urlscan.io logo urlscan.io
SecurityTrails logo

knibzg.17shipin1.vip Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.4vtv.com/
Effective URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Submission: On June 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 6 domains to perform 20 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is knibzg.17shipin1.vip.
TLS certificate: Issued by E1 on May 20th 2024. Valid for: 3 months.
This is the only time knibzg.17shipin1.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 143.92.61.181 152194 (CTGSERVER...)
1 163.181.92.250 24429 (TAOBAO Zh...)
1 163.181.56.244 24429 (TAOBAO Zh...)
9 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.39.128.117 16276 (OVH)
2 2001:4860:480... 15169 (GOOGLE)
20 9
2    143.92.61.181 (Hong Kong, Hong Kong)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
www.4vtv.com
1    163.181.92.250 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sdk.51.la
1    163.181.56.244 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
collect-v6.51.la
9    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
knibzg.17shipin1.vip
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6814:1347 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net
s4.histats.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 17shipin1.vip
knibzg.17shipin1.vip
188 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
312 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 13913
s4.histats.com — Cisco Umbrella Rank: 13947
5 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 76214
collect-v6.51.la — Cisco Umbrella Rank: 62126 Failed
14 KB
2 4vtv.com
www.4vtv.com
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
20 6
Domain Requested by
9 knibzg.17shipin1.vip www.4vtv.com
knibzg.17shipin1.vip
2 region1.google-analytics.com www.googletagmanager.com
2 www.4vtv.com
1 s4.histats.com s10.histats.com
1 s10.histats.com knibzg.17shipin1.vip
1 www.googletagmanager.com knibzg.17shipin1.vip
1 collect-v6.51.la sdk.51.la
1 sdk.51.la www.4vtv.com
20 8
Subject Issuer Validity Valid
www.4vtv.com
R3		 2024-06-01 -
2024-08-30		 3 months crt.sh
*.51.la
GlobalSign RSA OV SSL CA 2018		 2024-03-19 -
2025-04-20		 a year crt.sh
17shipin1.vip
E1		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
s10.histats.com
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Frame ID: 07BE9CB7BE1CE80BB2861D7DBD6BD0C6
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

17吃瓜

Page URL History Show full URLs

  1. https://www.4vtv.com/ Page URL
  2. https://knibzg.17shipin1.vip/?refer=xyz7777777abc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

90 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

9
IPs

5
Countries

310 kB
Transfer

811 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.4vtv.com/ Page URL
  2. https://knibzg.17shipin1.vip/?refer=xyz7777777abc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.4vtv.com/ 		1 KB
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.4vtv.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.61.181 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
9af7828298ceaa324de8f275c987e7aab3c4fc02bc1d9caddffe089efa7675de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 01 Jun 2024 09:56:16 GMT
etag
W/"665ab497-558"
last-modified
Sat, 01 Jun 2024 05:41:43 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: www.4vtv.com
URL: https://www.4vtv.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.250 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.4vtv.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 19:36:19 GMT
via
cache15.l2de2[1178,908,304-0,C], cache21.l2de2[910,0], ens-cache1.de5[0,0,200-0,H], ens-cache1.de5[0,0]
content-encoding
gzip
x-oss-request-id
6650EC338A8E40393022C8B7
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
656398
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth
success
x-swift-savetime
Fri, 24 May 2024 19:36:19 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1716579379
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
a3b55c9517172357774026428e
x-oss-server-time
2
collect
collect-v6.51.la/v6/ 		0
0
collect
collect-v6.51.la/v6/ 		0
0
collect
collect-v6.51.la/v6/ 		0
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.244 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.4vtv.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 09:56:18 GMT
Via
cache21.l2de2[188,188,200-0,M], cache21.l2de2[189,0], ens-cache1.de4[193,193,200-0,M], ens-cache1.de4[208,0]
Server
Tengine
X-Swift-CacheTime
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime
1717235778
X-Cache
MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Origin
https://www.4vtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Swift-SaveTime
Sat, 01 Jun 2024 09:56:18 GMT
Timing-Allow-Origin
*
Content-Length
0
EagleId
2ff62b1917172357779141210e
favicon.ico
www.4vtv.com/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.4vtv.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.61.181 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.4vtv.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:17 GMT
server
nginx
content-length
548
content-type
text/html
Primary Request /
knibzg.17shipin1.vip/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Requested by
Host: www.4vtv.com
URL: https://www.4vtv.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
98c1dde7cd1dd3d582ede8d903b0623b8c6d18ecf9b7b71da52b9e44116324be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.4vtv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88ce553c4cfc9b7a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 01 Jun 2024 09:56:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTP4Cs13WtGvb%2FvBFzDtZi3N37sVGbNkuvPoOOOn5WL9pRwDeIpq0Pj2e4i9lGxOcDgjnJznu6lwA3QJBRKjxead%2FHZqq1DY97%2FkvwZ61i3ZxbIljhsaK2QYa2vnVx00xYuVkwe9Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-powered-by
PHP/8.0.28
js
knibzg.17shipin1.vip/res/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/res/js
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.28
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhG4GGPs6QkERT9NEfVdBOl8wTdmvM1h4x1XZOS1Z06AeSxWIryjVxUP%2FGmK4zclG%2FQpXxC2E3VvvxZfWgflS7uLWjOOnDXO0PMUn%2BsK%2BcgPWsLIcLnKD4xT%2FlF7Iwvb8MlQkUYJqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
88ce553e9f6c9b7a-FRA
alt-svc
h3=":443"; ma=86400
8d34s4j.css
knibzg.17shipin1.vip/res/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/res/8d34s4j.css
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c308e00575486c29d8ba33256ae797e879620b22a507c118ced2857f50e7bb6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 13:52:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29825
etag
W/"65fd8d07-605"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVWNp9LVpR0eJXf9BIEzBNp1k8HWGMired%2BRPfrGcckQ6SGCYmqOmIcCynu31QMawjxGC9uEIxUPdpeKegRke7Xl57dCe7Uq8Z5UXIuZ6SAE51PDM7wcohwovgHMWFOXgHxW6LCaLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
88ce553e9f729b7a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 13:39:13 GMT
jquery.min.js
knibzg.17shipin1.vip/res/ 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/res/jquery.min.js
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 13:52:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29825
etag
W/"65fd8d08-14979"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Qy4%2BwFcB0bhBExiJXnh38OK%2BL69TJPaQUpDSLhW9K7BZo0ylUaHOhgjMqC7kFrZoH4DQ8nXbHsOgHLwazsJfU6R1Jd0l%2BRV5PTH4xf5o%2Baw4VVV3dviZ8KV5bTlj1LFac3bh9VPvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88ce553e9f749b7a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 13:39:13 GMT
crypto-js.js
knibzg.17shipin1.vip/res/ 		205 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/res/crypto-js.js
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017313964240414cb29ad82c6001c0f2a8b76a298c3ec857aef7ae5672c414dc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 13:52:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29825
etag
W/"65fd8d07-33436"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjWJDe7SspCws%2B2M14cf1%2FbOMa6Ws09dDTgVm9wfPy%2B9MxvSeF%2F2mQE77M76FB9ZiTDdhy7CuZQgCSsFFQO6y8uukK3oM4ApPuvdqNp%2FBEwdYtfIPJoXX4yviTdG45%2FmTOpzXIIrlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88ce553e9f769b7a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 13:39:13 GMT
transit.js
knibzg.17shipin1.vip/res/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/res/transit.js
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e31e0f6ba28a7b08a04f1dbdd6dcd4e4263adb2a5fb9ad48d7279944c40e3d5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 13:52:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29825
etag
W/"65fd8d08-cae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9W%2BmkLhyLCQr1wd2ZaYMs2ccvCtNVF8sy9Fyt%2FlG5H1UbTpiT9UKdMcmS36q%2FVFoqS4oR6HoyHDl7gAzs2fkkS%2F4Yan3vAUbIjodynaHNzET6S4pCAd4czwFGv6xhi0%2BNHs50fiL%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88ce553e9f779b7a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 13:39:13 GMT
banner.png
knibzg.17shipin1.vip/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://knibzg.17shipin1.vip/banner.png
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98df2a51c884d81b8fe1bc1deede6f74d88aa95cadf0b3ccbb0847fd9ab3b564

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52603
alt-svc
h3=":443"; ma=86400
content-length
57840
last-modified
Sun, 24 Mar 2024 12:13:28 GMT
server
cloudflare
etag
"660018e8-e1f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wT4vLBYFMEC7ZDI6fCB6UR1tqDyv9eUr8iRYFEhbS%2Ft%2B18qenvKbh6tfa10t6dlqoNzA8pQbIzWncDBj306WvJ75bODaHgjlsTc7kjEDPVWt1NZIvOTs6zFpo%2BHgKnqFrlZxQctH6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
88ce553e9f799b7a-FRA
expires
Sun, 30 Jun 2024 19:19:34 GMT
gmailgetaddr.png
knibzg.17shipin1.vip/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://knibzg.17shipin1.vip/gmailgetaddr.png
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
586e80b7f29306d4f974f80d8bdb99f915afe4f8f37ec4fe1e24a1b67184e611

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52603
alt-svc
h3=":443"; ma=86400
content-length
21953
last-modified
Sun, 24 Mar 2024 12:20:19 GMT
server
cloudflare
etag
"66001a83-55c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWmXz3EFB8jlKYPW1Ex1A%2FZTz6E%2FhEmFZxD4OHHKc4Fg%2BtEvn2z2A1el%2FhqxcLozM2lHIkDByKHtx63hBwaqqO7%2FROAnzVIiwaSWWLlIDrP5eXQa8wRD7husEk6ZKYkaPt9GNqMlhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
88ce553e9f7b9b7a-FRA
expires
Sun, 30 Jun 2024 19:19:35 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B2GQ33NQ6H
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
931c748d3878658ca7b5c70440df2ab5787cd8d9c8b48a35ce0effe3be08b8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103634
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Jun 2024 09:56:18 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9d0ba5b190dfcce00a8b4b3f26d30c5f83aef03191941cd00cc0f6aa92c93a5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: knibzg.17shipin1.vip
URL: https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
50598
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
88ce553f29f08ffe-FRA
content-length
4547
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4860493&@f16&@g1&@h1&@i1&@j1717235778458&@k0&@l1&@m17%E5%90%83%E7%93%9C&@n0&@ohttps%3A%2F%2Fwww.4vtv.com%2F&@q0&@r0&@s0&@tde-DE&@u1600&@b1:-102856874&@b3:1717235778&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fknibzg.17shipin1.vip%2F%3Frefer%3Dxyz7777777abc&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561935.ip-54-39-128.net
Software
/
Resource Hash
2d27e226c25b8f3c13fcd2b001ed51806e4f8365738b64f589cad1b8ede6329a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 09:56:08 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B2GQ33NQ6H&gtm=45je45t0v9181121636za200&_p=1717235778382&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1733157892.1717235778&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717235778&sct=1&seg=0&dl=https%3A%2F%2Fknibzg.17shipin1.vip%2F%3Frefer%3Dxyz7777777abc&dr=https%3A%2F%2Fwww.4vtv.com%2F&dt=17%E5%90%83%E7%93%9C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=578
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B2GQ33NQ6H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 01 Jun 2024 09:56:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://knibzg.17shipin1.vip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
knibzg.17shipin1.vip/ 		80 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://knibzg.17shipin1.vip/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
6a3632c408f2f594353cdf7784554332db1a1559d3776c89b7f1dabb81237b66

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://knibzg.17shipin1.vip/?refer=xyz7777777abc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 09:56:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.28
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XrPVGG6VdOiyRkXvhqCyvbBxCWeZiVbhpvzJD8C1NhLtI09jZVQn%2FTgBtsbPsHnDeQhbYXo94%2FGvulT7zVL1xN9ndzE3JIOcgYg05hpOkVjm1YyKI%2B4Sa4ZmexIm6fsOqiglk3P5Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
88ce55415a9b9b7a-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B2GQ33NQ6H&gtm=45je45t0v9181121636za200&_p=1717235778382&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1733157892.1717235778&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717235778&sct=1&seg=0&dl=https%3A%2F%2Fknibzg.17shipin1.vip%2F%3Frefer%3Dxyz7777777abc&dr=https%3A%2F%2Fwww.4vtv.com%2F&dt=17%E5%90%83%E7%93%9C&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5586
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B2GQ33NQ6H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 01 Jun 2024 09:56:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://knibzg.17shipin1.vip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
collect-v6.51.la
URL
https://collect-v6.51.la/v6/collect?dt=4
Domain
collect-v6.51.la
URL
https://collect-v6.51.la/v6/collect?dt=4

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| CryptoJS function| decryptImage function| loadImg function| top_callback function| bottom_callback function| gtag object| dataLayer object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _HistatsCounterGraphics_0_setValues

14 Cookies

Domain/Path Name / Value
www.4vtv.com/ Name: __51uvsct__KDEPPEuUNFQrUU7S
Value: 1
www.4vtv.com/ Name: __51vcke__KDEPPEuUNFQrUU7S
Value: fe6c37f2-c799-5743-b47b-062e10fb1d68
www.4vtv.com/ Name: __51vuft__KDEPPEuUNFQrUU7S
Value: 1717235777423
www.4vtv.com/ Name: __vtins__KDEPPEuUNFQrUU7S
Value: %7B%22sid%22%3A%20%220c51f253-9d8b-5369-8883-0bab1e63030b%22%2C%20%22vd%22%3A%203%2C%20%22stt%22%3A%2016%2C%20%22dr%22%3A%208%2C%20%22expires%22%3A%201717237577436%2C%20%22ct%22%3A%201717235777436%7D
knibzg.17shipin1.vip/ Name: HstCfa4860493
Value: 1717235778458
knibzg.17shipin1.vip/ Name: HstCla4860493
Value: 1717235778458
knibzg.17shipin1.vip/ Name: HstCmu4860493
Value: 1717235778458
knibzg.17shipin1.vip/ Name: HstPn4860493
Value: 1
knibzg.17shipin1.vip/ Name: HstPt4860493
Value: 1
knibzg.17shipin1.vip/ Name: HstCnv4860493
Value: 1
knibzg.17shipin1.vip/ Name: HstCns4860493
Value: 1
knibzg.17shipin1.vip/ Name: c_ref_4860493
Value: https%3A%2F%2Fwww.4vtv.com%2F
.17shipin1.vip/ Name: _ga
Value: GA1.1.1733157892.1717235778
.17shipin1.vip/ Name: _ga_B2GQ33NQ6H
Value: GS1.1.1717235778.1.0.1717235778.0.0.0

3 Console Messages

Source Level URL
Text
network error URL: https://www.4vtv.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://knibzg.17shipin1.vip/res/js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://knibzg.17shipin1.vip/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
knibzg.17shipin1.vip
region1.google-analytics.com
s10.histats.com
s4.histats.com
sdk.51.la
www.4vtv.com
www.googletagmanager.com
collect-v6.51.la
143.92.61.181
163.181.56.244
163.181.92.250
188.114.97.3
2001:4860:4802:32::36
2606:4700:10::6814:1347
2a00:1450:4001:813::2008
54.39.128.117
017313964240414cb29ad82c6001c0f2a8b76a298c3ec857aef7ae5672c414dc
2c308e00575486c29d8ba33256ae797e879620b22a507c118ced2857f50e7bb6
2d27e226c25b8f3c13fcd2b001ed51806e4f8365738b64f589cad1b8ede6329a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
586e80b7f29306d4f974f80d8bdb99f915afe4f8f37ec4fe1e24a1b67184e611
5e31e0f6ba28a7b08a04f1dbdd6dcd4e4263adb2a5fb9ad48d7279944c40e3d5
6a3632c408f2f594353cdf7784554332db1a1559d3776c89b7f1dabb81237b66
931c748d3878658ca7b5c70440df2ab5787cd8d9c8b48a35ce0effe3be08b8d3
98c1dde7cd1dd3d582ede8d903b0623b8c6d18ecf9b7b71da52b9e44116324be
98df2a51c884d81b8fe1bc1deede6f74d88aa95cadf0b3ccbb0847fd9ab3b564
9af7828298ceaa324de8f275c987e7aab3c4fc02bc1d9caddffe089efa7675de
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d0ba5b190dfcce00a8b4b3f26d30c5f83aef03191941cd00cc0f6aa92c93a5
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c