king.host Open in urlscan Pro
2606:4700:10::6814:2cf1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
Submission: On September 21 via manual (September 21st 2021, 1:58:51 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2606:4700:10::6814:2cf1, located in United States and belongs to CLOUDFLARENET, US. The main domain is king.host.
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 18th 2020. Valid for: 2 years.

This is the only time king.host was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:10:... 2606:4700:10::6814:2cf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	177.185.204.37 177.185.204.37	28299 (IPV6 Inte...) (IPV6 Internet Ltda)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
10	2

9 2606:4700:10::6814:2cf1 (United States)

ASN13335 (CLOUDFLARENET, US)

king.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 177.185.204.37 (Brazil) 1 redirects

ASN28299 (IPV6 Internet Ltda, BR)
PTR: servicos-externos-01.kinghost.net

kingho.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	king.host king.host	24 KB
1	google-analytics.com ssl.google-analytics.com	17 KB
1	kingho.st 1 redirects kingho.st	122 B
10	3

	Domain	Requested by
9	king.host	king.host
1	ssl.google-analytics.com	king.host
1	kingho.st	1 redirects
10	3

This site contains links to these domains. Also see Links.

Domain
kingho.st

Subject Issuer	Validity	Valid
*.king.host RapidSSL RSA CA 2018	`2020-05-18` - `2022-05-18`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
Frame ID: 4809495395BC99E3462C443BBB4FA383
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Boleto KingHost

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

10
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

41 kB
Transfer

96 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://kingho.st/link-banner-boleto

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://kingho.st/banner-boleto HTTP 302
https://king.host/imagens/etus-banner-boleto.png

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request boleto.php Show response
king.host/ 30 KB
3 KB 1175ms
1135ms Document
text/html 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97dce9866c1e2be87d8c3a106cd908ae8c193f62d0b9526b2cc5d578dfec5e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:method: GET
:authority: king.host
:scheme: https
:path: /boleto.php?69d90685bec6120ffc3e1aff5203a282
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Sep 2021 13:58:45 GMT
content-type: text/html
vary: Accept-Encoding
via: 1.0 troia.kinghost.net
strict-transport-security: max-age=31536000; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6923cf5fc9b7433f-FRA
content-encoding: br

GET
H2 200 cookboleto.php
king.host/ 2 KB
3 KB 1017ms
1016ms Image
image/png 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/cookboleto.php?Id=9efa81c42c00a8f399174cc0f5892751&Sub=Boleto-34191.09800%2054286.241614%2041538.050000%201%2087510000010243&Fim=1

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ceeebf60d1a631241a21fc69985e2904b26b0f8e1846846a7ca4d39251af6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /cookboleto.php?Id=9efa81c42c00a8f399174cc0f5892751&Sub=Boleto-34191.09800%2054286.241614%2041538.050000%201%2087510000010243&Fim=1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:46 GMT
via: 1.0 troia.kinghost.net
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
strict-transport-security: max-age=31536000; preload
cf-ray: 6923cf670921433f-FRA

GET
H2

200

etus-banner-boleto.png
king.host/imagens/
Redirect Chain

https://kingho.st/banner-boleto
https://king.host/imagens/etus-banner-boleto.png

15 KB
15 KB

875ms
874ms

Image
image/webp

2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/imagens/etus-banner-boleto.png

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3668b4449e55a9208d0586942b8e58d0929dbc3ea8fa7d7658fba914579d118c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /imagens/etus-banner-boleto.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:47 GMT
via: 1.0 troia.kinghost.net
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=21198
content-disposition: inline; filename="etus-banner-boleto.webp"
content-length: 15628
last-modified: Mon, 07 Jun 2021 22:39:36 GMT
server: cloudflare
etag: "cc09d7-52ce-5c434b74f1a2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload
content-type: image/webp
expires: Wed, 22 Sep 2021 13:58:47 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6923cf6e8b34433f-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

location: https://king.host/imagens/etus-banner-boleto.png
date: Tue, 21 Sep 2021 13:58:46 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 recortar.gif
king.host/imagens/ 338 B
472 B 873ms
872ms Image
image/webp 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/imagens/recortar.gif

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca975f27c8bdda8b9236f488ea4441c3b5647f815bab26a8f9131899b232b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /imagens/recortar.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:46 GMT
via: 1.0 troia.kinghost.net
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=gif, origSize=717
content-disposition: inline; filename="recortar.webp"
content-length: 338
last-modified: Mon, 24 Sep 2018 19:51:45 GMT
server: cloudflare
etag: "cc0552-2cd-576a351a8c325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload
content-type: image/webp
expires: Wed, 22 Sep 2021 13:58:46 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6923cf670930433f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 itau.gif
king.host/imagens/ 618 B
772 B 872ms
871ms Image
image/webp 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/imagens/itau.gif

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b5852000d0e0eaf9afdf184b2b4e4ba0ec9ddd242ae8ca634d0846c2f412828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /imagens/itau.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:46 GMT
via: 1.0 troia.kinghost.net
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2277
content-disposition: inline; filename="itau.webp"
content-length: 618
last-modified: Fri, 29 May 2020 21:54:33 GMT
server: cloudflare
etag: "cc0487-8e5-5a6d07d8e7ae9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload
content-type: image/webp
expires: Wed, 22 Sep 2021 13:58:46 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6923cf670931433f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 espaco.gif
king.host/imagens/ 34 B
308 B 858ms
857ms Image
image/webp 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/imagens/espaco.gif

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /imagens/espaco.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:46 GMT
via: 1.0 troia.kinghost.net
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=gif, origSize=807
content-disposition: inline; filename="espaco.webp"
content-length: 34
last-modified: Mon, 24 Sep 2018 19:51:45 GMT
server: cloudflare
etag: "cc036e-327-576a351a76396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload
content-type: image/webp
expires: Wed, 22 Sep 2021 13:58:46 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6923cf670935433f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pontopreto.jpg
king.host/imagens/ 46 B
189 B 859ms
858ms Image
image/webp 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/imagens/pontopreto.jpg

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aaf9e8c7b9b2d2e052faffb26ba30e894143751693079253a55f423325c4a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /imagens/pontopreto.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:46 GMT
via: 1.0 troia.kinghost.net
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=633
content-disposition: inline; filename="pontopreto.webp"
content-length: 46
last-modified: Mon, 24 Sep 2018 19:51:45 GMT
server: cloudflare
etag: "cc0549-279-576a351a8bb55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload
content-type: image/webp
expires: Wed, 22 Sep 2021 13:58:46 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6923cf670938433f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pontobranco.jpg
king.host/imagens/ 44 B
187 B 898ms
897ms Image
image/webp 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://king.host/imagens/pontobranco.jpg

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5a98f77e9516f40f64a2f722439753be20901df1986c02cae5daa8a83e2d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

:path: /imagens/pontobranco.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:46 GMT
via: 1.0 troia.kinghost.net
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=631
content-disposition: inline; filename="pontobranco.webp"
content-length: 44
last-modified: Mon, 24 Sep 2018 19:51:45 GMT
server: cloudflare
etag: "cc0548-277-576a351a8bb55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload
content-type: image/webp
expires: Wed, 22 Sep 2021 13:58:46 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6923cf67193b433f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 email-decode.min.js Show response
king.host/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
852 B 11ms
9ms Script
application/javascript 2606:4700:10::6814:2cf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://king.host/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2cf1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: king.host
referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Sep 2021 09:29:40 GMT
server: cloudflare
etag: W/"61446004-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 6923cf67092e433f-FRA
vary: Accept-Encoding
expires: Thu, 23 Sep 2021 13:58:45 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: king.host
URL: https://king.host/boleto.php?69d90685bec6120ffc3e1aff5203a282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://king.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3678
date: Tue, 21 Sep 2021 12:57:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 21 Sep 2021 14:57:27 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| _gaq object| _gat

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

king.host
kingho.st
ssl.google-analytics.com
177.185.204.37
2606:4700:10::6814:2cf1
2a00:1450:4001:810::2008
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b5852000d0e0eaf9afdf184b2b4e4ba0ec9ddd242ae8ca634d0846c2f412828
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c5a98f77e9516f40f64a2f722439753be20901df1986c02cae5daa8a83e2d2c
3668b4449e55a9208d0586942b8e58d0929dbc3ea8fa7d7658fba914579d118c
4ca975f27c8bdda8b9236f488ea4441c3b5647f815bab26a8f9131899b232b28
4ceeebf60d1a631241a21fc69985e2904b26b0f8e1846846a7ca4d39251af6ac
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8aaf9e8c7b9b2d2e052faffb26ba30e894143751693079253a55f423325c4a20
97dce9866c1e2be87d8c3a106cd908ae8c193f62d0b9526b2cc5d578dfec5e98

king.host Open in urlscan Pro 2606:4700:10::6814:2cf1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

41 kBTransfer

96 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

king.host Open in urlscan Pro
2606:4700:10::6814:2cf1 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

41 kB
Transfer

96 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions