1007.kqs01-txxz056c.top Open in urlscan Pro
172.67.155.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1007.kqs01-txxz056c.top/#/register?code=EvNC7AyG
Effective URL:
https://1007.kqs01-txxz056c.top/
Submission Tags: 0xscam
Submission: On December 27 via api (December 27th 2024, 12:15:53 pm UTC) from US — Scanned from CA

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 172.67.155.124, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1007.kqs01-txxz056c.top.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time 1007.kqs01-txxz056c.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	172.67.155.124 172.67.155.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.18.28.104 104.18.28.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

10 172.67.155.124 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1007.kqs01-txxz056c.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.28.104 (None, )

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	kqs01-txxz056c.top 1 redirects 1007.kqs01-txxz056c.top	842 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 21493	121 KB
15	2

	Domain	Requested by
10	1007.kqs01-txxz056c.top	1 redirects 1007.kqs01-txxz056c.top
6	client.crisp.chat	1007.kqs01-txxz056c.top client.crisp.chat
15	2

This site contains links to these domains. Also see Links.

Domain
access.kuaiqiangshou.xyz

Subject Issuer	Validity	Valid
kqs01-txxz056c.top WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
crisp.chat E6	`2024-11-27` - `2025-02-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://1007.kqs01-txxz056c.top/
Frame ID: 9FF37B546091D466CBDAAE2583A372EA
Requests: 14 HTTP requests in this frame

Frame: https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 0CF515B7BB0E66A4427DBFB31366EE35
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

注册 | 快枪手

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

962 kB
Transfer

3166 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://access.kuaiqiangshou.xyz/tos.html
Title: 服务条款

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
1007.kqs01-txxz056c.top/ 2 KB
2 KB 364ms
316ms Document
text/html 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3edf142bea0844a4d9b83060055377b002f05d914a7172f8a1a64771f37f163

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f893cdec9f6abeb-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 27 Dec 2024 12:15:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5EJ1IOp0O99WZx4Qm4NHsCGBVZkoXDkOU9R0dcdusqlXKLTb4uJet8dLvmM07AKDLm1b6QlIlhQtFOS0msQU8m%2FlH4fTwW8YdroM%2FMfrDpmfgEf0J4ljsvjODeSQgVVIsT0oxuDLg6kqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=18302&min_rtt=18063&rtt_var=3038&sent=13&recv=10&lost=1&retrans=0&sent_bytes=4191&recv_bytes=4491&delivery_rate=1498&cwnd=12000&unsent_bytes=0&cid=cff5f41072a93faf&ts=323&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 umi.js Show response
1007.kqs01-txxz056c.top/theme/kunlun/assets/ 2 MB
523 KB 540ms
539ms Script
application/javascript 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/theme/kunlun/assets/umi.js
Requested by: Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf46d846c85786a3ebe8176a911aa92be72be826f041bcd5f7f541179afdf30a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://1007.kqs01-txxz056c.top
Referer: https://1007.kqs01-txxz056c.top/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"66e6869b-6f2a5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKM8u3U5nR8Y9x%2Boox6BNUT%2BjtwZ9rlqAXpee980pXk2BJlxdL771uY8t3qyE%2FrGmd1cemH9aR%2B4BzhXh2%2BgL5vx%2BoFiz7%2Fd%2FP9DMbCVJj3zMGP1NNEA1DZqxQ5LVslrGGLfpeCzzKTkcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893ce0db2cabeb-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19903&min_rtt=18063&rtt_var=2071&sent=33&recv=25&lost=2&retrans=1&sent_bytes=24400&recv_bytes=6023&delivery_rate=22162&cwnd=10080&unsent_bytes=0&cid=cff5f41072a93faf&ts=873&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:45 GMT
content-type: application/javascript
last-modified: Sun, 15 Sep 2024 07:02:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 custom.css
1007.kqs01-txxz056c.top/theme/kunlun/assets/ 99 KB
16 KB 332ms
331ms Stylesheet
text/css 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/theme/kunlun/assets/custom.css?v=0.1.1-dev
Requested by: Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2791ae1b85456c4417fa4e110a431087d9f34a55fd12f0ddd65a50c6a5f344c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"66cf17a6-18d85"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UMUIt1vJTe6gn5OlTvy%2F%2Bns2IkuOtfrVFZdouly2RITmn%2FLmvbli2%2F5ciY8mMcjA9KZH43%2FvDkpo%2Fo0o3Hs8UwONmasq3060wyhB1rC9e9tmCjzQs5PH5rgt02n2rzT%2BjLcVpWx8gREzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893ce0db2dabeb-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18377&min_rtt=18063&rtt_var=2427&sent=17&recv=14&lost=1&retrans=0&sent_bytes=6809&recv_bytes=5528&delivery_rate=6846&cwnd=12000&unsent_bytes=0&cid=cff5f41072a93faf&ts=647&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:45 GMT
content-type: text/css
last-modified: Wed, 28 Aug 2024 12:27:18 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 custom.js Show response
1007.kqs01-txxz056c.top/theme/kunlun/assets/ 0
669 B 285ms
285ms Script
application/javascript 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/theme/kunlun/assets/custom.js?v=0.1.1-dev
Requested by: Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

cf-cache-status: MISS
etag: "66d596f4-0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OU3tMKyRO6G27rT%2FKEToAKCyHIKllnDHLAXyqGlxtWS78HHGraf8pkGRUsVHtcMv6RHm4dUM2KmSUEc31zCzzyfo1hxzAsNQVa12C6gW2EacaOZsxTD6dUnK%2FvUoicVD0qh3G5pCPLIf1A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18377&min_rtt=18063&rtt_var=2427&sent=16&recv=14&lost=1&retrans=0&sent_bytes=6117&recv_bytes=5528&delivery_rate=6846&cwnd=12000&unsent_bytes=0&cid=cff5f41072a93faf&ts=619&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:45 GMT
content-type: application/javascript
last-modified: Mon, 02 Sep 2024 10:44:04 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f893ce0db2eabeb-YYZ
accept-ranges: bytes
content-length: 0
server: cloudflare

GET
H3 200 l.js Show response
client.crisp.chat/ 9 KB
4 KB 184ms
39ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"64e73b34-2428"
age: 1845
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 12:15:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 12:15:45 GMT
content-type: application/javascript
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8f893ce3ddc736ab-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 375 KB
98 KB 88ms
88ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?7cadd01

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"64e73b34-5dd52"
age: 1845
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 25 Dec 2034 12:15:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 12:15:45 GMT
content-type: application/javascript
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8f893ce42de836ab-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 113 KB
14 KB 33ms
32ms Stylesheet
text/css 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"676e92ea-1c58d"
age: 1845
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 25 Dec 2034 12:15:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 12:15:45 GMT
content-type: text/css
last-modified: Fri, 27 Dec 2024 11:43:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8f893ce42de936ab-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 / Show response
client.crisp.chat/settings/website/cc11681a-318d-4e9a-a677-e7a60674a140/prelude/ 222 B
546 B 353ms
353ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/cc11681a-318d-4e9a-a677-e7a60674a140/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-11-27-4-15

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6f2a95c942acff6da4bf5d05169753619e967b6004996ab7c6262e5c98d6f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: MISS
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Fri, 27 Dec 2024 16:15:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 12:15:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
last-modified: Fri, 27 Dec 2024 12:15:46 GMT
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8f893ce7efd736ab-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 / Show response
client.crisp.chat/settings/website/cc11681a-318d-4e9a-a677-e7a60674a140/ 1 KB
1 KB 363ms
362ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/cc11681a-318d-4e9a-a677-e7a60674a140/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1733471200737

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed864b66441e8374a76e4c5b5b9cb6bd877f012c2568b58233457c159194f9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: MISS
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Fri, 27 Dec 2024 16:15:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 12:15:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
last-modified: Fri, 27 Dec 2024 12:15:47 GMT
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8f893cf0ec6a36ab-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 10 KB
4 KB 31ms
31ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?7cadd01

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444b58f8f0cf2c56c53fada3c5e27a87b713a0855c8b84d93caa2316604b3c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"66759605-26a4"
age: 1844
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 25 Dec 2034 12:15:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 12:15:47 GMT
content-type: application/javascript
last-modified: Fri, 21 Jun 2024 15:02:29 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8f893cf32d8136ab-YYZ
access-control-allow-origin: *
server: cloudflare

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 captcha
1007.kqs01-txxz056c.top/api/v1/passport/auth/ 1 KB
2 KB 164ms
163ms Image
image/png 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1007.kqs01-txxz056c.top/api/v1/passport/auth/captcha?dummy=1735301748601
Requested by: Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae9bc826138dff3960b2b7f2ec77f222073083500e1903f296f248b98e75f7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fM6Gv%2B2bELBLCNV17wKOSitmWEorx4mw98bbUmLDYi8jJ9yXmSy%2BkjVs8667UuIDSaW19AAz7jRHB9QQqr99%2B7pUW11R3CWoyInCKBdnwdObX2X%2B7Lrb3SXQd9D7V1NoKXo%2FgZ6jwceNLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893cf928aeabeb-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1107
server-timing: cfL4;desc="?proto=QUIC&rtt=2745526&min_rtt=18063&rtt_var=251635&sent=606&recv=320&lost=65&retrans=64&sent_bytes=650554&recv_bytes=21876&delivery_rate=1459&cwnd=4547&unsent_bytes=0&cid=cff5f41072a93faf&ts=4387&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:48 GMT
content-type: image/png
server: cloudflare
priority: u=3,i

GET
H3 200 config Show response
1007.kqs01-txxz056c.top/api/v1/guest/comm/ 559 B
1001 B 339ms
339ms XHR
application/json 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/api/v1/guest/comm/config?t=1735301748649
Requested by: Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/theme/kunlun/assets/umi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f6d5df8bfdb518c64ae63315f6e6157916e79750faf141d6511c534feb13d8

Request headers

Referer: https://1007.kqs01-txxz056c.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Language: zh-CN

Response headers

cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUcoovbhrr4oq8GQ%2B5qhLc%2F%2F6PywvxrRVsReCbxQPWuM1GzmDEGE%2BjduoM6UHdSPV%2F28qCqAbGNgztMAfffqx2Kv5IiWcoiBCXfh4i2KxHPzOqAvWDYMwJcga%2BzVPjBDrPKvGoG6RuycAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893cf928b4abeb-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2839236&min_rtt=18063&rtt_var=304652&sent=608&recv=322&lost=65&retrans=64&sent_bytes=652383&recv_bytes=21966&delivery_rate=739&cwnd=4547&unsent_bytes=0&cid=cff5f41072a93faf&ts=4516&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:48 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

main.js Show response
1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 0CF5
Redirect Chain

https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
5 KB

26ms
26ms

Script
application/javascript

172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Requested by

Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/

Protocol

Server

172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64092abbd2f25ea7bcce04e036187476cb383deb11ce1e17105af1542d011cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lU4X%2Fp5280LHXpPAg5gpRlB%2Bm5xLz6NarrSljiOF1Q%2FFIbAxJxHT7kQZe%2Fto%2FT8X7QA%2BxjORC7iCGLg31K%2FGIyf1vHz3qO9y8KLIt%2FMLT87Y4tV1ktcbhk0LhhKCKTi5084nPOUaIFAWpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f893cf9b8f0abeb-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2693179&min_rtt=18063&rtt_var=195924&sent=601&recv=319&lost=65&retrans=64&sent_bytes=645513&recv_bytes=21831&delivery_rate=243&cwnd=4547&unsent_bytes=0&cid=cff5f41072a93faf&ts=4344&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqewbV8O0Hz3ahC1UxBEoqa2tSibQMh%2BHueANAudJYoUaH2GyfH7xFBtlARLa6JBEtj532Q3ZhTLOiTnUaEwfrzdI33kEKiTnGl18w%2FNzjch8Su8xBnx%2BUuyznIWvH4urO1iR87zxRERIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893cf928b7abeb-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=2645661&min_rtt=18063&rtt_var=134518&sent=599&recv=317&lost=65&retrans=64&sent_bytes=644751&recv_bytes=21422&delivery_rate=434&cwnd=4547&unsent_bytes=0&cid=cff5f41072a93faf&ts=4255&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:48 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8f893cdec9f6abeb Show response
1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0CF5 0
1 KB 32ms
28ms XHR
text/plain 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/h/b/jsd/r/8f893cdec9f6abeb
Requested by: Host: 1007.kqs01-txxz056c.top
URL: https://1007.kqs01-txxz056c.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4hp4Kw8yjFZ3W%2FrM%2BvCrgniB%2FpCZWNto5Eda0apuAgA%2FT4lbpai9E67SWUpYj91dMAN6ksWHA1u57qfEotU%2BhzVuqnzTkfnt02yjHUtBconBJNyh3mHwzpIVBjx6I425Bji0prekz%2BLzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893cfaf9bfabeb-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2839236&min_rtt=18063&rtt_var=304652&sent=614&recv=338&lost=65&retrans=64&sent_bytes=653529&recv_bytes=39750&delivery_rate=739&cwnd=4547&unsent_bytes=0&cid=cff5f41072a93faf&ts=4546&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Fri, 27 Dec 2024 12:15:48 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 favicon.ico
1007.kqs01-txxz056c.top/ 313 KB
291 KB 555ms
554ms Other
image/x-icon 172.67.155.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1007.kqs01-txxz056c.top/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac642a1ae58042c25fe2a652815db5bc48c7e44b6407ba9485e1ed5853b8bab1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://1007.kqs01-txxz056c.top/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"66e256ce-4e560"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQLAo5C2LoJaW3mJZm9S23bL5eGtaFdirToPbSbNNjfp%2F9J4vcstfLtNorUYJCoklkCpT22Xr4M5A3cbv1rfel%2B8qk7NVy4TxC01nfyoO48dQKTq%2FA9kdS9kwcO1PWXcRJqTix5Z1kk1qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f893cfaf9c7abeb-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2953317&min_rtt=18063&rtt_var=369882&sent=617&recv=340&lost=66&retrans=65&sent_bytes=655787&recv_bytes=39844&delivery_rate=306&cwnd=4547&unsent_bytes=0&cid=cff5f41072a93faf&ts=5075&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 12:15:49 GMT
content-type: image/x-icon
last-modified: Thu, 12 Sep 2024 02:49:50 GMT
vary: Accept-Encoding
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kqs01-txxz056c.top/	1970-01-21 06:24:29	Name: crisp-client%2Fsession%2Fcc11681a-318d-4e9a-a677-e7a60674a140 Value: session_6795f088-9030-4283-9ddf-2184dfd0a742
1007.kqs01-txxz056c.top/	1969-12-31 23:59:59	Name: captchaSession Value: GaZm3no8
.kqs01-txxz056c.top/	1970-01-21 10:47:17	Name: cf_clearance Value: YyjO2nhf6pZdcyEpn18D4XTir8PnJQ2LoIGgIkYep0k-1735301748-1.2.1.1-Qfzj9elXQxxLtIqucMtmoDVlS_kubDXDWFnFYRXT20QSjHEIIVLeHmWQeoMJD5jp3SI3YPQIyOa_eeI93m18S8x8oe_W71xAxxN8BJUu_0_pBbBTP6CeORYKkDesGrdMfmcYud3SW5_7TxZIIgR7v7sN7uG05zKtEgLSdWjpvmLgaxgmsZwnKdKh.MZ35gri3_kAInHCn9V9jiN3oNTjrZsh1WqAmFxJUxcSGcWQe.hQ16VFt2smJb2adRMF1tMcF2mBAMoedzz2KyHZBGYOLeWcgj6mg8v9Qrv2M9qw3VTT2RvZNprod3R7n74Akh1a.gznq_1_gdsCmYshoyzyDhK7SKc9lTlR0FT0L2IJtsQVwAnCQ5k_aOgF7zJeAudf

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://1007.kqs01-txxz056c.top/#/register?code=EvNC7AyG Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://1007.kqs01-txxz056c.top/#/register?code=EvNC7AyG Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1007.kqs01-txxz056c.top
client.crisp.chat
104.18.28.104
172.67.155.124
444b58f8f0cf2c56c53fada3c5e27a87b713a0855c8b84d93caa2316604b3c07
4ae9bc826138dff3960b2b7f2ec77f222073083500e1903f296f248b98e75f7e
57f6d5df8bfdb518c64ae63315f6e6157916e79750faf141d6511c534feb13d8
64092abbd2f25ea7bcce04e036187476cb383deb11ce1e17105af1542d011cfb
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
ac642a1ae58042c25fe2a652815db5bc48c7e44b6407ba9485e1ed5853b8bab1
ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a
b2791ae1b85456c4417fa4e110a431087d9f34a55fd12f0ddd65a50c6a5f344c
b6f2a95c942acff6da4bf5d05169753619e967b6004996ab7c6262e5c98d6f48
bf46d846c85786a3ebe8176a911aa92be72be826f041bcd5f7f541179afdf30a
cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917
d3edf142bea0844a4d9b83060055377b002f05d914a7172f8a1a64771f37f163
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af
ed864b66441e8374a76e4c5b5b9cb6bd877f012c2568b58233457c159194f9dd

1007.kqs01-txxz056c.top Open in urlscan Pro 172.67.155.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

962 kBTransfer

3166 kBSize

3 Cookies

1 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

1007.kqs01-txxz056c.top Open in urlscan Pro
172.67.155.124 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

962 kB
Transfer

3166 kB
Size

3
Cookies

15 HTTP transactions
1 data transactions