FmkJPJC0pGoSHc350UMq86YXdWKRg%2FY%2B9pxhxJcr3WaCkVNLYF2poX2fxRipam45ww8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
down.xktv1.icu/css/ 2 KB
1 KB 538ms
535ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://down.xktv1.icu/css/style.css

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72008840682b751c7d6fb5500499c7d078a446b92f905a119b08bdb3683aa927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:48 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 25 Feb 2024 10:21:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65db149c-86d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sD9d8l16TWLNbk%2Fzt%2B9dwkxcMrtg0A4Hi2ccQ2CQHWngFlNkk%2B7Xw8dVxIgPbCdOPZ5puW8vCOIAH8jdNuGEDiNr8zlGTddpntRJwt9EasfvoF4h3%2BzVpDSURoG5qKcN9Hz0%2B%2BqYdPuIT%2FEL1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8761b156c93f9f8a-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Apr 2024 15:50:48 GMT

GET
H2 200 index.min.js Show response
g.alicdn.com/jssdk/u-link/ 19 KB
7 KB 82ms
26ms Script
application/javascript 2404:2280:1cc:0:715::3fc
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/jssdk/u-link/index.min.js
Requested by: Host: down.xktv1.icu
URL: https://down.xktv1.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1cc:0:715::3fc , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f4b935922d875119ed78b0b8ea59452528b5e15598566d772ecaade856d083c8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:43:53 GMT
content-encoding: gzip
via: cache25.l2de2[0,0,200-0,H], cache20.l2de2[1,0], cache20.l2de2[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache8.de5[0,0]
x-oss-request-id: 662096F901FB553238F7341F
content-md5: 78Q2tNSmnuxWUdl0mtoz/A==
age: 415
x-swift-cachetime: 525
x-cache: HIT TCP_MEM_HIT dirn:13:733968670
x-swift-savetime: Thu, 18 Apr 2024 03:45:08 GMT
content-length: 6591
x-bucket-code: 3
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1713411833
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600,s-maxage=600
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3899905173137419945
eagleid: a3b55c9c17134122481892648e
x-oss-server-time: 1

GET
H2 200 logo.png
down.xktv1.icu/img/ 28 KB
29 KB 2421ms
2419ms Image
image/png 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/logo.png

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

670a54052184db52d0b685c393b2611a4fd52357f59330c5bef5ea3eaeb5d10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:50 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 28996
last-modified: Sun, 25 Feb 2024 10:20:56 GMT
server: cloudflare
etag: "65db1488-7144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSQdhP4ipzujhc3jBYS3hbhTbX1qyWVP2fm5BTrwu2YvwNJ9OmNySnIvJz0%2By9o5Wu90qhz0szT0MXsPebPPmCs2%2Bu1D5PkqoW2VSZk38Qo7%2BazC77MeKwBY8SxqmFFcT6LJ%2FLzjnBICf1jtew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b156c9419f8a-AMS
expires: Sat, 18 May 2024 03:50:48 GMT

GET
H2 200 1.jpg
down.xktv1.icu/img/ 823 KB
825 KB 2090ms
2088ms Image
image/jpeg 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/1.jpg

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34731ceea8f6d6800f580ff1bd8cf5dc290d65f608acbb60c09c9b8cb05a943a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:50 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 843245
last-modified: Sun, 25 Feb 2024 10:20:50 GMT
server: cloudflare
etag: "65db1482-cdded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B39wpaCilVHUgJY0KcLdzNhL3OeOK2Y0UNYekLeX386mSdfAYPw%2F%2FzcM91DQat5yOn%2B0A%2BKKcnXBgVE6lyv%2F7%2B4gTXgLABIR7MGU1c3xtGDxSewPlWTN0IJCTcgW0YHQ%2BaWt%2FckVEnZlPi%2FMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b156c9439f8a-AMS
expires: Sat, 18 May 2024 03:50:48 GMT

GET
H3 200 2.jpg
down.xktv1.icu/img/ 897 KB
898 KB 1833ms
1832ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/2.jpg

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2784fb4be2e036f75761f18d2094f3a4af1229d11cb497ac0062ec4a5d5b369c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:50 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 918867
last-modified: Sun, 25 Feb 2024 10:20:52 GMT
server: cloudflare
etag: "65db1484-e0553"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PT5BUDfPiY%2BMUZJMoI7vmYUR4S7pcJj5kmTBHlo44bIFFHd7V6KUgW4OATcgo0MBPX11rB0erehEAOdClH6xlSKDynJyJlJv3fCIRiDDonZ%2F1zwMlKabMk8nG4V9o3VMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b15a2f3d9f66-AMS
expires: Sat, 18 May 2024 03:50:49 GMT

GET
H3 200 3.jpg
down.xktv1.icu/img/ 574 KB
0 2138ms
2138ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/3.jpg

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:50 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 924233
last-modified: Sun, 25 Feb 2024 10:20:53 GMT
server: cloudflare
etag: "65db1485-e1a49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZJtQJUZ77qesXheF91kn2sgI247e3%2Bk%2B0oVXbhcKPLUxYzfieDOeXaeROaJpkOMk2JQ69e9Xl49xiQv87I89F5sICC2C6yetUHRX9OvpST7YxbFUVlXAlaZ1rcEC6aYtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b15a2f3f9f66-AMS
expires: Sat, 18 May 2024 03:50:49 GMT

GET
H3 200 4.jpg
down.xktv1.icu/img/ 258 KB
259 KB 1612ms
1612ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/4.jpg

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb8b5d48b95fd29e2aa01cd074b9cce004b083559895541ef80bc0055314214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:50 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 264459
last-modified: Sun, 25 Feb 2024 10:20:54 GMT
server: cloudflare
etag: "65db1486-4090b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DdxbYlYGRLPhkfcdHEs%2BnaAkcQJwg9IkUfH23N0Wc1yg27b9jDzu7tbe3BG0zYWaSKY6UrrnqCvQcGCPeMf7eBnnSZaSUmH3OOqf16%2B0l3pT1Y6XLlwtBV4hgHqUyoYrtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b15a2f409f66-AMS
expires: Sat, 18 May 2024 03:50:49 GMT

GET
H3 200 5.jpg
down.xktv1.icu/img/ 704 KB
704 KB 2371ms
2371ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/5.jpg

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d173e0c202a6c35b7d5429cbb1331016f2d1cae4b37a39ead72aac1caa5f004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:51 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 720722
last-modified: Sun, 25 Feb 2024 10:20:55 GMT
server: cloudflare
etag: "65db1487-aff52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zqd1jsVPteWxIHeEyuVZsEygaibvl0zGJHQvBlPZ4m8wVoYG3A0qmPuroMLzSe6Kmek%2FVCMwbIukgsGmrgrKnPU2tyHwUOUiVCGOn0%2FC2WRQMDUSSM7lIbFmzeJdohK52w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b15a2f419f66-AMS
expires: Sat, 18 May 2024 03:50:49 GMT

GET
H3 200 6.jpg
down.xktv1.icu/img/ 294 KB
294 KB 1857ms
1857ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://down.xktv1.icu/img/6.jpg

Requested by

Host: down.xktv1.icu
URL: https://down.xktv1.icu/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1afc8a305e8d45e3adec33f2168840893dd04654ae09236aac94636710da1876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 03:50:50 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 300850
last-modified: Sun, 25 Feb 2024 10:20:55 GMT
server: cloudflare
etag: "65db1487-49732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6K2RNMjvsx%2BtTF8fj72q%2FwHnqefoqT94IP4R45qwje2o0y6Y67z9LoZxrihBRxVQLAZChdkedg611KA1JJ1Ht8BIbTSjF7mMXqPvyAYIZuhyqyE8s%2FJquPD690oVI2CAdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8761b15a2f429f66-AMS
expires: Sat, 18 May 2024 03:50:49 GMT

POST
H2 200 init Show response
c.umsns.com/deeplink/ 506 B
841 B 967ms
269ms XHR
application/json 2408:4001:f00::169
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL

https://c.umsns.com/deeplink/init

Requested by

Host: g.alicdn.com
URL: https://g.alicdn.com/jssdk/u-link/index.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2408:4001:f00::169 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Tengine /

Resource Hash

85b07d387b93ae46707fceba65e232918e769a7f9b83cef642138c49f6b3d452

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Apr 2024 03:50:49 GMT
content-encoding: gzip
strict-transport-security: max-age=0
server: Tengine
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://down.xktv1.icu
access-control-allow-credentials: true
timing-allow-origin: *
eagleeye-traceid: 212baa1417134122494422102e75ee

GET main
xn--0sqq60a.cc/ 0
0

POST
H2 200 slink_logs Show response
c.umsns.com/ 2 B
358 B 262ms
262ms XHR
application/json 2408:4001:f00::169
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL

https://c.umsns.com/slink_logs

Requested by

Host: g.alicdn.com
URL: https://g.alicdn.com/jssdk/u-link/index.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2408:4001:f00::169 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

Tengine /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://down.xktv1.icu/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Apr 2024 03:50:49 GMT
strict-transport-security: max-age=0
server: Tengine
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://down.xktv1.icu
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, content-Type, Accept, Authorization
content-length: 2
eagleeye-traceid: 212baa1417134122497282109e75ee

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xn--0sqq60a.cc
URL: use://xn--0sqq60a.cc/main?_ukid=f7d3173808324657b44090f69baaba40&_sdk_=umeng&_linkid_=usr1ktc1nvuse08f&pid=0&_bizType_=ushare

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ULink function| getQueryString function| ulinkOpenDownload function| ulinkCloseDownloadTip

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.c.umsns.com/	1970-01-21 04:42:28	Name: ukid Value: f7d3173808324657b44090f69baaba40

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://down.xktv1.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	error	URL: https://down.xktv1.icu/ Message: Not allowed to launch 'use://xn--0sqq60a.cc/main?_ukid=f7d3173808324657b44090f69baaba40&_sdk_=umeng&_linkid_=usr1ktc1nvuse08f&pid=0&_bizType_=ushare' because a user gesture is required.
other	warning	URL: https://down.xktv1.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.umsns.com
down.xktv1.icu
g.alicdn.com
xn--0sqq60a.cc
xn--0sqq60a.cc
188.114.96.3
2404:2280:1cc:0:715::3fc
2408:4001:f00::169
2a06:98c1:3120::9
17f819093977a0b9e433a54e5f6ea0b7f76ef2e25ae68d34eb38892ba428a215
1afc8a305e8d45e3adec33f2168840893dd04654ae09236aac94636710da1876
2784fb4be2e036f75761f18d2094f3a4af1229d11cb497ac0062ec4a5d5b369c
34731ceea8f6d6800f580ff1bd8cf5dc290d65f608acbb60c09c9b8cb05a943a
3fb8b5d48b95fd29e2aa01cd074b9cce004b083559895541ef80bc0055314214
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
670a54052184db52d0b685c393b2611a4fd52357f59330c5bef5ea3eaeb5d10f
72008840682b751c7d6fb5500499c7d078a446b92f905a119b08bdb3683aa927
85b07d387b93ae46707fceba65e232918e769a7f9b83cef642138c49f6b3d452
9d173e0c202a6c35b7d5429cbb1331016f2d1cae4b37a39ead72aac1caa5f004
f4b935922d875119ed78b0b8ea59452528b5e15598566d772ecaade856d083c8

down.xktv1.icu Open in urlscan Pro 2a06:98c1:3120::9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

92 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

5 IPs

4 Countries

3020 kBTransfer

3603 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

down.xktv1.icu Open in urlscan Pro
2a06:98c1:3120::9 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

3020 kB
Transfer

3603 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions