rg.ksvxcf.fun Open in urlscan Pro
20.239.184.226  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rg.ksvxcf.fun/	7 KB 3 KB	632ms 220ms	Document text/html	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash 5dedcc30b0e9ac77657c4b54cad1f1aa229c796d83d042f701a4cc7f250dcdf8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=utf-8 date Sat, 04 Jun 2022 06:12:50 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server WAF/2.4-12.1 vary Accept-Encoding x-cache-status MISS
GET H2	200	jquery.js Show response rg.ksvxcf.fun/	98 KB 37 KB	200ms 199ms	Script application/javascript	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rg.ksvxcf.fun/jquery.js Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash 9d7881797dc5883ed010c012c6229f26dea9d243816092d1a685748688352114 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:50 GMT content-encoding gzip last-modified Fri, 28 Jan 2022 03:09:45 GMT server WAF/2.4-12.1 etag W/"61f35e79-1872c" x-cache-status MISS vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Sat, 04 Jun 2022 18:12:50 GMT
GET H2	200	layer.js Show response rg.ksvxcf.fun/	26 KB 9 KB	386ms 386ms	Script application/javascript	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rg.ksvxcf.fun/layer.js Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash 709f00353be5e469b793529f7935b7b4f7c7b93b3c4d75840a98e171db9bc392 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:50 GMT content-encoding gzip last-modified Fri, 28 Jan 2022 03:09:45 GMT server WAF/2.4-12.1 etag W/"61f35e79-66b8" x-cache-status MISS vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Sat, 04 Jun 2022 18:12:50 GMT
GET H2	200	go.png rg.ksvxcf.fun/	47 KB 44 KB	206ms 206ms	Image image/png	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rg.ksvxcf.fun/go.png Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash fb507b88fbe151d13243c114a3f91b1af650683f44ee49de089438b4aeab54ec Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:50 GMT content-encoding gzip last-modified Wed, 31 Mar 2021 10:00:05 GMT server WAF/2.4-12.1 etag W/"60644825-bb31" x-cache-status MISS vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Mon, 04 Jul 2022 06:12:50 GMT
GET H2	200	determine.png rg.ksvxcf.fun/	16 KB 16 KB	203ms 203ms	Image image/png	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rg.ksvxcf.fun/determine.png Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash dd91230cafe15181386d399c48f5bca4a700beedc85645f3b0b5553b6b8b3190 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:50 GMT content-encoding gzip last-modified Wed, 31 Mar 2021 08:32:30 GMT server WAF/2.4-12.1 etag W/"6064339e-41ac" x-cache-status MISS vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Mon, 04 Jul 2022 06:12:50 GMT
GET H2	200	donw.png rg.ksvxcf.fun/	5 KB 5 KB	1403ms 1403ms	Image image/png	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rg.ksvxcf.fun/donw.png Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash 35fb9e26174a96da995b41a1eba2a5ca564864a1c1c3a6c381263dc603bd5685 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:51 GMT content-encoding gzip last-modified Wed, 31 Mar 2021 14:13:59 GMT server WAF/2.4-12.1 etag W/"606483a7-12f1" x-cache-status MISS vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Mon, 04 Jul 2022 06:12:51 GMT
GET H2	200	f291a6e74cee7021.js Show response zzfzzx.xyz/js/	7 KB 3 KB	347ms 288ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zzfzzx.xyz/js/f291a6e74cee7021.js Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e25fe912d75659c6779108d210d8eff69c10d01c3a4f16491336c8a54a01e2f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:51 GMT content-encoding br vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 19 Feb 2022 08:28:47 GMT server cloudflare etag W/"6210aa3f-1abd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3fZNcQ%2B6ig0yGWq6mgdI2qhJsRokyLaZXDowhoZIlAu8DjTDuy3Jvna7dfxra8%2F8Lh5FLjK%2F6L6X4hMgE6hwz06FoeutqI4fkv5YMqCl7OyJ9LoZ6teyiN4i25d4PXTct1jpjxnsCR8"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 715e84e94a2283b2-MXP
GET H2	200	layer.css rg.ksvxcf.fun/theme/default/	14 KB 3 KB	194ms 194ms	Stylesheet text/css	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rg.ksvxcf.fun/theme/default/layer.css?v=3.1.1 Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/layer.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:50 GMT content-encoding gzip last-modified Tue, 05 Dec 2017 03:57:26 GMT server WAF/2.4-12.1 etag W/"5a261926-381f" x-cache-status MISS vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Sat, 04 Jun 2022 18:12:50 GMT
GET H2	200	kehu.png rg.ksvxcf.fun/	189 KB 189 KB	385ms 385ms	Image image/png	20.239.184.226 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rg.ksvxcf.fun/kehu.png?v=2 Requested by Host: rg.ksvxcf.fun URL: https://rg.ksvxcf.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.239.184.226 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software WAF/2.4-12.1 / Resource Hash 131142e4959b53ce2a54f04f60457dd3a495a5b00b2f797273679e4290cfc102 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:50 GMT content-encoding gzip last-modified Wed, 31 Mar 2021 14:12:31 GMT server WAF/2.4-12.1 etag W/"6064834f-2f4fc" x-cache-status MISS vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Mon, 04 Jul 2022 06:12:50 GMT
GET H3	200	1.js Show response zzfzzx.xyz/js/	31 KB 13 KB	323ms 292ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zzfzzx.xyz/js/1.js Requested by Host: zzfzzx.xyz URL: https://zzfzzx.xyz/js/f291a6e74cee7021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7bf85941c82a913e2c8a907ae2e162d8cc8d705fd32992f939ed89163f33db9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://rg.ksvxcf.fun/ Origin https://rg.ksvxcf.fun accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 04 Jun 2022 06:12:51 GMT content-encoding br vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 12 Jan 2022 03:24:04 GMT server cloudflare etag W/"61de49d4-7ada" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFveA48Ly2yqcZAuaDpKNpDuKrPe6h%2BztRsGYe%2FFbQbeADCWJdw6TQPJC3Qs2YwN7al0PAbERnA%2B7dfZi1uLNSY9FuwqIGnLGuWFFsgbwJrxXTgSl8XvvQ2Q2bSzlDO98NU7HEXOfgYF"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin https://rg.ksvxcf.fun cache-control max-age=14400 cf-ray 715e84eb4cc483a9-MXP
GET H/1.1	202 Accepted	/ Show response api.ip138.com/ip/	55 B 223 B	89ms 7ms	Script application/json	162.62.53.230 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://api.ip138.com/ip/?ip=&oid=53842&mid=113439&token=84dfb3c766f9a8aec1a1582b9f24965b&callback=jsonp_1654323171049 Requested by Host: zzfzzx.xyz URL: https://zzfzzx.xyz/js/f291a6e74cee7021.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.62.53.230 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash d029ed8390e68929739397fad217aceb8c1421871f5dbe903f387d1f5a079cb1 Request headers accept-language de-DE,de;q=0.9 Referer https://rg.ksvxcf.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 04 Jun 2022 06:12:51 GMT Server nginx Connection keep-alive Content-Length 55 Content-Type application/json; charset=utf-8

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| e object| t function| $ function| jQuery object| layer function| isIOS function| ajax function| getReferer object| jsonp_1654323171049 string| visitorId

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rg.ksvxcf.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: 534d7j8rvoetic8urai3869mg4
			rg.ksvxcf.fun/	1970-01-20 03:32:06	Name: think_var Value: de-de

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ip138.com
rg.ksvxcf.fun
zzfzzx.xyz
162.62.53.230
20.239.184.226
2a06:98c1:3120::3
131142e4959b53ce2a54f04f60457dd3a495a5b00b2f797273679e4290cfc102
35fb9e26174a96da995b41a1eba2a5ca564864a1c1c3a6c381263dc603bd5685
3e25fe912d75659c6779108d210d8eff69c10d01c3a4f16491336c8a54a01e2f
5dedcc30b0e9ac77657c4b54cad1f1aa229c796d83d042f701a4cc7f250dcdf8
709f00353be5e469b793529f7935b7b4f7c7b93b3c4d75840a98e171db9bc392
9d7881797dc5883ed010c012c6229f26dea9d243816092d1a685748688352114
d029ed8390e68929739397fad217aceb8c1421871f5dbe903f387d1f5a079cb1
dd91230cafe15181386d399c48f5bca4a700beedc85645f3b0b5553b6b8b3190
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
f7bf85941c82a913e2c8a907ae2e162d8cc8d705fd32992f939ed89163f33db9
fb507b88fbe151d13243c114a3f91b1af650683f44ee49de089438b4aeab54ec