urlscan.io logo urlscan.io
SecurityTrails logo

ks6x0.fn3ib3.com Open in urlscan Pro
2600:9000:23d2:1400:d:d87e:2240:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hls98.com/
Effective URL: https://ks6x0.fn3ib3.com/?dc=wc
Submission: On December 28 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2600:9000:23d2:1400:d:d87e:2240:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ks6x0.fn3ib3.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 1st 2023. Valid for: a year.
This is the only time ks6x0.fn3ib3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3037::ac43:9952 (United States)

ASN13335 (CLOUDFLARENET, US)
hls98.com
1    156.225.96.77 (Singapore, Singapore)

ASN35916 (MULTA-ASN1, US)
cdn.staticfile.org
1    2600:9000:229f:9a00:0:5350:cb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
9jzkd.com
12    2600:9000:23d2:1400:d:d87e:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
ks6x0.fn3ib3.com
2    2600:9000:223b:a800:17:cadb:b40:21 (United States)

ASN16509 (AMAZON-02, US)
d18j9fv1sdbxnx.cloudfront.net
1    2404:6800:4003:c1c::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 fn3ib3.com
ks6x0.fn3ib3.com
1 MB
2 cloudfront.net
d18j9fv1sdbxnx.cloudfront.net
810 B
2 hls98.com
hls98.com
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 9jzkd.com
9jzkd.com
367 B
1 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 60183
37 KB
17 6
Domain Requested by
12 ks6x0.fn3ib3.com hls98.com
ks6x0.fn3ib3.com
2 d18j9fv1sdbxnx.cloudfront.net ks6x0.fn3ib3.com
2 hls98.com 1 redirects
1 www.google-analytics.com ks6x0.fn3ib3.com
1 9jzkd.com 1 redirects
1 cdn.staticfile.org hls98.com
17 6

This site contains no links.

Subject Issuer Validity Valid
hls98.com
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.staticfile.org
GeoTrust RSA CN CA G2		 2023-09-08 -
2024-10-04		 a year crt.sh
*.c63vpw.com
Amazon RSA 2048 M02		 2023-11-01 -
2024-11-29		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ks6x0.fn3ib3.com/?dc=wc
Frame ID: C851DDE43928BF99A1D16563238DB6B2
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hls98.com/ HTTP 301
    https://hls98.com/ Page URL
  2. https://9jzkd.com/?dc=wc HTTP 302
    https://ks6x0.fn3ib3.com/?dc=wc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1330 kB
Transfer

2715 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hls98.com/ HTTP 301
    https://hls98.com/ Page URL
  2. https://9jzkd.com/?dc=wc HTTP 302
    https://ks6x0.fn3ib3.com/?dc=wc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hls98.com/ HTTP 301
  • https://hls98.com/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hls98.com/
Redirect Chain
  • http://hls98.com/
  • https://hls98.com/
676 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hls98.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9952 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d759730300e8959ec4965c5a2385939de1e0fff0d063111ccc41b1d3f719415

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83c620f72f6f3f58-SIN
content-encoding
br
content-type
text/html
date
Thu, 28 Dec 2023 01:46:18 GMT
last-modified
Wed, 08 Nov 2023 03:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLJ7cRUJteFbWsSsafIFOVC9YHOPSeOvPTsbywr%2FeE6E%2BWOs0M19ByH0Tc8yTsn6DFN1NoQUhfTzG0z1TNchPFkh5aqydTjLXQNERYOlkQuN2To3ot5X9AIYbUQX341w4i67gbO54Ro%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
83c620f6eb3e4112-SIN
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 28 Dec 2023 01:46:18 GMT
Expires
Thu, 28 Dec 2023 02:46:18 GMT
Location
https://hls98.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FZKK5Ez7oJF1T%2Fg0SR6JEVRd%2B6nvb%2BlFzQkYa5Ai%2FTnKLZeR5B5%2FKq18NnTgUTKwXtizGg7NtJxKmwbaGoNIeB6%2FH2BfA0zejDjxPQt9ChYJ3k%2F556nuUiKMhv%2ByKpzLUARtZZlpXQ%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
cdn.staticfile.org/jquery/1.10.2/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js
Requested by
Host: hls98.com
URL: https://hls98.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.225.96.77 Singapore, Singapore, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hls98.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 28 Dec 2023 01:46:18 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"16bac-4vNgPiNxH2RG8nikEdkFYj1lIB4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Max-Age
31104000
Access-Control-Allow-Origin
*
Cache-Control
max-age=2
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
Access-Control-Allow-Methods
GET, POST
X-Ser
BC149_dx-lt-yd-jiangsu-huaian-25-cache-2, BC149_dx-lt-yd-jiangsu-huaian-25-cache-2, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC68_SG-singapore-singapore-8-cache-2, BC80_SG-singapore-singapore-21-cache-2
Primary Request /
ks6x0.fn3ib3.com/
Redirect Chain
  • https://9jzkd.com/?dc=wc
  • https://ks6x0.fn3ib3.com/?dc=wc
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ks6x0.fn3ib3.com/?dc=wc
Requested by
Host: hls98.com
URL: https://hls98.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
41e4fdafbacab988a3f0823028a7f859fe2bef2ec934c501611f33c81496c579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hls98.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
47201
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Wed, 27 Dec 2023 12:39:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
openresty/1.19.9.1
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Accept-Encoding
via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
x-amz-cf-id
3ivNN1TNccFzRTcL3iPyCiKf2MT0hTKsrUw2R-RYVV6dSm4vIywpOA==
x-amz-cf-pop
SIN52-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cloudfront-functions
generated-by-CloudFront-Functions
content-length
0
date
Thu, 28 Dec 2023 01:46:18 GMT
location
https://ks6x0.fn3ib3.com/?dc=wc
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 0f7e4995783c21b04a0e0537b8737dde.cloudfront.net (CloudFront)
x-amz-cf-id
CXN_QE7bMIcCetDyuERxw7OAknhlfRn0UEjop7pKZVfZJnpIzYAGcQ==
x-amz-cf-pop
SIN2-P1
x-cache
FunctionGeneratedResponse from cloudfront
app.3f18d39e.css
ks6x0.fn3ib3.com/css/ 		243 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/?dc=wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
5909d102b94ad9f9d831773ab5a5fbb8fef67a47133c2a3060661160aacb9efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/?dc=wc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 12:40:02 GMT
content-encoding
gzip
via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN52-P1
age
47176
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
W/"658bff92-3cc74"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
8neGUYr62kkaqi_X6Mqd1T8FFvEJgMxfDHwFtZ9t9i2DSNepv4EvzQ==
chunk-vendors.7be1d2f7.css
ks6x0.fn3ib3.com/css/ 		143 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ks6x0.fn3ib3.com/css/chunk-vendors.7be1d2f7.css
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/?dc=wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
2c4f2b8e3edfbdaab2bae4f717f8c8a85e9d8aff84c6b11c09779afe953a6176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/?dc=wc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 12:40:01 GMT
content-encoding
gzip
via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN52-P1
age
47177
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
W/"658bff92-23c09"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
0zGB2axZZBtn9XpXeajhWU4BC2tvzmJ1W2E54pYfocT2VrA1-je9Zg==
app.3a29a444.js
ks6x0.fn3ib3.com/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ks6x0.fn3ib3.com/js/app.3a29a444.js
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/?dc=wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
f900ffa5db09d134fc887f8ce3edca12524acb95ed6c80e2b6df48b30d500796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/?dc=wc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 12:40:02 GMT
content-encoding
gzip
via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN52-P1
age
47176
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
W/"658bff92-3e08"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
AX2Uhw-PbJm-z51RJljQGQgd6SlWfSVy8tw74_6HVAznixjkBpbwCQ==
chunk-vendors.159edaa4.js
ks6x0.fn3ib3.com/js/ 		1 MB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ks6x0.fn3ib3.com/js/chunk-vendors.159edaa4.js
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/?dc=wc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
9025ac57ec64cbd741615cad9c77814b822f77a8ef0d4aef904c30db5ca082f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/?dc=wc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 12:40:02 GMT
content-encoding
gzip
via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN52-P1
age
47176
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
W/"658bff92-15c1f7"
vary
Accept-Encoding,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
NRqvXbgq-dCl9MdeXs1Zdzsysk5OBob9ETMjGHTb2CoTzBv7BCSCAw==
nuS0EDXSczKgf3Xh
d18j9fv1sdbxnx.cloudfront.net/plm/okn/ijb/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d18j9fv1sdbxnx.cloudfront.net/plm/okn/ijb/nuS0EDXSczKgf3Xh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a800:17:cadb:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ks6x0.fn3ib3.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Length,Content-Type,Authorization,X-User-Agent,User-Agent,temp
access-control-allow-methods
GET,POST,PUT,HEAD,DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition,Refresh-Authorization,Cur-Ver
access-control-max-age
0
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Dec 2023 01:46:18 GMT
server
nginx/1.18.0 (Ubuntu)
via
1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-id
IZ4g3a3wcs2eovIMQG5MX-NG3sAREpOfWYRpxTqCyZisYmkv1p8w4Q==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
x-frame-options
sameorigin
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/js/chunk-vendors.159edaa4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Dec 2023 01:01:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2703
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Dec 2023 03:01:15 GMT
bg.ca769e82.webp
ks6x0.fn3ib3.com/img/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/bg.ca769e82.webp
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
207205d2166f7bdb2334087a92c97224d89a25249912c1620233391f706bed66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:52:03 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
46455
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
94306
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-17062"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
-cmNb8DDt5kUowmWCKy6rEq8rlsm1qZQh4VgtWtrqpQaIot5ua3hGQ==
logo.58fc5231.png
ks6x0.fn3ib3.com/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/logo.58fc5231.png
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
2bf05ff28ab8084d1c6bf9fa28c27e1454cd1625b1f328b4b11362cf0559552e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:42:12 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
47046
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11062
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-2b36"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
mS4zqeAWEW8X1HmZ7khO-yEBgyAcS11NYC7xZSmxZpxksLlF6_w3pg==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a331a2a5cd653b3e23b9965397c010bca0789b1aa169ec829e4f407cdf26713e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20489481ab8a048c262cb51a23f11b8433c83f84caf46751108911cd6fe52029

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
figure.86e592ee.webp
ks6x0.fn3ib3.com/img/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/figure.86e592ee.webp
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
b475a484f3239a7e56e5c7168611ff05d182232903c5ee6a7147a2b4d3dfcd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:52:03 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
46455
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
297508
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-48a24"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
e8CK1IWJGvuoweYb0B14SaJlq4M2zgopZ4UwKIkMUzfrmbTKpOHQHA==
logoText.38b420ec.png
ks6x0.fn3ib3.com/img/ 		344 KB
344 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/logoText.38b420ec.png
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
3de30f91e26319fb75815db0cd5c27a9a9db3e5a24aeada46add0179d9b14dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:52:03 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
46455
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
352241
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-55ff1"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
KKtej68urZl7ce_dxE0ReZ3FmZna7Dv3-t384iU_a9MTHWNPtVoS7w==
iosBtn.1b283c96.png
ks6x0.fn3ib3.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/iosBtn.1b283c96.png
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
39a7230b2cde1c4918e032e1dc34eac938a0560effafd8f747ba8614748d07e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:52:03 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
46455
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5995
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-176b"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
5cWlai1iMo9MPA63GoAmcl0s77GHJTGXwNByzLDHK4YOloyXzBLMrA==
androidBtn.e3171e36.png
ks6x0.fn3ib3.com/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/androidBtn.e3171e36.png
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
85c93677f0a5f39bbb809ec34263eef12f1b7ab1753bc21adcd657b2dff03519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:52:03 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
46455
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6650
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-19fa"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
uqMvTo-DGKdSdWsZPoaOEBU8puberxg1Hc7sMWYROBufp1pwrWYuMg==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d7bbf90f3896579bfc635400352380f66d6adf3d699e345632a7dc880b888db

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
bottomTip.d0a7f8bb.png
ks6x0.fn3ib3.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks6x0.fn3ib3.com/img/bottomTip.d0a7f8bb.png
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:23d2:1400:d:d87e:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
e99506348cea954c8b77914b1b4d1e4f9f17a1e06134a5dc6c23077250795de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ks6x0.fn3ib3.com/css/app.3f18d39e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 12:52:03 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
SIN52-P1
age
46455
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15141
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Dec 2023 10:42:26 GMT
server
openresty/1.19.9.1
etag
"658bff92-3b25"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
eTXhyAwcYqZNgA-2hW-LB1r4Ul80ErEe_z_sUWarEfBm76pckFiKqQ==
nuS0EDXSczKgf3Xh
d18j9fv1sdbxnx.cloudfront.net/plm/okn/ijb/ 		384 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d18j9fv1sdbxnx.cloudfront.net/plm/okn/ijb/nuS0EDXSczKgf3Xh
Requested by
Host: ks6x0.fn3ib3.com
URL: https://ks6x0.fn3ib3.com/js/chunk-vendors.159edaa4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a800:17:cadb:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5d205e22148c0442a29969c5b67aeb17309d73c7965698562d539ca5695a82e6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
application/json, text/plain, */*
Referer
https://ks6x0.fn3ib3.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 28 Dec 2023 01:46:18 GMT
via
1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
SIN2-P2
x-frame-options
sameorigin
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition,Refresh-Authorization,Cur-Ver
alt-svc
h3=":443"; ma=86400
content-length
384
x-amz-cf-id
5eTIBQC0Dr05g-J_GPu5B3TFd6-PmfcV3ip5tRHTnJDTDGSh4Naw4A==
x-request-id
ce60f5d6-4621-4c5c-9e60-1446d1c243ab
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1162da1eda74978000c87d5f29ddf32958a858b5f69ffb23ca0973a9cb3c2ff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonp object| lib number| rem number| dpr function| Hammer object| regeneratorRuntime object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-165940626-2 object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.fn3ib3.com/ Name: _ga
Value: GA1.2.447775129.1703727979
.fn3ib3.com/ Name: _gid
Value: GA1.2.930740493.1703727979

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9jzkd.com
cdn.staticfile.org
d18j9fv1sdbxnx.cloudfront.net
hls98.com
ks6x0.fn3ib3.com
www.google-analytics.com
156.225.96.77
2404:6800:4003:c1c::8a
2600:9000:223b:a800:17:cadb:b40:21
2600:9000:229f:9a00:0:5350:cb80:93a1
2600:9000:23d2:1400:d:d87e:2240:93a1
2606:4700:3037::ac43:9952
0d759730300e8959ec4965c5a2385939de1e0fff0d063111ccc41b1d3f719415
20489481ab8a048c262cb51a23f11b8433c83f84caf46751108911cd6fe52029
207205d2166f7bdb2334087a92c97224d89a25249912c1620233391f706bed66
2bf05ff28ab8084d1c6bf9fa28c27e1454cd1625b1f328b4b11362cf0559552e
2c4f2b8e3edfbdaab2bae4f717f8c8a85e9d8aff84c6b11c09779afe953a6176
39a7230b2cde1c4918e032e1dc34eac938a0560effafd8f747ba8614748d07e3
3de30f91e26319fb75815db0cd5c27a9a9db3e5a24aeada46add0179d9b14dd6
41e4fdafbacab988a3f0823028a7f859fe2bef2ec934c501611f33c81496c579
5909d102b94ad9f9d831773ab5a5fbb8fef67a47133c2a3060661160aacb9efd
5d205e22148c0442a29969c5b67aeb17309d73c7965698562d539ca5695a82e6
85c93677f0a5f39bbb809ec34263eef12f1b7ab1753bc21adcd657b2dff03519
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9025ac57ec64cbd741615cad9c77814b822f77a8ef0d4aef904c30db5ca082f9
9d7bbf90f3896579bfc635400352380f66d6adf3d699e345632a7dc880b888db
a331a2a5cd653b3e23b9965397c010bca0789b1aa169ec829e4f407cdf26713e
b475a484f3239a7e56e5c7168611ff05d182232903c5ee6a7147a2b4d3dfcd59
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e99506348cea954c8b77914b1b4d1e4f9f17a1e06134a5dc6c23077250795de0
f1162da1eda74978000c87d5f29ddf32958a858b5f69ffb23ca0973a9cb3c2ff
f900ffa5db09d134fc887f8ce3edca12524acb95ed6c80e2b6df48b30d500796