kx19.in Open in urlscan Pro
13.235.17.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kx14.in/FINSVY/PRHL3Y
Effective URL:
https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373
Submission: On November 30 via manual (November 30th 2024, 9:19:27 am UTC) from IN — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 13.235.17.194, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is kx19.in.
TLS certificate: Issued by E5 on November 18th 2024. Valid for: 3 months.

This is the only time kx19.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.250.30.30 103.250.30.30	132781 (UNICEL-AS...) (UNICEL-AS Karix Mobile Private Limited)
7	13.235.17.194 13.235.17.194	16509 (AMAZON-02) (AMAZON-02)
3	159.65.153.72 159.65.153.72	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
3	78.46.46.152 78.46.46.152	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
16	6

2 103.250.30.30 (India) 2 redirects

ASN132781 (UNICEL-AS Karix Mobile Private Limited, IN)

kx14.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.235.17.194 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

kx19.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.65.153.72 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn-jp.gsecondscreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

xds.gsecondscreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.46.152 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.152.46.46.78.clients.your-server.de

evbk.gamooga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

ae.gsecondscreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	kx19.in kx19.in	148 KB
5	gsecondscreen.com cdn-jp.gsecondscreen.com — Cisco Umbrella Rank: 196611 xds.gsecondscreen.com — Cisco Umbrella Rank: 263402 ae.gsecondscreen.com — Cisco Umbrella Rank: 231157	54 KB
3	gamooga.com evbk.gamooga.com — Cisco Umbrella Rank: 799737	754 B
2	kx14.in 2 redirects kx14.in	663 B
1	gstatic.com www.gstatic.com	21 KB
16	5

	Domain	Requested by
7	kx19.in	kx19.in
3	evbk.gamooga.com	cdn-jp.gsecondscreen.com kx19.in
3	cdn-jp.gsecondscreen.com	kx19.in cdn-jp.gsecondscreen.com
2	kx14.in	2 redirects
1	ae.gsecondscreen.com	cdn-jp.gsecondscreen.com
1	xds.gsecondscreen.com	cdn-jp.gsecondscreen.com
1	www.gstatic.com	kx19.in
16	7

This site contains no links.

Subject Issuer	Validity	Valid
kx19.in E5	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.gsecondscreen.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-27` - `2025-02-27`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
xds.gsecondscreen.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.gamooga.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-27` - `2025-03-01`	a year	crt.sh
ae.gsecondscreen.com WR3	`2024-11-26` - `2025-02-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373
Frame ID: D944EBA1B903EA161ED19E729D24D7F4
Requests: 15 HTTP requests in this frame

Frame: https://xds.gsecondscreen.com/xds2/
Frame ID: 1EA9A71E9AA6BDF7AAF0121A49403FDE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎉 Spin the wheel for a chance to win unlimited cash! 💸 Try your luck now! 🎉

Page URL History Show full URLs

http://kx14.in/FINSVY/PRHL3Y HTTP 307
https://kx14.in/FINSVY/PRHL3Y HTTP 302
http://kx14.in/FINSVY/PRHL3Y?redirect=true HTTP 307
https://kx14.in/FINSVY/PRHL3Y?redirect=true HTTP 302
https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373 Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

224 kB
Transfer

414 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kx14.in/FINSVY/PRHL3Y HTTP 307
https://kx14.in/FINSVY/PRHL3Y HTTP 302
http://kx14.in/FINSVY/PRHL3Y?redirect=true HTTP 307
https://kx14.in/FINSVY/PRHL3Y?redirect=true HTTP 302
https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kx19.in/rs_win/
Redirect Chain

http://kx14.in/FINSVY/PRHL3Y
https://kx14.in/FINSVY/PRHL3Y
http://kx14.in/FINSVY/PRHL3Y?redirect=true
https://kx14.in/FINSVY/PRHL3Y?redirect=true
https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

19 KB
6 KB

556ms
135ms

Document
text/html

13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a2bd969d9881a9cdd072e0198a5f05256a977d8e93f7744f743ae01182296166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Nov 2024 09:19:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Accept-CH: sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-model, sec-ch-ua-arch,sec-ch-ua, sec-ch-ua-bitness, sec-ch-ua-wow64
Content-Length: 0
Date: Sat, 30 Nov 2024 09:19:21 GMT
Location: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373
Server: Anything x.x

GET
H/1.1 200
OK spin.jpeg
kx19.in/rs_win/img/ 15 KB
15 KB 133ms
132ms Image
image/jpeg 13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kx19.in/rs_win/img/spin.jpeg

Requested by

Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3f8e3969ec28e8aaca86a07f6a80b07cf4ddc61fefea8be121c12d0dce5380be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Response headers

ETag: "6746ede6-3ac9"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 15049
Date: Sat, 30 Nov 2024 09:19:22 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/jpeg
Last-Modified: Wed, 27 Nov 2024 10:01:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY

GET
H/1.1 200
OK winings.jpeg
kx19.in/rs_win/img/ 24 KB
24 KB 282ms
148ms Image
image/jpeg 13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kx19.in/rs_win/img/winings.jpeg

Requested by

Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

59759908f2e48f960ccec35b5b2c4a489572f8d654184fd5d70c562682adf9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Response headers

ETag: "6746ede7-5eca"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 24266
Date: Sat, 30 Nov 2024 09:19:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/jpeg
Last-Modified: Wed, 27 Nov 2024 10:01:11 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY

GET
H/1.1 200
OK marker.png
kx19.in/rs_win/img/ 17 KB
18 KB 411ms
135ms Image
image/png 13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kx19.in/rs_win/img/marker.png

Requested by

Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a97a12daaba5c0f47bb479f56cba40a6ff6c2b4ce2972b3154165201f77d6d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Response headers

ETag: "6746ede6-45f1"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 17905
Date: Sat, 30 Nov 2024 09:19:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Last-Modified: Wed, 27 Nov 2024 10:01:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY

GET
H/1.1 200
OK blue-spin.webp
kx19.in/rs_win/img/ 37 KB
37 KB 657ms
268ms Image
image/webp 13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kx19.in/rs_win/img/blue-spin.webp

Requested by

Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

313299eb3ee142b393efb50fe7951efdd542bbed529887a592468a6ce8f0d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Response headers

ETag: "6746ede6-9380"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 37760
Date: Sat, 30 Nov 2024 09:19:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/webp
Last-Modified: Wed, 27 Nov 2024 10:01:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY

GET
H/1.1 200
OK bonus.png
kx19.in/rs_win/img/ 48 KB
48 KB 673ms
269ms Image
image/png 13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kx19.in/rs_win/img/bonus.png

Requested by

Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-235-17-194.ap-south-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0be8d46f0889321b86ac81f5a53a712ba0513b9d68095231eb5207fe4821eaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Response headers

ETag: "6746ede6-be59"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 48729
Date: Sat, 30 Nov 2024 09:19:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Last-Modified: Wed, 27 Nov 2024 10:01:10 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Frame-Options: DENY

GET
H/1.1 200
OK ta.min.js Show response
cdn-jp.gsecondscreen.com/static/ 62 KB
18 KB 682ms
333ms Script
application/x-javascript 159.65.153.72
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-jp.gsecondscreen.com/static/ta.min.js
Requested by: Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.65.153.72 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 304c3e703afe2edc7f5009a5c7fd134805d53b90ca9febb9552d826086f3d824

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Content-Encoding: gzip
ETag: W/"669f7c29-f6cf"
Connection: keep-alive
Expires: Sat, 30 Nov 2024 09:44:15 GMT
Date: Sat, 30 Nov 2024 09:19:23 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 23 Jul 2024 09:47:21 GMT
Server: nginx/1.16.1
Vary: Accept-Encoding

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/10.9.0/ 92 KB
21 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.9.0/firebase-app.js

Requested by

Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0029d0bd7ea79d6c2d92dfc757a012fcbda936e9f4ec204f0920154499bacb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://kx19.in
Referer: https://kx19.in/

Response headers

content-encoding: gzip
age: 275000
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 04:56:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 04:56:02 GMT
last-modified: Thu, 14 Mar 2024 14:33:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21005
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK jquery-noamd.min.js Show response
cdn-jp.gsecondscreen.com/static/ 92 KB
33 KB 172ms
172ms Script
application/x-javascript 159.65.153.72
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Requested by: Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/ta.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.65.153.72 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 84203b9efb03677ba4e26ddb43c3444b8b3f9a95879d35d3ccfe9b76120611ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Content-Encoding: gzip
ETag: W/"669f7c29-171e3"
Connection: keep-alive
Expires: Sat, 30 Nov 2024 09:43:50 GMT
Date: Sat, 30 Nov 2024 09:19:23 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 23 Jul 2024 09:47:21 GMT
Server: nginx/1.16.1
Vary: Accept-Encoding

GET
H2 200 /
xds.gsecondscreen.com/xds2/ Frame 1EA9 0
0 61ms
19ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://xds.gsecondscreen.com/xds2/
Requested by: Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/ta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://kx19.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 1685
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 931
content-type: text/html
date: Sat, 30 Nov 2024 08:51:18 GMT
etag: "a6c0Iw"
expires: Sat, 30 Nov 2024 09:51:18 GMT
server: Google Frontend
x-cloud-trace-context: 60d78ddf6788985d852ee6d4f9064b5a

GET
H/1.1 200
OK / Show response
cdn-jp.gsecondscreen.com/newconf/ca5bea6d-1942-48d2-9b65-87098c39aa11/ 7 KB
2 KB 166ms
166ms Script
text/javascript 159.65.153.72
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-jp.gsecondscreen.com/newconf/ca5bea6d-1942-48d2-9b65-87098c39aa11/?callback=_ta_on_conf&_=1732958363892

Requested by

Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.65.153.72 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

59683d80e5a550344e6dfe7ce00f5eeff627a92a76b6c980787ff6fe504d4e4d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=15
Content-Encoding: gzip
Connection: keep-alive
Date: Sat, 30 Nov 2024 09:19:24 GMT
Content-Type: text/javascript
Vary: Accept-Encoding, Cookie
Server: nginx/1.16.1
X-Frame-Options: DENY

GET
H/1.1 200
OK / Show response
evbk.gamooga.com/nv/ 29 B
278 B 101ms
61ms Script
application/javascript 78.46.46.152
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://evbk.gamooga.com/nv/?callback=_ta_on_nv&_=1732958364061
Requested by: Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.46.152 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.152.46.46.78.clients.your-server.de
Software: /
Resource Hash: 3717a543fb57ffc3c4359f2f1655e3464a729c41d64af9fd0903c6fe31eddba7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

Transfer-Encoding: chunked
Expires: -1
Cache-Control: private, no-cache, no-store, must-revalidate
Pragma: no-cache
Date: Sat, 30 Nov 2024 09:19:24 GMT
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 / Show response
ae.gsecondscreen.com/vi/ 148 B
315 B 416ms
373ms Script
text/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.gsecondscreen.com/vi/?callback=_ss_on_ajax_vi&_=1732958364061
Requested by: Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 83d11959f2f52ee37aaebad45f706b1ac48879af7c8f8accf096f0681a5c554a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 151
date: Sat, 30 Nov 2024 09:19:24 GMT
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 270117d194908b1c8780dd719891b6cc
vary: Accept-Encoding
server: Google Frontend

GET
H/1.1 200
OK /
evbk.gamooga.com/mev/ 2 B
238 B 12ms
11ms Image
text/plain 78.46.46.152
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evbk.gamooga.com/mev/?c=ca5bea6d-1942-48d2-9b65-87098c39aa11&v=dgopdT34VbMlwYOM&s=4qmtotj17do&t=2f2&z=17329583644811912&data=WyJzdGFydGVkIHNlc3Npb24iLHsibG9jYXRpb24iOiJGcmFua2Z1cnQgLSBIZXNzZW4sIEdlcm1hbnkiLCJJUCI6IjJhMDI6NmVhMDpjNzFiOjA6MTAxMjoyODUxOmMyYzQ6N2I2IiwiYnJvd3NlciI6IkNocm9tZSAxMzEuMC4wIiwiT1MiOiJMaW51eCIsInJlZmVycmVyIjoiKG5vbmUpIiwicmVwZWF0IjpmYWxzZSwiZG9tYWluIjoia3gxOS5pbiIsImJhc2UgT1MiOiJMaW51eCIsImJhc2UgYnJvd3NlciI6IkNocm9tZSIsImNvdW50cnkiOiJHZXJtYW55IiwidXRtIGNhbXBhaWduIjoiKG5vbmUpIiwidXRtIG1lZGl1bSI6ImRpcmVjdCAvIG9yZ2FuaWMiLCJ1dG0gc291cmNlIjoiKG5vbmUpIiwidXRtIHRlcm0iOiIobm9uZSkiLCJmcm9tX21vYmlsZSI6ZmFsc2V9XQ==
Requested by: Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.46.152 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.152.46.46.78.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

Transfer-Encoding: chunked
Expires: -1
Cache-Control: private, no-cache, no-store, must-revalidate
Pragma: no-cache
Date: Sat, 30 Nov 2024 09:19:24 GMT
Content-Type: text/plain
Connection: keep-alive

GET
H/1.1 200
OK /
evbk.gamooga.com/mev/ 2 B
238 B 38ms
24ms Image
text/plain 78.46.46.152
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evbk.gamooga.com/mev/?c=ca5bea6d-1942-48d2-9b65-87098c39aa11&v=dgopdT34VbMlwYOM&s=4qmtotj17do&t=2f2&z=17329583644821588&data=WyJ2aXNpdGVkIHBhZ2UiLHsidGl0bGUiOiLwn46JIFNwaW4gdGhlIHdoZWVsIGZvciBhIGNoYW5jZSB0byB3aW4gdW5saW1pdGVkIGNhc2ghIPCfkrggVHJ5IHlvdXIgbHVjayBub3chIPCfjokiLCJ1cmwiOiIvcnNfd2luLz9zb3VyY2U9TkVXV0hFNjcmcDE9OTE5MTEzMTUxMzczIiwiZnJvbV9wYWdlIjoiKG5vbmUpIiwiZnJvbV9tb2JpbGUiOmZhbHNlLCJiYXNlX09TIjoiTGludXgiLCJiYXNlX2Jyb3dzZXIiOiJDaHJvbWUiLCJJUCI6IjJhMDI6NmVhMDpjNzFiOjA6MTAxMjoyODUxOmMyYzQ6N2I2IiwibG9jYXRpb24iOiJGcmFua2Z1cnQgLSBIZXNzZW4sIEdlcm1hbnkifV0=
Requested by: Host: kx19.in
URL: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.46.152 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.152.46.46.78.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/

Response headers

Transfer-Encoding: chunked
Expires: -1
Cache-Control: private, no-cache, no-store, must-revalidate
Pragma: no-cache
Date: Sat, 30 Nov 2024 09:19:24 GMT
Content-Type: text/plain
Connection: keep-alive

GET
H/1.1 404
Not Found favicon.ico
kx19.in/ 564 B
392 B 135ms
134ms Other
text/html 13.235.17.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kx19.in/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.235.17.194 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-235-17-194.ap-south-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://kx19.in/rs_win/?source=NEWWHE67&p1=919113151373

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sat, 30 Nov 2024 09:19:24 GMT
Content-Type: text/html
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kx19.in/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.gsecondscreen.com
cdn-jp.gsecondscreen.com
evbk.gamooga.com
kx14.in
kx19.in
www.gstatic.com
xds.gsecondscreen.com
103.250.30.30
13.235.17.194
159.65.153.72
2001:4860:4802:36::15
2001:4860:4802:38::15
2a00:1450:4001:80b::2003
78.46.46.152
0029d0bd7ea79d6c2d92dfc757a012fcbda936e9f4ec204f0920154499bacb73
0be8d46f0889321b86ac81f5a53a712ba0513b9d68095231eb5207fe4821eaa5
304c3e703afe2edc7f5009a5c7fd134805d53b90ca9febb9552d826086f3d824
313299eb3ee142b393efb50fe7951efdd542bbed529887a592468a6ce8f0d3c3
3717a543fb57ffc3c4359f2f1655e3464a729c41d64af9fd0903c6fe31eddba7
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3f8e3969ec28e8aaca86a07f6a80b07cf4ddc61fefea8be121c12d0dce5380be
59683d80e5a550344e6dfe7ce00f5eeff627a92a76b6c980787ff6fe504d4e4d
59759908f2e48f960ccec35b5b2c4a489572f8d654184fd5d70c562682adf9bb
83d11959f2f52ee37aaebad45f706b1ac48879af7c8f8accf096f0681a5c554a
84203b9efb03677ba4e26ddb43c3444b8b3f9a95879d35d3ccfe9b76120611ba
a2bd969d9881a9cdd072e0198a5f05256a977d8e93f7744f743ae01182296166
a97a12daaba5c0f47bb479f56cba40a6ff6c2b4ce2972b3154165201f77d6d88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

kx19.in Open in urlscan Pro 13.235.17.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

43 %IPv6

5 Domains

7 Subdomains

6 IPs

3 Countries

224 kBTransfer

414 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

kx19.in Open in urlscan Pro
13.235.17.194 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

224 kB
Transfer

414 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions