ksw333.app Open in urlscan Pro
118.107.47.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dz135.cc/
Effective URL:
https://ksw333.app/?channel=88899966
Submission: On December 11 via api (December 11th 2024, 6:57:06 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 118.107.47.99, located in Singapore and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is ksw333.app.
TLS certificate: Issued by R10 on October 5th 2024. Valid for: 3 months.

This is the only time ksw333.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.19.201.21 154.19.201.21	140224 (NEBULA) (NEBULA)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3035::6815:8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	118.107.47.99 118.107.47.99	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
1	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	5

1 154.19.201.21 (Hong Kong, Hong Kong) 1 redirects

ASN140224 (NEBULA, US)

dz135.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ac726.evancom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:8e (United States)

ASN13335 (CLOUDFLARENET, US)

261c42054f2818146b0660f4333ad428.866gusy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)

717afea33e52bb05ab3a56bc6532cc38.klliu8q.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 118.107.47.99 (Singapore)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

ksw333.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ksw333.app ksw333.app	11 KB
3	klliu8q.com 717afea33e52bb05ab3a56bc6532cc38.klliu8q.com	4 KB
3	866gusy.com 261c42054f2818146b0660f4333ad428.866gusy.com	4 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 740	16 KB
1	evancom.net 1 redirects ac726.evancom.net	722 B
1	dz135.cc 1 redirects dz135.cc	211 B
0	handjob.tw Failed analytics-yz001.handjob.tw Failed
21	7

	Domain	Requested by
4	ksw333.app	717afea33e52bb05ab3a56bc6532cc38.klliu8q.com ksw333.app
3	717afea33e52bb05ab3a56bc6532cc38.klliu8q.com	261c42054f2818146b0660f4333ad428.866gusy.com 717afea33e52bb05ab3a56bc6532cc38.klliu8q.com
3	261c42054f2818146b0660f4333ad428.866gusy.com	261c42054f2818146b0660f4333ad428.866gusy.com
1	unpkg.com	ksw333.app
1	ac726.evancom.net	1 redirects
1	dz135.cc	1 redirects
0	analytics-yz001.handjob.tw Failed	ksw333.app
21	7

This site contains no links.

Subject Issuer	Validity	Valid
866gusy.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
klliu8q.com WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
ksw3.app R10	`2024-10-05` - `2025-01-03`	3 months	crt.sh
unpkg.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ksw333.app/?channel=88899966
Frame ID: E02B8AF56221EC3891F067F1D41836C2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://dz135.cc/ HTTP 302
http://ac726.evancom.net/dj90a HTTP 307
https://ac726.evancom.net/dj90a HTTP 302
https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6 Page URL
http://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0 HTTP 307
https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0 Page URL
https://ksw333.app/?channel=88899966 Page URL

Page Statistics

21
Requests

52 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

35 kB
Transfer

115 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dz135.cc/ HTTP 302
http://ac726.evancom.net/dj90a HTTP 307
https://ac726.evancom.net/dj90a HTTP 302
https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6 Page URL
http://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0 HTTP 307
https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0 Page URL
https://ksw333.app/?channel=88899966 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://dz135.cc/ HTTP 302
http://ac726.evancom.net/dj90a HTTP 307
https://ac726.evancom.net/dj90a HTTP 302
https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6

Request Chain 3

http://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0 HTTP 307
https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

f5d46388a0cc3798b12b1d84b3547bf6 Show response
261c42054f2818146b0660f4333ad428.866gusy.com/
Redirect Chain

https://dz135.cc/
http://ac726.evancom.net/dj90a
https://ac726.evancom.net/dj90a
https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6

2 KB
2 KB

510ms
467ms

Document
text/html

2606:4700:3035::6815:8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5ee4eabb88e59a6ee7c3b164959710e456ba68f71c80a5b4a8191dcd925259ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f07b274cf2edc80-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 18:56:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCSSBGx9uvJIprOQjfu81GisTpooyyhFo7UsGrg7wYhyjbK3%2B4rhaSYopclBW6nKcr7zwiAg8YOEOwDLrvZnmYgypiIU6cA2OdEdVb6Ir1wNDD9EFdX8gBn4uQbMEHR5BJjtTCy8UIAP84QICUIkLwWL3rMNkgjW1Ph%2BgINpsba%2FNzVZBHcSuDOjHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5980&min_rtt=5926&rtt_var=1018&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3978&recv_bytes=2360&delivery_rate=659166&cwnd=253&unsent_bytes=0&cid=46363e34f7634e94&ts=472&x=0"
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f07b271ad714d86-FRA
content-type: text/html
date: Wed, 11 Dec 2024 18:56:51 GMT
location: https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuKzGHOhIOm6ywl%2FAe56MSqTijdEHA3PiuBfhIUnYgcHYTUl8fFueTpKn4cH4v3y2daQ%2Bqe7HBYdNuAV7k8WOZrFmThYSxhg%2Bgr8oYrZVX%2B4JbeCseQmieRxUdd6f64NIkhoFG8UpASGBTIZt2Q3tA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=10824&min_rtt=7212&rtt_var=7778&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4184&recv_bytes=4482&delivery_rate=890&cwnd=12000&unsent_bytes=0&cid=7fb563209e82fb0b&ts=462&x=1" cfExtPri cfHdrFlush;dur=0

GET
H2 200 style.css
261c42054f2818146b0660f4333ad428.866gusy.com/ 5 B
552 B 458ms
458ms Stylesheet
text/html 2606:4700:3035::6815:8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://261c42054f2818146b0660f4333ad428.866gusy.com/style.css
Requested by: Host: 261c42054f2818146b0660f4333ad428.866gusy.com
URL: https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: cd863b9962b078502b714c99c17541079329ff04957c11956143a5a5c0cef952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6

Response headers

content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCUQPTx7vSFi4sWV7sHHNtj3zWbDuM%2BUYnP%2BNsofJOjNTWX1xfOTjpEPmhTGmf%2B54%2BFpQWF2X4ZLR9rzF8oVY6%2FvqX5zBWcA%2BXWz84LPT2NLn3YlENAXF6ca0Vyv2ArxHXkxbjCSo3JpK%2FNgx53AA9f52Uiiy3BCrrPXNM6jsapsyKSXyhDAy0oL2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8548&min_rtt=5926&rtt_var=5698&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5657&recv_bytes=2522&delivery_rate=659166&cwnd=256&unsent_bytes=0&cid=46363e34f7634e94&ts=949&x=0"
date: Wed, 11 Dec 2024 18:56:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 18:56:52 GMT
access-control-allow-headers: X-Requested-With,Content-Type
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f07b277d9f9dc80-FRA
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

GET
H3 200 favicon.ico
261c42054f2818146b0660f4333ad428.866gusy.com/ 1 KB
2 KB 465ms
465ms Other
text/html 2606:4700:3035::6815:8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://261c42054f2818146b0660f4333ad428.866gusy.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 0566dc21d3c0d4d900cdf3f546a8f0f621a01b9ddac6012002e279309b909f22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNfuCW6pEZM81LQGMJ1AOKnMdQaVPze0LNOCIcpHZkIUch9QKgFp6lbHfZE6syqOifNhMJPxPZFBvxt3a1Z8kOzwnBGmoNfrEh3RxmjipCctAvt3Zks3qoKg9nNJIKBovBhGHgY4vhpfTOp%2BtNkCdaY7WF8bMg%2FFFvjz%2F4Qqi4jlQgVXF4jyqgU4iA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6598&min_rtt=6441&rtt_var=1198&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4277&recv_bytes=5683&delivery_rate=880&cwnd=12000&unsent_bytes=0&cid=f7fd68bd69821049&ts=922&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 18:56:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: X-Requested-With,Content-Type
last-modified: Wed, 11 Dec 2024 18:56:53 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f07b27abab937d2-FRA
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

GET
H2

200

f9361238bad7c29ac54e305e8b8663e0 Show response
717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/
Redirect Chain

http://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0
https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0

1 KB
2 KB

505ms
461ms

Document
text/html

2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0
Requested by: Host: 261c42054f2818146b0660f4333ad428.866gusy.com
URL: https://261c42054f2818146b0660f4333ad428.866gusy.com/f5d46388a0cc3798b12b1d84b3547bf6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b3bc39f8cff7a4a2c1be06964db9a6b4a959bfb48e2586cd29e6d6e424b10e1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f07b27f3ad818db-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 18:56:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFXiY%2FwXEbDCpWc0wSJXFBcrNPGrHjmKewiN6uUkbpSso22liltAtU82euxhsmSj5LuEXENSIww%2Ff3pDm2x4kunCrbQVZ6RcyUOnlS4PgQ9l%2FknsTCisLGVM89jlSCAWsgEhDoYNd3sCYbqK8%2B4HtfnqYuO37QlQlkJcGiqGoc7aoBX4z2%2BVWJy63Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5843&min_rtt=5789&rtt_var=955&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3976&recv_bytes=2349&delivery_rate=676056&cwnd=253&unsent_bytes=0&cid=f29dd3e6232f611e&ts=467&x=0"
x-powered-by: PHP/7.4.33

Redirect headers

Location: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/ 5 B
546 B 468ms
467ms Stylesheet
text/html 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/style.css
Requested by: Host: 717afea33e52bb05ab3a56bc6532cc38.klliu8q.com
URL: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: cd863b9962b078502b714c99c17541079329ff04957c11956143a5a5c0cef952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYkrDK3uwEcrC6XdBBYbmjwTrko%2F0Hna47V3df17CmnowBbdwQG1WAOAvCZAPh8Wb%2Fq12%2Bhwg9nCkePVCEs91mA%2F%2BCYrPhUDWvXFpzXcRxY89HRSscdcou%2BHw8VB57In6Gytl92COsonzQSzEI9ykHASK4KXzw96TvXFYxIueW52aWothhHhuMzTZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11002&min_rtt=5769&rtt_var=10853&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5619&recv_bytes=2511&delivery_rate=676056&cwnd=256&unsent_bytes=0&cid=f29dd3e6232f611e&ts=1078&x=0"
date: Wed, 11 Dec 2024 18:56:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 18:56:54 GMT
access-control-allow-headers: X-Requested-With,Content-Type
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f07b2830f7918db-FRA
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

GET
H3 200 favicon.ico
717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/ 1 KB
2 KB 466ms
465ms Other
text/html 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: dce6cdcd4743364174c7831c51e2ffe0f546965805d2da71d35de08a9973dccd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0

Response headers

content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMaBk%2FcXBWFRaxmewHW06jvIIzwodpNE%2By0T5nm4vjKStu23OJKzVFfiB1yasXSQ7mpzSR2SeIImOTXCJISYM%2BVwvE4yHKFdzoWikKieIVMt77ZtgskWFErE6TcA9R6%2BY0WJatDA4G9tQJPUClaGpyr1kFb645ITKjhfX6VU2vUXzF73oyt85ri85w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6508&min_rtt=6154&rtt_var=1541&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4277&recv_bytes=4503&delivery_rate=898&cwnd=12000&unsent_bytes=0&cid=82e1cd8d6a78a96a&ts=933&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 18:56:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: X-Requested-With,Content-Type
last-modified: Wed, 11 Dec 2024 18:56:55 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f07b2860b08dcbe-FRA
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

GET
H2 200 Primary Request / Show response
ksw333.app/ 25 KB
7 KB 768ms
198ms Document
text/html 118.107.47.99
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ksw333.app/?channel=88899966
Requested by: Host: 717afea33e52bb05ab3a56bc6532cc38.klliu8q.com
URL: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/f9361238bad7c29ac54e305e8b8663e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 118.107.47.99 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 70f139d1207a617bc30fc72bfc1a3206fe1816cb6fc48250228de922b8289409

Request headers

Referer: https://717afea33e52bb05ab3a56bc6532cc38.klliu8q.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 11 Dec 2024 18:56:56 GMT
etag: W/"67569031-6268"
last-modified: Mon, 09 Dec 2024 06:37:37 GMT
server: nginx
x-cache: BYPASS

GET
H2 200 download_helper.css
ksw333.app/css/ 4 KB
4 KB 194ms
193ms Stylesheet
text/css 118.107.47.99
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ksw333.app/css/download_helper.css
Requested by: Host: ksw333.app
URL: https://ksw333.app/?channel=88899966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 118.107.47.99 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 2969618a22ce3ca59caedbbc826c7346e91c292806fca3f7c5124d2be82f5984

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ksw333.app/?channel=88899966

Response headers

etag: "6729fc69-f25"
accept-ranges: bytes
x-cache: HIT, policy, disk
content-length: 3877
date: Tue, 10 Dec 2024 10:20:33 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 10:20:33 GMT
server: nginx

GET
H2 200 swiper.min.css
ksw333.app/css/ 0
0 195ms
194ms Stylesheet
text/css 118.107.47.99
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ksw333.app/css/swiper.min.css
Requested by: Host: ksw333.app
URL: https://ksw333.app/?channel=88899966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 118.107.47.99 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ksw333.app/?channel=88899966

Response headers

etag: "6729fc69-4d44"
accept-ranges: bytes
x-cache: HIT, policy, disk
content-length: 19780
date: Tue, 10 Dec 2024 10:20:33 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 10:20:33 GMT
server: nginx

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.1.2/css/ 65 KB
16 KB 43ms
25ms Stylesheet
text/css 2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css

Requested by

Host: ksw333.app
URL: https://ksw333.app/?channel=88899966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ksw333.app/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1040b-st8SVFhWC0QWHIN1iDcT6zrpEwU"
age: 1012283
x-content-type-options: nosniff
date: Wed, 11 Dec 2024 18:56:56 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDXBX7KRT8XS3NP4NCZAZVPG-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8f07b28f3c84d2f3-FRA
access-control-allow-origin: *
server: cloudflare

GET index.php
analytics-yz001.handjob.tw/ 0
0

GET
H2 200 SHU_bg.png
ksw333.app/images/ 16 KB
0 195ms
194ms Image
image/png 118.107.47.99
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ksw333.app/images/SHU_bg.png
Requested by: Host: ksw333.app
URL: https://ksw333.app/?channel=88899966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 118.107.47.99 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ksw333.app/?channel=88899966

Response headers

etag: "6729fc69-1d15c"
accept-ranges: bytes
x-cache: HIT, policy, disk
content-length: 119132
date: Tue, 10 Dec 2024 10:20:33 GMT
content-type: image/png
last-modified: Tue, 10 Dec 2024 10:20:33 GMT
server: nginx

GET worldCup7.png
ksw333.app/images/ 0
0

GET anniu1.png
ksw333.app/images/ 0
0

GET anniu4.png
ksw333.app/images/ 0
0

GET btn_live.png
ksw333.app/images/ 0
0

GET anniu5.png
ksw333.app/images/ 0
0

GET AN_FUZHI.png
ksw333.app/images/ 0
0

GET jquery.min.js
ksw333.app/js/ 0
0

GET swiper.min.js
ksw333.app/js/ 0
0

GET download_helper.js
ksw333.app/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics-yz001.handjob.tw
URL: https://analytics-yz001.handjob.tw/index.php?a=v

Domain: ksw333.app
URL: https://ksw333.app/images/worldCup7.png

Domain: ksw333.app
URL: https://ksw333.app/images/anniu1.png

Domain: ksw333.app
URL: https://ksw333.app/images/anniu4.png

Domain: ksw333.app
URL: https://ksw333.app/images/btn_live.png

Domain: ksw333.app
URL: https://ksw333.app/images/anniu5.png

Domain: ksw333.app
URL: https://ksw333.app/images/AN_FUZHI.png

Domain: ksw333.app
URL: https://ksw333.app/js/jquery.min.js

Domain: ksw333.app
URL: https://ksw333.app/js/swiper.min.js

Domain: ksw333.app
URL: https://ksw333.app/js/download_helper.js?v=4

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

261c42054f2818146b0660f4333ad428.866gusy.com
717afea33e52bb05ab3a56bc6532cc38.klliu8q.com
ac726.evancom.net
analytics-yz001.handjob.tw
dz135.cc
ksw333.app
unpkg.com
analytics-yz001.handjob.tw
ksw333.app
118.107.47.99
154.19.201.21
2606:4700:3035::6815:8e
2606:4700::6811:f6cb
2a06:98c1:3120::3
2a06:98c1:3121::9
0566dc21d3c0d4d900cdf3f546a8f0f621a01b9ddac6012002e279309b909f22
2969618a22ce3ca59caedbbc826c7346e91c292806fca3f7c5124d2be82f5984
5ee4eabb88e59a6ee7c3b164959710e456ba68f71c80a5b4a8191dcd925259ea
70f139d1207a617bc30fc72bfc1a3206fe1816cb6fc48250228de922b8289409
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
b3bc39f8cff7a4a2c1be06964db9a6b4a959bfb48e2586cd29e6d6e424b10e1d
cd863b9962b078502b714c99c17541079329ff04957c11956143a5a5c0cef952
dce6cdcd4743364174c7831c51e2ffe0f546965805d2da71d35de08a9973dccd

ksw333.app Open in urlscan Pro 118.107.47.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

21 Requests

52 %HTTPS

67 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

35 kBTransfer

115 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

ksw333.app Open in urlscan Pro
118.107.47.99 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

52 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

35 kB
Transfer

115 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions