urlscan.io logo urlscan.io
SecurityTrails logo

hjhbvgff.b-cdn.net Open in urlscan Pro
2400:52e0:1e00::1079:1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
Effective URL: https://hjhbvgff.b-cdn.net/fdtreg/index.html
Submission: On August 02 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 2400:52e0:1e00::1079:1, located in Germany and belongs to CDN77 _, GB. The main domain is hjhbvgff.b-cdn.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 5th 2023. Valid for: a year.
This is the only time hjhbvgff.b-cdn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.114.96.3 13335 (CLOUDFLAR...)
1 172.67.216.215 13335 (CLOUDFLAR...)
2 2400:52e0:1e0... 60068 (CDN77 _)
4 3
Apex Domain
Subdomains		 Transfer
2 b-cdn.net
hjhbvgff.b-cdn.net
26 KB
1 streamloixub.click
streamloixub.click
596 B
1 kiergzor.click
kiergzor.click
652 B
4 3
Domain Requested by
2 hjhbvgff.b-cdn.net streamloixub.click
1 streamloixub.click kiergzor.click
1 kiergzor.click
4 3

This site contains no links.

Subject Issuer Validity Valid
kiergzor.click
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
streamloixub.click
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hjhbvgff.b-cdn.net/fdtreg/index.html
Frame ID: ADC4C2CE5C3018655317B2BF020B1DDB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download File

Page URL History Show full URLs

  1. http://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key HTTP 307
    https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key Page URL
  2. http://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a37... HTTP 307
    https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a37... Page URL
  3. https://hjhbvgff.b-cdn.net/fdtreg/index.html Page URL

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

28 kB
Transfer

62 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key HTTP 307
    https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key Page URL
  2. http://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549 HTTP 307
    https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549 Page URL
  3. https://hjhbvgff.b-cdn.net/fdtreg/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key HTTP 307
  • https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
Request Chain 1
  • http://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549 HTTP 307
  • https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kiergzor.click/
Redirect Chain
  • http://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
  • https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
246 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8acaa1828b5ea5f4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 02:27:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3eiRhgKqi5t5CUGu%2BVDkiB6bNQ4rbJMT9hp6gv4GIILd2cjBn90smia5WJemgWPHAFN%2BqoUqesWKpX%2F87MW6DSmZhTp%2BI0nvKrC2K%2Fs5FwFAx5UQ3xws7LTIA31ZcPbDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
Non-Authoritative-Reason
HttpsUpgrades
/
streamloixub.click/
Redirect Chain
  • http://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549
  • https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549
171 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549
Requested by
Host: kiergzor.click
URL: https://kiergzor.click/?z=41&n=anyunlock%201.4.0%20crack%20%20%20activation%20key
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.216.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8acaa18608bf18ef-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 02:27:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2iYeDOHm08CN2jpWO1wweicJiwVD2lmABnhMAAxJLj46vp%2FsrcXPGuGg%2Bps3%2FV8jQJ5k2WA7YOEsMQ3hgAD%2BaIIxDheYc7x4b%2B562HwUpqMW9iq8LZryp%2B%2B71M8fXkpr7an1MOw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549
Non-Authoritative-Reason
HttpsUpgrades
Primary Request index.html
hjhbvgff.b-cdn.net/fdtreg/ 		61 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hjhbvgff.b-cdn.net/fdtreg/index.html
Requested by
Host: streamloixub.click
URL: https://streamloixub.click/?66ac4424a3794=e82baef1f951076cf9a3df9ae5b3b5f7&66ac4424a379b=41&66ac4424a379d=1_anyunlock-1-4-0-crack-activation-key&gkss=12549
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
71d34ed451adb64cd1e87b419078b25271288a9975793fd6cd62e5c8a7b6729a

Request headers

Referer
https://streamloixub.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-cachedat
08/01/2024 15:10:57
cdn-edgestorageid
1079
cdn-fileserver
715
cdn-proxyver
1.04
cdn-pullzone
2402358
cdn-requestcountrycode
NL
cdn-requestid
e256d4fb54890d2ba6b156c73247e221
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-588
cdn-uid
a1ae8fc8-1ce6-42ec-853d-f9937be66c6a
content-encoding
gzip
content-type
text/html
date
Fri, 02 Aug 2024 02:27:49 GMT
last-modified
Thu, 01 Aug 2024 15:07:22 GMT
server
BunnyCDN-DE1-1079
vary
Accept-Encoding
favicon.ico
hjhbvgff.b-cdn.net/ 		678 B
822 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hjhbvgff.b-cdn.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223

Request headers

Referer
https://hjhbvgff.b-cdn.net/fdtreg/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cdn-storagebalancer
DE-661
date
Fri, 02 Aug 2024 02:27:49 GMT
content-encoding
gzip
cdn-edgestorageid
1079
cdn-storageserver
LA-389
cdn-cachedat
08/02/2024 02:27:49
cdn-pullzone
2402358
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
404
vary
Accept-Encoding
content-type
text/html
cdn-cache
MISS
cdn-uid
a1ae8fc8-1ce6-42ec-853d-f9937be66c6a
cache-control
no-cache
cdn-requestid
7cd7eae0ab404b8b766d1487ad171305
cdn-requestcountrycode
NL
cdn-status
404
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x367bbf function| _0x3ee111 function| _0x279a5d function| _0x5b6a function| _0x10808b function| _0x5422a2 function| _0x3752 function| yakisis function| _0x513582

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://hjhbvgff.b-cdn.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hjhbvgff.b-cdn.net
kiergzor.click
streamloixub.click
172.67.216.215
188.114.96.3
2400:52e0:1e00::1079:1
71d34ed451adb64cd1e87b419078b25271288a9975793fd6cd62e5c8a7b6729a
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223