bot.klldfn.xyz Open in urlscan Pro
45.137.70.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bot.klldfn.xyz/
Effective URL:
https://bot.klldfn.xyz/
Submission: On July 15 via manual (July 15th 2024, 4:17:49 pm UTC) from SA — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 45.137.70.28, located in Germany and belongs to AS203446, GB. The main domain is bot.klldfn.xyz.
TLS certificate: Issued by E6 on July 6th 2024. Valid for: 3 months.

This is the only time bot.klldfn.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	45.137.70.28 45.137.70.28	203446 (AS203446) (AS203446)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
15	5

6 45.137.70.28 (Germany)

ASN203446 (AS203446, GB)
PTR: 28.70.137.45.in-addr.arpa

bot.klldfn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	klldfn.xyz bot.klldfn.xyz	2 MB
3	gstatic.com fonts.gstatic.com www.gstatic.com	263 KB
3	recaptcha.net recaptcha.net — Cisco Umbrella Rank: 1698	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
15	4

	Domain	Requested by
6	bot.klldfn.xyz	bot.klldfn.xyz
3	recaptcha.net	bot.klldfn.xyz www.gstatic.com
3	fonts.googleapis.com	bot.klldfn.xyz
2	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	recaptcha.net
15	5

This site contains links to these domains. Also see Links.

Domain
pterodactyl.io

Subject Issuer	Validity	Valid
panel.vpsfree.es E6	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
misc.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://bot.klldfn.xyz/
Frame ID: 64AE1DEAA40306DA7BA5841AD71E8429
Requests: 13 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9ib3Qua2xsZGZuLnh5ejo0NDM.&hl=de&v=-80zvSY9h4i8O-ocN2P5qTJk&theme=light&size=invisible&badge=bottomright&cb=ori2w4m28045
Frame ID: 584EAF48031998CAD20B037950B0EAFA
Requests: 1 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=-80zvSY9h4i8O-ocN2P5qTJk&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn
Frame ID: FF7A50F6BF7FF0D9E582B3DBD59C9DF1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VpsFree

Page URL History Show full URLs

http://bot.klldfn.xyz/ HTTP 307
https://bot.klldfn.xyz/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

15
Requests

60 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

2012 kB
Transfer

2342 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pterodactyl.io/
Title: Pterodactyl Software

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bot.klldfn.xyz/ HTTP 307
https://bot.klldfn.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
bot.klldfn.xyz/
Redirect Chain

http://bot.klldfn.xyz/
https://bot.klldfn.xyz/

3 KB
2 KB

106ms
41ms

Document
text/html

45.137.70.28
AS203446

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.klldfn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.70.28 , Germany, ASN203446 (AS203446, GB),
Reverse DNS: 28.70.137.45.in-addr.arpa
Software: nginx/1.22.1 /
Resource Hash: c552464c21c8873c2150375e3bd4e6f69d3e443eacdda004d9f01e6757b0acb2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Jul 2024 16:17:44 GMT
Server: nginx/1.22.1
Transfer-Encoding: chunked

Redirect headers

Location: https://bot.klldfn.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
866 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bot.klldfn.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 16:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 15:55:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 16:17:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
821 B 37ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap

Requested by

Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e44a40a0f646fdcbda0fbc9306cc1c2a070c6e38718faa7efd5be6b9f06b4996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bot.klldfn.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 16:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 16:00:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 16:17:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
765 B 36ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;700&display=swap

Requested by

Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9eda4bc0b5cad4c227d88ac54b36553fe9e723869ccca3bc1970a2e4badb3bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bot.klldfn.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 16:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 16:17:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 16:17:44 GMT

GET
H/1.1 200
OK bundle.6b0b389b.js Show response
bot.klldfn.xyz/assets/ 2 MB
2 MB 13ms
13ms Script
application/javascript 45.137.70.28
AS203446

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.klldfn.xyz/assets/bundle.6b0b389b.js
Requested by: Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.70.28 , Germany, ASN203446 (AS203446, GB),
Reverse DNS: 28.70.137.45.in-addr.arpa
Software: nginx/1.22.1 /
Resource Hash: 7d5d691ae694014d06e57f468094c4b48c1928d169cd1c1b69726bad4c9d475d

Request headers

Referer: https://bot.klldfn.xyz/
Origin: https://bot.klldfn.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 16:17:44 GMT
Last-Modified: Tue, 07 May 2024 22:55:39 GMT
Server: nginx/1.22.1
ETag: "663ab16b-19465e"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1656414

GET
H/1.1 200
OK vendors~auth~dashboard~novaStudio~server.959bcb56.js Show response
bot.klldfn.xyz/assets/ 98 KB
98 KB 8ms
7ms Script
application/javascript 45.137.70.28
AS203446

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.klldfn.xyz/assets/vendors~auth~dashboard~novaStudio~server.959bcb56.js
Requested by: Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/assets/bundle.6b0b389b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.70.28 , Germany, ASN203446 (AS203446, GB),
Reverse DNS: 28.70.137.45.in-addr.arpa
Software: nginx/1.22.1 /
Resource Hash: 50b31f79995d6309835221882f9825ef6a17167b54c42e0011cf9608558075ca

Request headers

Referer: https://bot.klldfn.xyz/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 16:17:45 GMT
Last-Modified: Tue, 07 May 2024 22:55:39 GMT
Server: nginx/1.22.1
ETag: "663ab16b-18770"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100208

GET
H/1.1 200
OK auth.4ac1d48f.js Show response
bot.klldfn.xyz/assets/ 22 KB
22 KB 30ms
17ms Script
application/javascript 45.137.70.28
AS203446

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.klldfn.xyz/assets/auth.4ac1d48f.js
Requested by: Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/assets/bundle.6b0b389b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.70.28 , Germany, ASN203446 (AS203446, GB),
Reverse DNS: 28.70.137.45.in-addr.arpa
Software: nginx/1.22.1 /
Resource Hash: 1b70dccbb380b8e381941c858ca9df59977d01303bd08db14213ff6ed95de57b

Request headers

Referer: https://bot.klldfn.xyz/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 16:17:45 GMT
Last-Modified: Tue, 07 May 2024 22:55:39 GMT
Server: nginx/1.22.1
ETag: "663ab16b-58d2"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22738

GET
H2 200 api.js Show response
recaptcha.net/recaptcha/ 2 KB
1 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api.js?render=explicit

Requested by

Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/assets/auth.4ac1d48f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de84dfddd9095b41bfdf3f0b551847fb751c8e3a734d83714318aa90b9692406

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bot.klldfn.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 16:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 15 Jul 2024 16:17:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bot.klldfn.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:01:45 GMT
x-content-type-options: nosniff
age: 540960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:01:45 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bot.klldfn.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 15:54:19 GMT
x-content-type-options: nosniff
age: 1406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jul 2025 15:54:19 GMT

GET
H/1.1 200
OK locale.json Show response
bot.klldfn.xyz/locales/ 25 B
1 KB 31ms
31ms Fetch
application/json 45.137.70.28
AS203446

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.klldfn.xyz/locales/locale.json?locale=en&namespace=translation&hash=18f55443de4
Requested by: Host: bot.klldfn.xyz
URL: https://bot.klldfn.xyz/assets/bundle.6b0b389b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.70.28 , Germany, ASN203446 (AS203446, GB),
Reverse DNS: 28.70.137.45.in-addr.arpa
Software: nginx/1.22.1 /
Resource Hash: 9a0e87a8142517a0c69e726fdf2a63bc8f224bc7f330624b94578044eb810b7e

Request headers

Referer: https://bot.klldfn.xyz/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 16:17:45 GMT
Cache-Control: max-age=3600, public, stale-while-revalidate=86400
Server: nginx/1.22.1
Connection: keep-alive
ETag: 648aa5ae7e486cbe43e535d16699d787
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/ 526 KB
210 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__de.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d15b9b7e89c8bca1705772ffdd009e02a1f8bd68767053e25841c5246c6efbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bot.klldfn.xyz/
Origin: https://bot.klldfn.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 23:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213902
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 19:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Jul 2025 23:50:24 GMT

GET
H/1.1 200
OK icon-128.png
bot.klldfn.xyz/nova/ 3 KB
3 KB 7ms
7ms Other
image/png 45.137.70.28
AS203446

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.klldfn.xyz/nova/icon-128.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.137.70.28 , Germany, ASN203446 (AS203446, GB),
Reverse DNS: 28.70.137.45.in-addr.arpa
Software: nginx/1.22.1 /
Resource Hash: 82671ffe0f6de245fed84976a78c90475a5becbd297438b5135ad34224841526

Request headers

Referer: https://bot.klldfn.xyz/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 16:17:45 GMT
Last-Modified: Tue, 07 May 2024 22:52:20 GMT
Server: nginx/1.22.1
ETag: "663ab0a4-a43"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2627

GET
H2 200 anchor
recaptcha.net/recaptcha/api2/ Frame 584E 0
0 55ms
28ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9ib3Qua2xsZGZuLnh5ejo0NDM.&hl=de&v=-80zvSY9h4i8O-ocN2P5qTJk&theme=light&size=invisible&badge=bottomright&cb=ori2w4m28045

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bENzardno2XphYPAPhQmSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bot.klldfn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bENzardno2XphYPAPhQmSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jul 2024 16:17:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
recaptcha.net/recaptcha/api2/ Frame FF7A 0
0 17ms
16ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=-80zvSY9h4i8O-ocN2P5qTJk&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fFTt8kMmyjZM5qjcqWAQ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bot.klldfn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fFTt8kMmyjZM5qjcqWAQ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jul 2024 16:17:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
recaptcha.net/recaptcha	1970-01-21 02:23:32	Name: _GRECAPTCHA Value: 09AEK4rYEazg2VMoTOpC-blGPwmGArxkZH4EnIQxZ_PGWopKBP21f8b-0A8KNBwXyuyCfkyFZ0y-UK4Z_Pl8KN06M
bot.klldfn.xyz/	1970-01-20 22:05:03	Name: XSRF-TOKEN Value: eyJpdiI6IlhOQ0JHdnhYQThzT1RJREFyZXRLcEE9PSIsInZhbHVlIjoiNGdNMGNwTG52MklhdUdBR3JLNnJBanA3bmthdHRVUmViTHEzWUhRZmloWWJWbFhLK1JBaVJhQzh1YVQ5THJySEV2VHBhRmFaV3grUjNRNks3eEtKRkZ6MDdoKzdWZVROemF2b0VVbk44QjhBZ25XYmxmVkIxR3JwTmpBT3lQZ1EiLCJtYWMiOiJiMThjZjgyZTlmMmNmNTgwMWViNjY2MmNjMTA3NmU3NmM0ZWNlYWEyZGU0NTI0MzRjNGI5M2MxOTQxNTNmYTAzIiwidGFnIjoiIn0%3D
bot.klldfn.xyz/	1970-01-20 22:05:03	Name: pterodactyl_session Value: eyJpdiI6Ik1yK2RtSU5FTHl0ZjQ0NGxvOS9GWHc9PSIsInZhbHVlIjoiOWVtYy91V1NCdTBUbXg4YVU5SlVOQjNBRUJGaDRkVTZyS0Y2blh2amczS1hoL1ZHaXVVVHdkdjdJYy9vaFF1Mm5zTFh5ZndKQzJsQi9BODE2YjBNT2lmSmZub1hXTFVYbnJGQWRWbjE0cVRmOXJCQVRhYTgrUVd5MnBxNVlxVmIiLCJtYWMiOiI0NTllMzk0YTE0MWQ5YTY1MTdhMWUyNGIxNDQ4Mjk5MzUzNGUyYmEyN2M1YzVhYWY1YjQ4ZGMxMDFlNzgwNjdmIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bot.klldfn.xyz/auth/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bot.klldfn.xyz
fonts.googleapis.com
fonts.gstatic.com
recaptcha.net
www.gstatic.com
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
45.137.70.28
1b70dccbb380b8e381941c858ca9df59977d01303bd08db14213ff6ed95de57b
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
50b31f79995d6309835221882f9825ef6a17167b54c42e0011cf9608558075ca
6d15b9b7e89c8bca1705772ffdd009e02a1f8bd68767053e25841c5246c6efbc
7d5d691ae694014d06e57f468094c4b48c1928d169cd1c1b69726bad4c9d475d
82671ffe0f6de245fed84976a78c90475a5becbd297438b5135ad34224841526
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a0e87a8142517a0c69e726fdf2a63bc8f224bc7f330624b94578044eb810b7e
9eda4bc0b5cad4c227d88ac54b36553fe9e723869ccca3bc1970a2e4badb3bfa
c552464c21c8873c2150375e3bd4e6f69d3e443eacdda004d9f01e6757b0acb2
de84dfddd9095b41bfdf3f0b551847fb751c8e3a734d83714318aa90b9692406
e44a40a0f646fdcbda0fbc9306cc1c2a070c6e38718faa7efd5be6b9f06b4996

bot.klldfn.xyz Open in urlscan Pro 45.137.70.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

60 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

2012 kBTransfer

2342 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

bot.klldfn.xyz Open in urlscan Pro
45.137.70.28 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

60 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

2012 kB
Transfer

2342 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions