kthcs2f.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kthcs2f.top/
Submission Tags: phishingrod
Submission: On April 28 via api (April 28th 2023, 6:50:32 am UTC) from DE — Scanned from NL

Summary HTTP 24 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kthcs2f.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2023. Valid for: a year.

This is the only time kthcs2f.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	134.122.169.33 134.122.169.33	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
1	103.235.46.40 103.235.46.40	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	47.253.50.2 47.253.50.2	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	42.236.73.40 42.236.73.40	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
24	6

17 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kthcs2f.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.122.169.33 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

www.lelifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.40 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.236.73.40 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	kthcs2f.top kthcs2f.top	308 KB
4	51.la sdk.51.la — Cisco Umbrella Rank: 40707 js.users.51.la — Cisco Umbrella Rank: 52820 ia.51.la — Cisco Umbrella Rank: 41246 collect-v6.51.la — Cisco Umbrella Rank: 27411	16 KB
2	lelifi.com www.lelifi.com	3 KB
1	baidu.com sp0.baidu.com — Cisco Umbrella Rank: 18187	116 B
24	4

	Domain	Requested by
17	kthcs2f.top	kthcs2f.top
2	www.lelifi.com	kthcs2f.top
1	collect-v6.51.la	sdk.51.la
1	ia.51.la	kthcs2f.top
1	js.users.51.la	kthcs2f.top
1	sdk.51.la	kthcs2f.top
1	sp0.baidu.com	kthcs2f.top
24	7

This site contains links to these domains. Also see Links.

Domain
m.31hy1.top
www.drsg52jz.top
mhuknpe.top
3g.cdd8ysks.top
oa2bo9g.top
m.hhstf333.top
yjg8n3.top
wap.hhstf333.top
m.old-school-gaming.top
kkfth35.top
3g.bznpw88.top
m.lhfomj.top
3g.m2tdggw.top
3g.brand98.top
cdd8hgmd.top
jncjsg.top
wap.246aq.top
3g.e7zx7hx.top
wap.hshjxc.top
wap.cddxgh4.top
www.zhouyiyan.top
www.kzgyn.top
huizhengsan.top
3g.hhstf333.top
3g.pengkuangxing.top
cddk2cy.top
3g.iaiasucc.top
3g.v8edrwo.top
qkjmh95.top
www.hsnbt88.top
3g.frsn72jx.top
www.kvxwdv.top
k72xbnq.top
qdw32kj.top
www.zbft90.top
www.dyvxnc7.top
zhoushan520.top
wap.m32dra.top
3g.jr5hrj9.top
www.jsbcpu.top
wap.o7sa72i.top
www.bkfc26q.top
www.tongfen234.top
wap.cxhipe22.top
m.so5xchi.top
xiangyebi.top
www.cddqdn2.top
bztbig.top
3g.news285.top
m.cdddt5n.top
bjnlvxlr.top
www.mansan33.top
m.dmgjxv.top

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-26`	a year	crt.sh
lelifi.com GoGetSSL RSA DV CA	`2023-04-23` - `2023-07-22`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://kthcs2f.top/
Frame ID: BF40847AE9D067869BE802CDE25C97BC
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WWW.97GE,COM_WWW97GECOM__成人首頁

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

17 %
IPv6

4
Domains

7
Subdomains

6
IPs

4
Countries

327 kB
Transfer

709 kB
Size

7
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: http://m.31hy1.top/
Title: m.31hy1.top

Search URL Search Domain Scan URL

URL: http://www.drsg52jz.top/
Title: www.drsg52jz.top

Search URL Search Domain Scan URL

URL: http://mhuknpe.top/
Title: mhuknpe.top

Search URL Search Domain Scan URL

URL: http://3g.cdd8ysks.top/
Title: 3g.cdd8ysks.top

Search URL Search Domain Scan URL

URL: http://oa2bo9g.top/
Title: oa2bo9g.top

Search URL Search Domain Scan URL

URL: http://m.hhstf333.top/
Title: m.hhstf333.top

Search URL Search Domain Scan URL

URL: http://yjg8n3.top/
Title: yjg8n3.top

Search URL Search Domain Scan URL

URL: http://wap.hhstf333.top/
Title: wap.hhstf333.top

Search URL Search Domain Scan URL

URL: http://m.old-school-gaming.top/
Title: m.old-school-gaming.top

Search URL Search Domain Scan URL

URL: http://kkfth35.top/
Title: kkfth35.top

Search URL Search Domain Scan URL

URL: http://3g.bznpw88.top/
Title: 3g.bznpw88.top

Search URL Search Domain Scan URL

URL: http://m.lhfomj.top/
Title: m.lhfomj.top

Search URL Search Domain Scan URL

URL: http://3g.m2tdggw.top/
Title: 3g.m2tdggw.top

Search URL Search Domain Scan URL

URL: http://3g.brand98.top/
Title: 3g.brand98.top

Search URL Search Domain Scan URL

URL: http://cdd8hgmd.top/
Title: cdd8hgmd.top

Search URL Search Domain Scan URL

URL: http://jncjsg.top/
Title: jncjsg.top

Search URL Search Domain Scan URL

URL: http://wap.246aq.top/
Title: wap.246aq.top

Search URL Search Domain Scan URL

URL: http://3g.e7zx7hx.top/
Title: 3g.e7zx7hx.top

Search URL Search Domain Scan URL

URL: http://wap.hshjxc.top/
Title: wap.hshjxc.top

Search URL Search Domain Scan URL

URL: http://wap.cddxgh4.top/
Title: wap.cddxgh4.top

Search URL Search Domain Scan URL

URL: http://www.zhouyiyan.top/
Title: www.zhouyiyan.top

Search URL Search Domain Scan URL

URL: http://www.kzgyn.top/
Title: www.kzgyn.top

Search URL Search Domain Scan URL

URL: http://huizhengsan.top/
Title: huizhengsan.top

Search URL Search Domain Scan URL

URL: http://3g.hhstf333.top/
Title: 3g.hhstf333.top

Search URL Search Domain Scan URL

URL: http://3g.pengkuangxing.top/
Title: 3g.pengkuangxing.top

Search URL Search Domain Scan URL

URL: http://cddk2cy.top/
Title: cddk2cy.top

Search URL Search Domain Scan URL

URL: http://3g.iaiasucc.top/
Title: 3g.iaiasucc.top

Search URL Search Domain Scan URL

URL: http://3g.v8edrwo.top/
Title: 3g.v8edrwo.top

Search URL Search Domain Scan URL

URL: http://qkjmh95.top/
Title: qkjmh95.top

Search URL Search Domain Scan URL

URL: http://www.hsnbt88.top/
Title: www.hsnbt88.top

Search URL Search Domain Scan URL

URL: http://3g.frsn72jx.top/
Title: 3g.frsn72jx.top

Search URL Search Domain Scan URL

URL: http://www.kvxwdv.top/
Title: www.kvxwdv.top

Search URL Search Domain Scan URL

URL: http://k72xbnq.top/
Title: k72xbnq.top

Search URL Search Domain Scan URL

URL: http://qdw32kj.top/
Title: qdw32kj.top

Search URL Search Domain Scan URL

URL: http://www.zbft90.top/
Title: www.zbft90.top

Search URL Search Domain Scan URL

URL: http://www.dyvxnc7.top/
Title: www.dyvxnc7.top

Search URL Search Domain Scan URL

URL: http://zhoushan520.top/
Title: zhoushan520.top

Search URL Search Domain Scan URL

URL: http://wap.m32dra.top/
Title: wap.m32dra.top

Search URL Search Domain Scan URL

URL: http://3g.jr5hrj9.top/
Title: 3g.jr5hrj9.top

Search URL Search Domain Scan URL

URL: http://www.jsbcpu.top/
Title: www.jsbcpu.top

Search URL Search Domain Scan URL

URL: http://wap.o7sa72i.top/
Title: wap.o7sa72i.top

Search URL Search Domain Scan URL

URL: http://www.bkfc26q.top/
Title: www.bkfc26q.top

Search URL Search Domain Scan URL

URL: http://www.tongfen234.top/
Title: www.tongfen234.top

Search URL Search Domain Scan URL

URL: http://wap.cxhipe22.top/
Title: wap.cxhipe22.top

Search URL Search Domain Scan URL

URL: http://m.so5xchi.top/
Title: m.so5xchi.top

Search URL Search Domain Scan URL

URL: http://xiangyebi.top/
Title: xiangyebi.top

Search URL Search Domain Scan URL

URL: http://www.cddqdn2.top/
Title: www.cddqdn2.top

Search URL Search Domain Scan URL

URL: http://bztbig.top/
Title: bztbig.top

Search URL Search Domain Scan URL

URL: http://3g.news285.top/
Title: 3g.news285.top

Search URL Search Domain Scan URL

URL: http://m.cdddt5n.top/
Title: m.cdddt5n.top

Search URL Search Domain Scan URL

URL: http://bjnlvxlr.top/
Title: bjnlvxlr.top

Search URL Search Domain Scan URL

URL: http://www.mansan33.top/
Title: www.mansan33.top

Search URL Search Domain Scan URL

URL: http://m.dmgjxv.top/
Title: m.dmgjxv.top

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kthcs2f.top/ 416 KB
70 KB 2954ms
2821ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f4105f260c44b8283d87a3c3c4c2074a9317ae5e2d5a71eb832104965403e04

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bed5ed9c858d0c9-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 06:50:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wq8G%2BSmgD9sPkdQLCeuTeHur8ueM5qVPcxI54P8vbooapqt3D0w6P8b%2F0XCBHOfxYimaGnxqvn84q8PKbow5LWxm0qGS33CQSV%2FRgtL8s888RpEiSx1vxt%2BhpS1Xma786LfSi8DAnPGYPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.css
kthcs2f.top/template/3577/css/ 9 KB
2 KB 629ms
628ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee42968febbec8b62b3910ce2257a0950cea2abe936a37a5b3ac263d1db77f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Nov 2019 13:48:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5dc2cf16-2342"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Fai3qzzteX5%2BwTX8yEdyIF7qA0zK8VRpyDGo%2F%2Bn6r4o5dcNRppAOqYcqoVhjdUYHPn0PdYTF7He5%2B%2Fn1SKrIcAVlUUDDXORbAuJegTXBM2B7JhZIydTDhRkrDDYaWXwUbcbeOBaebYJFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7bed5eeb6ca1d0c9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Apr 2023 18:50:24 GMT

GET
H2 200 Aquery.js Show response
kthcs2f.top/ 540 B
749 B 360ms
360ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/Aquery.js
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 11:47:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"644a60c2-21c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ%2Fu8Y012J6NrNGstNvuomVwoXCTjpy6gWF9efmeeJkAn45PgjVcfisKLBbaxs%2FQAzC%2BfX9xz6D%2BamoAFrrmGlJAjM86IWlqGsd4ZD741iVMUCi%2FAYEShNCTKMXqaQX%2FQfTUNLoAOKCaMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7bed5eeb6ca3d0c9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Apr 2023 18:50:24 GMT

GET
H3 200 screen-unique.png
kthcs2f.top/template/3577/tmp/ 13 KB
14 KB 612ms
612ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/tmp/screen-unique.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62f56687335bf1efe8d995a748710af5a1f05a5a63cbdbd01414a241254c7cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:24 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-356e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdCNadHDR5e8J%2FBvP%2B0qefiOa5BMn8pDLAh%2FwQV0FLWyx05YBH%2BqhwXotM%2B4fO00nX1r2hHN%2B%2FqyYoyB%2B3gVFfTcRxVkkJvF7OFGqzTZekiI3bbUdbmQrmd7uGC44Q32PdBKKQNnrFHxhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5eedaeb20b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13678
expires: Sun, 28 May 2023 06:50:24 GMT

GET
H3 200 browsers.png
kthcs2f.top/template/3577/tmp/ 159 KB
159 KB 886ms
885ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/tmp/browsers.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c96d167c61027ad5f94fe4d88484e4688dea52678b7202240feeb8de67833f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:25 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-27b1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Sl%2F%2FxQnJqYuWU8VwEnuk4PQxpQ6%2FiAO3gu9uISwjEWFAET5gm33bZs61RXE2ZJyoFu%2BlBmx4vRaDHIGiOmnBs4rK%2FefFJlnKomsmU0HPjvQDRJLQku9sxarYQqAsJD3XKjPD3S7u9zAxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef17b610b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 162587
expires: Sun, 28 May 2023 06:50:25 GMT

GET
H3 200 empty.gif
kthcs2f.top/template/3577/tmp/ 2 KB
3 KB 316ms
315ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/tmp/empty.gif
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acbb1f10f4eb53f4333035331a0dad995a81073c57a9c22878e8ff76296f3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-9fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yckSeK00tyjtwi03efC92rP20pfcCMI6kE%2BHRieeZ5Yh4K%2BAKD7e%2BNI4yVGIiYE2YYLTz8Ia29ntpDGyULzQ7Q3%2FE0nzD%2FF1Ws7V1EeeFAj7MU4fGyAGEjqdaJ%2B8vIukj6FwqgV5eyKFzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef75a200b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2558
expires: Sun, 28 May 2023 06:50:25 GMT

GET
H3 200 empty2.gif
kthcs2f.top/template/3577/tmp/ 1 KB
2 KB 622ms
620ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/tmp/empty2.gif
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3fce6a0e9cd151288a86998542f952cb74ec27ce87ecf5e97d63e2c2102ab8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-4f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVnuOQSbT4HiBImBfA7%2FHYj75vfGJ3O6RSv08K%2F0RXoAqTC6q6lQJebpDzlyZg92xx%2FSNSkSGFxkFj8PBnp%2Fr4ZovTQUkO6UpHAvhrNMQzkkV7fg2z66tF5a3nPFi8MZW5hGQbpo6xiqAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef75a240b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1269
expires: Sun, 28 May 2023 06:50:26 GMT

GET
H3 200 empty3.gif
kthcs2f.top/template/3577/tmp/ 2 KB
3 KB 310ms
309ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/tmp/empty3.gif
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852e2725474491d443888027744a4e3d729f3f02540f19c621716e1db8436244

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-9f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9LJdzFeerJhn5J1U0pGLbPGbiE2g2It6tkuxy1dqDkEK9HTlByC%2BWMGLWTHj31EiMenpZvDKTN59QKfrYwyCaO0KNAoFV%2B7a9RuIv9TjGoqlMMXeiNlevdxtzpMtH0ZFA%2FDj3EYJZGVAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef75a250b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2546
expires: Sun, 28 May 2023 06:50:25 GMT

GET
H3 200 print.css
kthcs2f.top/template/3577/css/ 8 KB
2 KB 623ms
621ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/template/3577/css/print.css
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d5e450c132b239ce095a33039c909d1420b78847c089862778feffb9ece0b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5da56d86-1e2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPr0N6ft9FSRlWrC7rqYL3LgDXSMk8m82nYFaomeW3atbxQp87JICxnEjTjzgvn%2F90liXwVlDfgwt7tKnkwIMVvit8mNTyl4Fwv5Y0qF3vDP%2FmvlqEhgGOLZkW9pwyzuH%2BQyMgN4U0pivw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7bed5ef75a270b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Apr 2023 18:50:26 GMT

GET
H3 200 Baidu.js Show response
kthcs2f.top/ 651 B
906 B 326ms
326ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/Baidu.js
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5daaf9187bd50f8ff80a0f4563f38ae0d7b9b09e80a2bfc051c22bbaf931af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 11 Apr 2023 08:32:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64351b01-28b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTs7iYksfps6VBPH7NIjSrTIc45jLafSvhNLqqekvfotZNuJISN1skk8lf1PKS6GEkFa5wlqJWyBNZBEmUn1brxQMVL1a1vLQbP2d1Te2vcSTQeAGWaVC2Q9c1D39f5%2F6nV2%2FpHDXMgovQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7bed5eef58cb0b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Apr 2023 18:50:24 GMT

GET
H3 200 reset.css
kthcs2f.top/template/3577/css/ 2 KB
1 KB 333ms
333ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/template/3577/css/reset.css
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da742e277b2a75b76b790d8be3ac543de7b54088f0de8f4258c390b8f2cc5a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5da56d86-79d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv4ob%2Foxg4LrkOWrIXZaaX0bsvUlN8GYb3P5kN6m4LrjMvptBNGRMgtNOTG97%2BuYSBelPr3Dw2Q4Q%2BgbLV8o3AgFIqXQNpBMdpKopvyUndoMQkdsb6nYvNDVYvglnmwtoZX0yG06XYh%2B6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7bed5eef58cd0b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Apr 2023 18:50:24 GMT

GET
H3 404 jquery.fancybox-1.3.4.css
kthcs2f.top/template/3577/css/ 0
0 328ms
328ms Stylesheet
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kthcs2f.top/template/3577/css/jquery.fancybox-1.3.4.css
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiJwNDW4wHR7Cb7QHfZnMS6q33w7vBL524Bb5zA7p3%2BpA7%2F2t6ELaZmoGb846Qw9Omk9Vtl6qaHRmCJTCvrOeHUlA7heaNSqwblY2FzZO2geegcnqDQ6%2F%2FGdnZJHDY7BCxmC9czu8ZKoxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 7bed5eef58cf0b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.js Show response
www.lelifi.com/app/ 4 KB
1 KB 930ms
212ms Script
application/javascript 134.122.169.33
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lelifi.com/app/app.js?t=shang&c=google&mb=1

Requested by

Host: kthcs2f.top
URL: https://kthcs2f.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.122.169.33 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

92d4b44279227d4641f6a4ab37bb1bba79737c784510356e0cff405063ad09da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kthcs2f.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 28 Apr 2023 06:50:25 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 11:25:34 GMT
server: nginx
etag: W/"644a5bae-f26"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 28 Apr 2023 18:50:25 GMT

GET
H2 200 app.js Show response
www.lelifi.com/app/ 4 KB
1 KB 931ms
214ms Script
application/javascript 134.122.169.33
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1

Requested by

Host: kthcs2f.top
URL: https://kthcs2f.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.122.169.33 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

92d4b44279227d4641f6a4ab37bb1bba79737c784510356e0cff405063ad09da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kthcs2f.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 28 Apr 2023 06:50:25 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 11:25:34 GMT
server: nginx
etag: W/"644a5bae-f26"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 28 Apr 2023 18:50:25 GMT

GET
H3 200 background.png
kthcs2f.top/template/3577/img/ 19 KB
20 KB 334ms
334ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/img/background.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0180b0698b515d02013dc213fd841dc4bf6b6b2f0b847ff3223680398b230a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-4d17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYiEtDppfV4BGJRLPrbYrEtwPOpoR2TJNBau2UOGeeVzXoB5cAHgFS4RTmDqV%2FClXR0I%2BA0Lo5F2WB5vvgxabZ%2Fj38cMDLdR8FI02PCpXSN1%2Bhj6SkVuEe78F6G2DHk49HsQmBNrDByHWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef77a570b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19735
expires: Sun, 28 May 2023 06:50:26 GMT

GET
H3 200 dots-header.png
kthcs2f.top/template/3577/img/ 141 B
634 B 314ms
314ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/img/dots-header.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f8bb2cb22a765b3e7a8fdf00bc69544e1617addb6272cd680a0a972159d14f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY2OHWTmO1Mmrgs2ebdqAVnRktRtdqEyqdpFesQ4ixpKIqGVIqq4VSgY8z1TDwtgtJYLgMOYlYC42vQ6JB2jOdTyc%2FkKLll7qOiIE%2BxHSiiLL%2F3DVKVZa3SwFQCnflcdj0tfpzyzLK9TrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef77a580b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 141
expires: Sun, 28 May 2023 06:50:26 GMT

GET
H3 200 reflection.png
kthcs2f.top/template/3577/img/ 18 KB
19 KB 758ms
757ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/img/reflection.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44aba0dbec8817e4741a2cf315040b1cc32e32deb4fd1581efe9fb98c97d3a26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-4957"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1sfkyzgp4fdGOQFpHE%2FeFKw37yfXr7orxpE4trCRR0W5O3zKUyxTBqf8cGik%2Bn7GAEVP5rp3wLYxuF6NJhTs%2FjygL7QjKQQ6eHEcoiMewQvcLFqwOWitXFloEqKkhX%2Bde3F%2F2d0Ia7tjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef77a630b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18775
expires: Sun, 28 May 2023 06:50:26 GMT

GET
H3 200 window.png
kthcs2f.top/template/3577/img/ 11 KB
11 KB 588ms
588ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/img/window.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee72f05efe23180306b2c9ce146cde9522d92a829a280ffac8e459ccc699a33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-2b17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvLtAoqAl3B6TKLXE96BOvTCcFelVBtnLkK73C1XA98UjdefFI8icZla36W0irD%2B1eTLLF8YeiwKGWgTZC8qn%2Fj8W2zOeav5KHFj4NdoMj6tIrqOTx%2Ft%2FufvpqfK6C04Di3FSFUD6cXQDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef77a650b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11031
expires: Sun, 28 May 2023 06:50:26 GMT

GET
H3 200 dots-footer.png
kthcs2f.top/template/3577/img/ 143 B
634 B 589ms
589ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kthcs2f.top/template/3577/img/dots-footer.png
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/template/3577/css/main.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f5ba154270d3b4f3a7130c59dfbb267beb1f9b330fb583eb4c82f24f7f0f44e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/template/3577/css/main.css?v=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:50:26 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Oct 2019 06:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da56d86-8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0siaZHxR4DImxcn4ZFv2TDB0gijkpnPitOeYJL11gdG7fDp%2BDs9Jcw9Z5d4TJqvgLECrL23Hu3K8QRuNhdiNb6cc5LvFXCcrg7QSKGS8S1A7bFKYUGHWm56AUk5JCTo%2FY4rWKc9Sn3u23w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7bed5ef78a690b5a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143
expires: Sun, 28 May 2023 06:50:26 GMT

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 2924ms
343ms Image
text/plain 103.235.46.40
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://kthcs2f.top/
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.46.40 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 06:50:28 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 795ms
195ms Script
application/javascript 47.253.50.2
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 06:50:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Server: openresty
ETag: W/"63bceaef-861a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1296000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 21600017.js Show response
js.users.51.la/ 5 KB
3 KB 647ms
210ms Script
application/javascript 42.236.73.40
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21600017.js
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/Baidu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.73.40 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: d88f1c0cb273379b3ffd0923ef79dc4d188fd01b35227bbaecfe2d1f183001a7

Request headers

Referer: https://kthcs2f.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 28 Apr 2023 06:50:26 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 2730ms
1558ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21600017&rt=1682664626557&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.97GE%252CCOM_WWW9&ing=1&ekc=&sid=1682664626557&tt=WWW.97GE%252CCOM_WWW97GECOM__%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=WWW.97GE%252CCOM_WWW97GECOM_%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fkthcs2f.top%252F&pu=
Requested by: Host: kthcs2f.top
URL: https://kthcs2f.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 06:50:29 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

POST
H/1.1 403 collect Show response
collect-v6.51.la/v6/ 0
395 B 1599ms
373ms XHR
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kthcs2f.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://kthcs2f.top
Date: Fri, 28 Apr 2023 06:50:28 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| LA number| laWaitTime

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kthcs2f.top/	1969-12-31 23:59:59	Name: __tins__21600017 Value: %7B%22sid%22%3A%201682664626557%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201682666426557%7D
kthcs2f.top/	1969-12-31 23:59:59	Name: __51cke__ Value:
kthcs2f.top/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
kthcs2f.top/	1969-12-31 23:59:59	Name: __vtins__K1vDZuadDgxTltmQ Value: %7B%22sid%22%3A%20%222b535ead-2cf8-5a08-8996-e6985f544314%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201682666426710%2C%20%22ct%22%3A%201682664626710%7D
kthcs2f.top/	1970-01-20 21:00:24	Name: __51uvsct__K1vDZuadDgxTltmQ Value: 1
kthcs2f.top/	1970-01-20 21:00:24	Name: __51vcke__K1vDZuadDgxTltmQ Value: ea1ea41b-89f6-53c8-a5ba-085de63a6cc6
kthcs2f.top/	1970-01-20 21:00:24	Name: __51vuft__K1vDZuadDgxTltmQ Value: 1682664626713

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kthcs2f.top/template/3577/css/jquery.fancybox-1.3.4.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.lelifi.com/app/app.js?t=shang&c=google&mb=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.lelifi.com/app/app.js?t=shang&c=google&mb=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kthcs2f.top/Baidu.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21600017.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kthcs2f.top/Baidu.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21600017.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://collect-v6.51.la/v6/collect?dt=4 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
ia.51.la
js.users.51.la
kthcs2f.top
sdk.51.la
sp0.baidu.com
www.lelifi.com
103.143.19.103
103.235.46.40
134.122.169.33
2a06:98c1:3121::3
42.236.73.40
47.253.50.2
00d5e450c132b239ce095a33039c909d1420b78847c089862778feffb9ece0b4
44aba0dbec8817e4741a2cf315040b1cc32e32deb4fd1581efe9fb98c97d3a26
4c96d167c61027ad5f94fe4d88484e4688dea52678b7202240feeb8de67833f0
5a5daaf9187bd50f8ff80a0f4563f38ae0d7b9b09e80a2bfc051c22bbaf931af
5da742e277b2a75b76b790d8be3ac543de7b54088f0de8f4258c390b8f2cc5a7
5f4105f260c44b8283d87a3c3c4c2074a9317ae5e2d5a71eb832104965403e04
7d3fce6a0e9cd151288a86998542f952cb74ec27ce87ecf5e97d63e2c2102ab8
852e2725474491d443888027744a4e3d729f3f02540f19c621716e1db8436244
8f5ba154270d3b4f3a7130c59dfbb267beb1f9b330fb583eb4c82f24f7f0f44e
92d4b44279227d4641f6a4ab37bb1bba79737c784510356e0cff405063ad09da
aee42968febbec8b62b3910ce2257a0950cea2abe936a37a5b3ac263d1db77f7
aee72f05efe23180306b2c9ce146cde9522d92a829a280ffac8e459ccc699a33
c0180b0698b515d02013dc213fd841dc4bf6b6b2f0b847ff3223680398b230a7
c3f8bb2cb22a765b3e7a8fdf00bc69544e1617addb6272cd680a0a972159d14f
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d88f1c0cb273379b3ffd0923ef79dc4d188fd01b35227bbaecfe2d1f183001a7
e1acbb1f10f4eb53f4333035331a0dad995a81073c57a9c22878e8ff76296f3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81
f62f56687335bf1efe8d995a748710af5a1f05a5a63cbdbd01414a241254c7cc

kthcs2f.top Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

17 %IPv6

4 Domains

7 Subdomains

6 IPs

4 Countries

327 kBTransfer

709 kBSize

7 Cookies

53 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

7 Cookies

7 Console Messages

Indicators

kthcs2f.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

17 %
IPv6

4
Domains

7
Subdomains

6
IPs

4
Countries

327 kB
Transfer

709 kB
Size

7
Cookies

24 HTTP transactions
0 data transactions