klflxo.keysmdc.com Open in urlscan Pro
54.230.163.36  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://75775.cfd/ Page URL
2. https://9kzfx7v.meta168.com/346e6c64686c67 Page URL
3. https://klflxo.keysmdc.com/nldhlg Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response 75775.cfd/	1 KB 1 KB	261ms 65ms	Document text/html	2600:9000:210b:2e00:14:9d2b:1980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://75775.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:2e00:14:9d2b:1980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.24.0 / Resource Hash 516fa193dc7167ab18c848d346ba80ac39d583231a4a106727b08437a38b1008 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 56177 content-encoding gzip content-type text/html date Wed, 29 Nov 2023 19:21:36 GMT etag W/"6567342a-55d" last-modified Wed, 29 Nov 2023 12:52:58 GMT server nginx/1.24.0 vary Accept-Encoding via 1.1 f28d01ff99a9babe0b725f1873c60b2a.cloudfront.net (CloudFront) x-amz-cf-id 8vm3RoWPYOwYrh5sb8NLxR1i_t65T_gXPMoykpHarxkPJkyTGI91Lg== x-amz-cf-pop EWR53-C3 x-cache Hit from cloudfront
GET H2	200	index.css 75775.cfd/static/css/	7 KB 2 KB	66ms 65ms	Stylesheet text/css	2600:9000:210b:2e00:14:9d2b:1980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://75775.cfd/static/css/index.css Requested by Host: 75775.cfd URL: https://75775.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:2e00:14:9d2b:1980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.24.0 / Resource Hash b83b45439262898880a46a707d9f3ef0eb93e500ad499901c6278306dc9b18da Request headers accept-language en-US,en;q=0.9 Referer https://75775.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:53:26 GMT content-encoding br via 1.1 f28d01ff99a9babe0b725f1873c60b2a.cloudfront.net (CloudFront) last-modified Sat, 18 Nov 2023 16:00:31 GMT server nginx/1.24.0 x-amz-cf-pop EWR53-C3 age 43467 etag W/"6558df9f-1db6" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id ehVGmi95IKchYMO6i6LumMBCON3IgziXrVMdc-KBvPtgQ1YKWYdr3g==
GET H2	200	bg.png 75775.cfd/static/images/	232 KB 232 KB	67ms 66ms	Image image/png	2600:9000:210b:2e00:14:9d2b:1980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://75775.cfd/static/images/bg.png Requested by Host: 75775.cfd URL: https://75775.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:2e00:14:9d2b:1980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.24.0 / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://75775.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 13:18:59 GMT via 1.1 f28d01ff99a9babe0b725f1873c60b2a.cloudfront.net (CloudFront) last-modified Sat, 18 Nov 2023 16:00:31 GMT server nginx/1.24.0 x-amz-cf-pop EWR53-C3 age 77934 etag "6558df9f-39f71" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 237425 x-amz-cf-id Pd0EB4vGwR96liy8w_hJLwLRK0YdPYNfTli2Y0Zln3ANzHo8QC1pXg==
GET H2	200	346e6c64686c67 Show response 9kzfx7v.meta168.com/	1 KB 780 B	1418ms 576ms	Document text/html	199.43.203.162 DAFEIYUN_AS
General Check archive.org Show headers Download Go to Full URL https://9kzfx7v.meta168.com/346e6c64686c67 Requested by Host: 75775.cfd URL: https://75775.cfd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.43.203.162 , United States, ASN61368 (DAFEIYUN_AS, GB), Reverse DNS anti-ddos.dafeiyun.com Software nginx / Resource Hash e2791cf354eda9f43d659f889023192eb59eb2d8c2f0f041b2406ba86026833a Request headers Referer https://75775.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html date Thu, 30 Nov 2023 10:57:55 GMT etag W/"64d1401d-510" last-modified Mon, 07 Aug 2023 19:03:57 GMT server nginx vary Accept-Encoding x-cache-status MISS
GET H2	200	346e6c64686c67 9kzfx7v.meta168.com/p/	33 B 355 B	571ms 570ms	XHR text/plain	199.43.203.162 DAFEIYUN_AS
General Check archive.org Show headers Download Go to Full URL https://9kzfx7v.meta168.com/p/346e6c64686c67 Requested by Host: 9kzfx7v.meta168.com URL: https://9kzfx7v.meta168.com/346e6c64686c67 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.43.203.162 , United States, ASN61368 (DAFEIYUN_AS, GB), Reverse DNS anti-ddos.dafeiyun.com Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://9kzfx7v.meta168.com/346e6c64686c67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 30 Nov 2023 10:57:55 GMT server nginx x-cache-status MISS access-control-max-age 3600 access-control-allow-methods POST, GET, PATCH, DELETE, PUT content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, token, refreshToken, X-Goog-Authuser content-length 33
GET H2	200	Primary Request nldhlg Show response klflxo.keysmdc.com/	2 KB 1 KB	2242ms 811ms	Document text/html	54.230.163.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://klflxo.keysmdc.com/nldhlg Requested by Host: 9kzfx7v.meta168.com URL: https://9kzfx7v.meta168.com/346e6c64686c67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-36.ewr53.r.cloudfront.net Software nginx/1.24.0 / Resource Hash 34f6deb017714a82bf65d1f8237213b8c1f3d26cd63ecd010d1df0c9f9420dfc Request headers Referer https://9kzfx7v.meta168.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html date Thu, 30 Nov 2023 10:57:57 GMT etag W/"65670cb6-74e" last-modified Wed, 29 Nov 2023 10:04:38 GMT server nginx/1.24.0 vary Accept-Encoding Origin via 1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront) x-amz-cf-id kSrRJxsafeEunTnYxqOvM0qGNKGbTn9sbpuAyq6g8yesEqvAiguIFg== x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront
GET H2	200	app.835f71ad.css d2h4spdndw5mgo.cloudfront.net/resource1/css/	18 KB 6 KB	303ms 70ms	Stylesheet text/css	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/css/app.835f71ad.css Requested by Host: klflxo.keysmdc.com URL: https://klflxo.keysmdc.com/nldhlg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash 901a1adf9723f73bcf99e4d2db7cc0d628f2996d2601f7dd9f8081f961adf109 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 00:30:44 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 37634 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"5884cf8bb2d863826ec4995c30c778b1" vary Accept-Encoding content-type text/css x-amz-cf-id _3IH1AbvRaoidvWuoXOBWUyIHRbsH6YTQPQuZjABZSXa_P5qdKmQWw==
GET H2	200	chunk-vendors.35d0181d.css d2h4spdndw5mgo.cloudfront.net/resource1/css/	54 KB 28 KB	445ms 213ms	Stylesheet text/css	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/css/chunk-vendors.35d0181d.css Requested by Host: klflxo.keysmdc.com URL: https://klflxo.keysmdc.com/nldhlg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash 279d31132231203f414c394dc23bce2e4f5331326b64bbf070a48d4c8f4bafd1 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 04:44:31 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 22406 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"414d0c31db86c8f0cbd87a28f31e5b32" vary Accept-Encoding content-type text/css x-amz-cf-id XrZyfPYeapxCWaAPAXvTVj72qb5dn5mLd-2q16hSvE5JLCEJ76etDA==
GET H2	200	app.a7e152e7.js Show response d2h4spdndw5mgo.cloudfront.net/resource1/js/	86 KB 24 KB	317ms 85ms	Script text/javascript	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/js/app.a7e152e7.js Requested by Host: klflxo.keysmdc.com URL: https://klflxo.keysmdc.com/nldhlg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash b378077c7465c7c377ed704b37c756dc1362d2ec8e90e170798764e8344c26d6 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 10:06:53 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 3064 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"1ec7cfbdfc21de5d58dafb210223941d" vary Accept-Encoding content-type text/javascript x-amz-cf-id sxapPjMAQzRVUWBqkFk5gSJeKyoJ08AF5OcYLb8B7KAGy9LsEQNidA==
GET H2	200	chunk-vendors.115f32a7.js Show response d2h4spdndw5mgo.cloudfront.net/resource1/js/	411 KB 131 KB	317ms 85ms	Script text/javascript	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/js/chunk-vendors.115f32a7.js Requested by Host: klflxo.keysmdc.com URL: https://klflxo.keysmdc.com/nldhlg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash 2e67ae51b99791b4a97a65c65c4d4206facc840b5e05928625cf8ed4d3b7e9da Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Wed, 29 Nov 2023 17:54:28 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 61410 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"a760b4df3175db06a55344421615fa7d" vary Accept-Encoding content-type text/javascript x-amz-cf-id C4QerjVXltgcaPIRa1fmeMgHBTWOacrTmrbjcnev2xLOprA_uIX1WA==
GET H2	200	chunk-7556a8c8.e4bae6b2.css d2h4spdndw5mgo.cloudfront.net/resource1/css/	0 3 KB	438ms 215ms	Other text/css	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/css/chunk-7556a8c8.e4bae6b2.css Requested by Host: klflxo.keysmdc.com URL: https://klflxo.keysmdc.com/nldhlg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 10:06:55 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 3063 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"e270d6a58b267e82bcbf3f1d214ba8bb" vary Accept-Encoding content-type text/css x-amz-cf-id 4-cIGOmlOf6tzNzpfMbUV3V51Dp4HmybABM_O7Gesq_q3wv-vgw_JA==
GET H2	200	chunk-7556a8c8.d3365761.js d2h4spdndw5mgo.cloudfront.net/resource1/js/	0 64 KB	307ms 84ms	Other text/javascript	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/js/chunk-7556a8c8.d3365761.js Requested by Host: klflxo.keysmdc.com URL: https://klflxo.keysmdc.com/nldhlg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 10:06:55 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 3063 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"3af27fefba480ebb4432c3b714f04274" vary Accept-Encoding content-type text/javascript x-amz-cf-id MRUxh2BKt5MjZ08hf5VmBZtqF-CZR7WtEA5kluzDAXVTT8FS4aE_Gw==
GET H2	200	chunk-7556a8c8.e4bae6b2.css d2h4spdndw5mgo.cloudfront.net/resource1/css/	17 KB 3 KB	66ms 65ms	Stylesheet text/css	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/css/chunk-7556a8c8.e4bae6b2.css Requested by Host: d2h4spdndw5mgo.cloudfront.net URL: https://d2h4spdndw5mgo.cloudfront.net/resource1/js/app.a7e152e7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash 35e56b3c182d4b62d504936753883791da8ad5d27f2ef635a960eba4e3a74fc8 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 10:06:55 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 3063 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"e270d6a58b267e82bcbf3f1d214ba8bb" vary Accept-Encoding content-type text/css x-amz-cf-id 0qhUCgGNJ2iZ-LdWB_uS33_UTn5YZQnrv_RxX51c42n-dzNhn9XRrg==
GET H2	200	chunk-7556a8c8.d3365761.js Show response d2h4spdndw5mgo.cloudfront.net/resource1/js/	204 KB 64 KB	69ms 68ms	Script text/javascript	2600:9000:2514:b000:c:53c9:3e00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2h4spdndw5mgo.cloudfront.net/resource1/js/chunk-7556a8c8.d3365761.js Requested by Host: d2h4spdndw5mgo.cloudfront.net URL: https://d2h4spdndw5mgo.cloudfront.net/resource1/js/app.a7e152e7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:b000:c:53c9:3e00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software MinIO / Resource Hash 6ee913cccf456e7c0152585900bfcd6143ebe0f229ac6fb4043b8cad375b2671 Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://klflxo.keysmdc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy block-all-mixed-content strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff date Thu, 30 Nov 2023 10:06:55 GMT content-encoding br x-amz-cf-pop JFK50-P8 age 3063 via 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Wed, 29 Nov 2023 10:04:00 GMT server MinIO etag W/"3af27fefba480ebb4432c3b714f04274" vary Accept-Encoding content-type text/javascript x-amz-cf-id R4dd41aSXgUXZr79uxcXEABVXjJ6-Kov_VpgXc1vFKpNLyVxALKcsg==
POST H2	200	download_app_info klflxo.keysmdc.com/api/ipa/	1 KB 2 KB	499ms 498ms	XHR application/json	54.230.163.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://klflxo.keysmdc.com/api/ipa/download_app_info Requested by Host: d2h4spdndw5mgo.cloudfront.net URL: https://d2h4spdndw5mgo.cloudfront.net/resource1/js/chunk-vendors.115f32a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-36.ewr53.r.cloudfront.net Software nginx/1.24.0 / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://klflxo.keysmdc.com/nldhlg X-Goog-Authuser 241 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/json Response headers date Thu, 30 Nov 2023 10:57:59 GMT via 1.1 e3fb879a67c14c7a96059b2b777ccbc8.cloudfront.net (CloudFront) server nginx/1.24.0 x-amz-cf-pop EWR53-C3 access-control-max-age 3600 access-control-allow-methods POST, GET, PATCH, DELETE, PUT content-type application/json access-control-allow-origin * x-cache Miss from cloudfront access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, token, refreshToken, X-Goog-Authuser x-amz-cf-id CYay8iq4IQDbhKFmW_H1e0lIopruWsqUphzxsO6GzWrQgrHW-nuvsQ==
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ddf3e3eb36fea2aed662912fa48816e386b9cbc8a7531fbaeddafd2e1f53a7e1 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ee1d3b0f05dad2202107093e55cece6d9eff91e71c09bddafeaf770639645be0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 88607e3b71a03c142c23ed659c3cc411994d2723358cfe8fb821209b209613ac Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png
GET		download_bgpt.jpg dsd109871rdvx.cloudfront.net/website-images/	0 0
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png
GET		quy7ouv2cesfnarn_icon.png g4vcktw.ragavcdcaab.com/website-images/	0 0
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dsd109871rdvx.cloudfront.net

URL

https://dsd109871rdvx.cloudfront.net/website-images/download_bgpt.jpg

Domain

g4vcktw.ragavcdcaab.com

URL

https://g4vcktw.ragavcdcaab.com/website-images/quy7ouv2cesfnarn_icon.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=wy9873acdm%2F20231130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231130T105759Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=597abcd6e53cea7c8e8b5465b5d506f595f8e0539fe7bd0a962b1478618c268b

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| root undefined| downloadStyle object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| $cookies

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			klflxo.keysmdc.com/	1970-01-20 16:37:08	Name: isGoodUrl Value: 0
			klflxo.keysmdc.com/	1970-01-20 16:37:08	Name: url Value: %22nldhlg%22

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://75775.cfd/(Line 6) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

75775.cfd
9kzfx7v.meta168.com
d2h4spdndw5mgo.cloudfront.net
dsd109871rdvx.cloudfront.net
g4vcktw.ragavcdcaab.com
klflxo.keysmdc.com
dsd109871rdvx.cloudfront.net
g4vcktw.ragavcdcaab.com
199.43.203.162
2600:9000:210b:2e00:14:9d2b:1980:93a1
2600:9000:2514:b000:c:53c9:3e00:21
54.230.163.36
279d31132231203f414c394dc23bce2e4f5331326b64bbf070a48d4c8f4bafd1
2e67ae51b99791b4a97a65c65c4d4206facc840b5e05928625cf8ed4d3b7e9da
34f6deb017714a82bf65d1f8237213b8c1f3d26cd63ecd010d1df0c9f9420dfc
35e56b3c182d4b62d504936753883791da8ad5d27f2ef635a960eba4e3a74fc8
516fa193dc7167ab18c848d346ba80ac39d583231a4a106727b08437a38b1008
6ee913cccf456e7c0152585900bfcd6143ebe0f229ac6fb4043b8cad375b2671
88607e3b71a03c142c23ed659c3cc411994d2723358cfe8fb821209b209613ac
901a1adf9723f73bcf99e4d2db7cc0d628f2996d2601f7dd9f8081f961adf109
b378077c7465c7c377ed704b37c756dc1362d2ec8e90e170798764e8344c26d6
b83b45439262898880a46a707d9f3ef0eb93e500ad499901c6278306dc9b18da
ddf3e3eb36fea2aed662912fa48816e386b9cbc8a7531fbaeddafd2e1f53a7e1
e2791cf354eda9f43d659f889023192eb59eb2d8c2f0f041b2406ba86026833a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1d3b0f05dad2202107093e55cece6d9eff91e71c09bddafeaf770639645be0