urlscan.io logo urlscan.io
SecurityTrails logo

play.kyhdwyt.icu Open in urlscan Pro
13.225.63.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.goldmansachsv.xyz/
Effective URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&pr...
Submission: On November 20 via manual from ID — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 13.225.63.80, located in United States and belongs to AMAZON-02, US. The main domain is play.kyhdwyt.icu.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 17th 2024. Valid for: a year.
This is the only time play.kyhdwyt.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
21 13.225.63.80 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 104.26.12.205 13335 (CLOUDFLAR...)
1 2600:9000:26f... 16509 (AMAZON-02)
28 5
1    2606:4700:3031::6815:3d33 (United States)

ASN13335 (CLOUDFLARENET, US)
www.goldmansachsv.xyz
21    13.225.63.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-80.ewr53.r.cloudfront.net
play.kyhdwyt.icu
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2600:9000:26fa:8c00:1:1627:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.qoibest.com
Apex Domain
Subdomains		 Transfer
21 kyhdwyt.icu
play.kyhdwyt.icu
497 KB
1 qoibest.com
app.qoibest.com
1 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
295 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
94 KB
1 goldmansachsv.xyz
www.goldmansachsv.xyz
773 B
28 5
Domain Requested by
21 play.kyhdwyt.icu play.kyhdwyt.icu
1 app.qoibest.com play.kyhdwyt.icu
1 api.ipify.org play.kyhdwyt.icu
1 www.googletagmanager.com play.kyhdwyt.icu
1 www.goldmansachsv.xyz 1 redirects
28 5

This site contains no links.

Subject Issuer Validity Valid
play.kyhdwyt.icu
Amazon RSA 2048 M03		 2024-11-17 -
2025-12-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ipify.org
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
qoibest.com
Amazon RSA 2048 M03		 2024-08-01 -
2025-08-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Frame ID: 0A8DE381863E1B17AAE13B9A70E48336
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.goldmansachsv.xyz/ HTTP 302
    https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

28
Requests

86 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

593 kB
Transfer

1703 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.goldmansachsv.xyz/ HTTP 302
    https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request app_install.html
play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/
Redirect Chain
  • https://www.goldmansachsv.xyz/
  • https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
74875954a484ab04750028a51e78a61273226c8894ef2af8eaf045f1d2303503

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 20 Nov 2024 05:37:34 GMT
etag
W/"6723575e-d65"
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
vary
Accept-Encoding
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-amz-cf-id
oVyyDEAE5mCSNi_u9VY5yI3-cZtrnV3eAOBAkcsMvDU1EpEZw41SJw==
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5616b8be4c7c9f-EWR
content-type
text/html
date
Wed, 20 Nov 2024 05:37:34 GMT
location
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdbvmooXx%2FZ%2BnEhYjslEA0zoeeU2r0I1GTyXy94JylsFtxrJB0Jaj6ufIeJvWFkdwqfyv66kMY3BTNZxi5bku4vp1CUvL6Mw6txfJb%2B5smnPRYVjogvkGN7B4RWJhMBqvmj15f4c4MVZfWfklI644X8cJJ4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29007&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4185&recv_bytes=4429&delivery_rate=473&cwnd=12000&unsent_bytes=0&cid=6b31eb86759534d2&ts=537&x=1" cfExtPri cfHdrFlush;dur=0
main-BmvuDG33.js
play.kyhdwyt.icu/pwa/assets/js/ 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
f12e8e49fe60095056e8662f719f97db27528356c083b3e39b2966a2bd83d107

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-5440b"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
o8q5y0qqmSq-Sb1TeugJIuD5gsriQ3DapZAt2MHKUJKpRmgGbXdQwQ==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
modulepreload-polyfill-B5Qt9EMX.js
play.kyhdwyt.icu/pwa/assets/js/ 		711 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/js/modulepreload-polyfill-B5Qt9EMX.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
d2a32840421496e872ade591618d2fa5c33797605d1aec04301717e5a90757d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-2c7"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
Ud_dqjZhsPV6Q3waFDSN3twJM_PCMcgfQ1cqBLC8TDMDXN2IZvX0ow==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
app-BaJYtjJ3.js
play.kyhdwyt.icu/pwa/assets/js/ 		120 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/js/app-BaJYtjJ3.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
7dcd7c18b21b3eba97e70da550981ce943b8a3c2c9f288ca6559231d43737bfc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-1e0b9"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
ENyzMDD1cZda0xU7_7P-co8NrhqkYaOb1Xp8EuMV98-CpUBctugCtg==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
crypto-Cj9kZEME.js
play.kyhdwyt.icu/pwa/assets/js/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/js/crypto-Cj9kZEME.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
89a0510ea302878acea930e9ab57cddb70d5c3daa3de1cc29e2530c456e496e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-12011"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
keMry3-X7GMX0X1OOfxmN4Hp49MQZ37eyhAU1MVewyLk9m7Gff4FDw==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
lodash-C5fqGV7z.js
play.kyhdwyt.icu/pwa/assets/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/js/lodash-C5fqGV7z.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
dda5b98ab69bb22eae493e4640dded8e0eaa90b6e51578e163e5eaf9aebcf3ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-3329"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
25pkr-VKTZI6konMSvTH-x2ftCdQhjF6y91-P3d2Forv6EL3gErMtg==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
app_crypto.min.js
play.kyhdwyt.icu/ 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_crypto.min.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
627e2404c8951030410c72087a8c0b318e14238460d16785c491fa6b4a747321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"67235753-ed66"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
KyVSGx57e3xQp9J7QDpWRRAsnMCJpUkZjPrQLViodmQamER50x-F5Q==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
app_jsencrypt.min.js
play.kyhdwyt.icu/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_jsencrypt.min.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
58f41d131c7c45787e70ba442c58c499351cb88bfc4e5b7091a8ef15e7b39dfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"67235753-dc0e"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
-sn8y30IRDOOpoSJlxHATvfUAxGmDCTH6vddt9lpVcgd8s6r9NRaww==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
app_pako.min.js
play.kyhdwyt.icu/ 		198 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_pako.min.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
1d6ee90a894ed32a21124c600fbe82100e0aacf80a7212c853efbba7fd029f05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"67235753-316cd"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
R1qEh686g68WPQOEXkD7QsRMH2_HKBITUsxokXg5UHryBQyIMmRlKQ==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
app_spark-md5.min.js
play.kyhdwyt.icu/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_spark-md5.min.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
b22554a14d31c10f07ea0de3ed20346d5cca42ca43ffcdd8ce0cda4e1117738f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"67235753-4792"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
wHbyVQZCRk7SOXENpW5iPbMlWpaMOLAhvx5KyMuIA-AmMT88Vn_N3w==
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		265 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=G-6PMTMHZ3SM
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3607c752fae10dc2829c0c3b888802cb47ab5c8dd91e6eaccfca8691b924f2f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 20 Nov 2024 05:37:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 05:37:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95771
x-xss-protection
0
server
Google Tag Manager
/
api.ipify.org/ 		23 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ecfa7b6483a3144546ec15359514aff977510f85ead5b4add9d61bd846c4a90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e5616cc1b2c0f99-EWR
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=8015&sent=7&recv=7&lost=0&retrans=0&sent_bytes=4044&recv_bytes=2205&delivery_rate=547158&cwnd=235&unsent_bytes=0&cid=de41ad513d2405b6&ts=74&x=0"
content-length
23
date
Wed, 20 Nov 2024 05:37:36 GMT
content-type
application/json
vary
Origin
server
cloudflare
index-Bbe98If4.css
play.kyhdwyt.icu/pwa/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/css/index-Bbe98If4.css
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
9cc25f0d2ee51b0bc56ac6d547b1ed0adbebef08bf41e4b7ac2135449445d363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-f72"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
06_MOLO_aheCxID52oyyDq6RrbNjJrmJCzT4rAm2noyra70CqxvYCw==
date
Wed, 20 Nov 2024 05:37:36 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
index-CRuubZJ1.css
play.kyhdwyt.icu/pwa/assets/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/css/index-CRuubZJ1.css
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
80fc4eab0e96a28873a52baa4b69ad3bbf88d6fe322eab2697c26912171ec657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-6bd4"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
kFRkVpFC6btAOARVHojkjkk-dw0hOQqq4ENNxczf9Pvles4cJOp3IA==
date
Wed, 20 Nov 2024 05:37:36 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
flag-icons-CLLEwidT.css
play.kyhdwyt.icu/pwa/assets/css/ 		362 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/pwa/assets/css/flag-icons-CLLEwidT.css
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
4f2b000dbba9064016d22be59475d61815101b13303b94cde60cf3d0f74c5779

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"6723575e-5a8ee"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
HaNoCmZ48lFwp9MiTFfOYx4lvRc440Og9wTNHf3PQleKGmoetAuAPg==
date
Wed, 20 Nov 2024 05:37:36 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 10:09:34 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
app_tools.js
play.kyhdwyt.icu/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_tools.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
1651b33d7cf0e1df896fb836b8b2fe0c0111ed8bd34dcf8bf77dc4a36bf61163

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"67235753-815"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
VJPtVoH3-_6lHSxIotBXueBMCPsMYrELUGmd_Rj-xxIUH6ismXIloQ==
date
Wed, 20 Nov 2024 05:37:36 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
key
play.kyhdwyt.icu/app-api/ 		128 B
378 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app-api/key
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/app_tools.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
80efe4ed2c936014558b8c28cb2de77bfc835bc3f337039d27da990683653ab9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-SECRET-KEY
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
128
x-amz-cf-id
uogl1I-l2mQWOhwybvXSRJ-CiMmavJ5-G2vebrbOzDP62ORgXaWHjw==
date
Wed, 20 Nov 2024 05:37:37 GMT
content-type
text/plain;charset=UTF-8
x-amz-cf-pop
EWR53-C1
server
nginx/1.24.0
favicon.ico
play.kyhdwyt.icu/ 		555 B
443 B 		Other
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Error from cloudfront
x-amz-cf-id
xvR119E_iT-G4nbxm5Nxg4BVo53LeOMIq5wv8ZDXWWseKjwm2YltHw==
date
Wed, 20 Nov 2024 05:37:37 GMT
content-type
text/html
vary
Accept-Encoding
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
app_uuid.js
play.kyhdwyt.icu/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_uuid.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/main-BmvuDG33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
27c7631d051eaf80f6613108cebbe8f1fcad052146730e1c427d77b38c764a34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=

Response headers

content-encoding
gzip
etag
W/"67235753-2c23"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
B6EvfXLva9dFnotxXeClDgSomSZWf7BNgdUXPqxE623zkffD1KfSow==
date
Wed, 20 Nov 2024 05:37:37 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
cross-token.js
app.qoibest.com/app-api/pwa/pixel-uuid/ 		670 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.qoibest.com/app-api/pwa/pixel-uuid/cross-token.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/app_uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:8c00:1:1627:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
fe5ac0ede54d9c9e629d29ba369b37434cfe966ffedc3e954ed8a90f62f62b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://play.kyhdwyt.icu/

Response headers

cache-control
no-cache
trace-id
x-content-type-options
nosniff
via
1.1 782a6f1057a52009822f51ac887d693e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
gnzzRGCNg6pIjvJtgv_sdAA9Q3uEbp_lg7bo3QnQyKmGqwj6TGnyhA==
date
Wed, 20 Nov 2024 05:37:38 GMT
x-xss-protection
1; mode=block
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
server
nginx/1.24.0
x-amz-cf-pop
JFK52-P1
app_fingerprint.min.js
play.kyhdwyt.icu/ 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app_fingerprint.min.js
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/app_uuid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
7320f463d836bc40c9c5d4f354eeaf72a0856f52d917d3e5e2760f9caa59cfac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/app_uuid.js

Response headers

content-encoding
gzip
etag
W/"67235753-8e4b"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
OsGX7AgPKf0fP2oITEQ8beFPzmDU2cZob4AMa9JO8QvlmT6n7wGQtg==
date
Wed, 20 Nov 2024 05:37:38 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
vary
Accept-Encoding
GoogleSans-Regular.ttf
play.kyhdwyt.icu/font/ 		117 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/font/GoogleSans-Regular.ttf
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/css/index-Bbe98If4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://play.kyhdwyt.icu
Referer
https://play.kyhdwyt.icu/pwa/assets/css/index-Bbe98If4.css

Response headers

etag
"67235753-1d4b0"
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
119984
x-amz-cf-id
tp_XFip29jmcXIjS0z-PvULXC_vd1yMAx4ZoqtuynCgmtgZFkTT2RA==
date
Wed, 20 Nov 2024 05:37:39 GMT
content-type
application/octet-stream
last-modified
Thu, 31 Oct 2024 10:09:23 GMT
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
finger
play.kyhdwyt.icu/app-api/pwa/pixel-uuid/ 		600 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app-api/pwa/pixel-uuid/finger
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/app_tools.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
7fddc457b2ad91d3ff023fc12937cd52ebdabcd7eb449ad662dcc8c9d9963348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-REQUEST-HASH
cb034ac094dc9717e0c431c1d5129c7fbcd25d34d7cad517c4823187fea5191d
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
X-SECRET-KEY
X0V6GNM4ucb0Ek5ZnrlQAZBChX7gGL7nBuhk6WVfUZHyVJFywAHk1MujYFttZFkyiZ9nANrERSMoLfdyXMI5zw==

Response headers

access-control-max-age
3600L
content-encoding
gzip
access-control-allow-methods
*
x-content-type-options
nosniff
expires
0
x-response-code
0
x-cache
Miss from cloudfront
x-amz-cf-id
FsoW_y7HuMSlWtVG-W8O3_UY88emODHAnJh7_xHC5yIkAHn1XQZnjA==
date
Wed, 20 Nov 2024 05:37:39 GMT
content-type
application/json
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-headers
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
trace-id
access-control-allow-credentials
true
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
EWR53-C1
server
nginx/1.24.0
getPromotion
play.kyhdwyt.icu/app-api/pwa/promotion/ 		293 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.kyhdwyt.icu/app-api/pwa/promotion/getPromotion?appId=58b8a3fcc91d795d1940b1282ea70b16&id=0bee9adb1425905f79beac332a42aaa5
Requested by
Host: play.kyhdwyt.icu
URL: https://play.kyhdwyt.icu/pwa/assets/js/app-BaJYtjJ3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-80.ewr53.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
6cbd38c4f32d17b374ce83a0c93f9964a8282460f1862d8275d13c95f70dc9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-SECRET-IGNORE
true
Referer
https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
trace-id
x-content-type-options
nosniff
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
expires
0
x-cache
Miss from cloudfront
x-amz-cf-id
J5BFYVdLfn5VKNQJCEaX7VVkoC8NlYMBKYp7upUTK8WPPNr4p46OTQ==
date
Wed, 20 Nov 2024 05:37:40 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
nginx/1.24.0
x-amz-cf-pop
EWR53-C1
get
play.kyhdwyt.icu/app-api/pwa/app-info/ 		0
0
getPromotion
play.kyhdwyt.icu/app-api/pwa/promotion/ 		0
0
pixel-link
play.kyhdwyt.icu/app-api/pwa/ 		0
0
index-ByYM45S2.js
play.kyhdwyt.icu/pwa/assets/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.kyhdwyt.icu
URL
https://play.kyhdwyt.icu/app-api/pwa/app-info/get?id=0bee9adb1425905f79beac332a42aaa5&lang=0
Domain
play.kyhdwyt.icu
URL
https://play.kyhdwyt.icu/app-api/pwa/promotion/getPromotion?appId=58b8a3fcc91d795d1940b1282ea70b16&id=0bee9adb1425905f79beac332a42aaa5
Domain
play.kyhdwyt.icu
URL
https://play.kyhdwyt.icu/app-api/pwa/pixel-link
Domain
play.kyhdwyt.icu
URL
https://play.kyhdwyt.icu/pwa/assets/js/index-ByYM45S2.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data object| CryptoJS function| JSEncrypt object| pako function| SparkMD5 object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ object| preObj boolean| __vite_is_modern_browser function| customPerformFetch function| _FINGER_PRE_CALLBACK string| qoi_app_uuid_data

1 Cookies

Domain/Path Name / Value
.qoibest.com/ Name: _bc_uid_token
Value: 54a94c2655d0f05dce5e679c30d135726c364df49817b9f527d878c37ad8a6344af1ef1e229faaf6c8e49c7a4be0900593bf9969164668dfbba2c5dcac2eefd0380aab93aee6f3f41327c443a9d30c133f561b358bfcdeec18771b68d7e854e814564830d68a627a4a97d38bed7ecad3fe6106f08a84e32e10e35765e8389f6ca1bfb10da25f83ae5b7ccbb2da4f5dec8504b9cef07981146b6ed0fdb89da30f0dc6a2bfe9d83c1c749e04b70fceb09c3bca7b8ad7e42556f9937d78976f77936c52099c18e3328813afeec68e28deed

3 Console Messages

Source Level URL
Text
rendering warning URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Message:
The key "minimum" is not recognized and ignored.
network error URL: https://play.kyhdwyt.icu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://play.kyhdwyt.icu/58b8a3fcc91d795d1940b1282ea70b16/app_install.html?channel_id=0b56fb0642084f7792557325b9d69189&promote_url_id=0bee9adb1425905f79beac332a42aaa5&invite_code=
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0406D0144330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
app.qoibest.com
play.kyhdwyt.icu
www.goldmansachsv.xyz
www.googletagmanager.com
play.kyhdwyt.icu
104.26.12.205
13.225.63.80
2600:9000:26fa:8c00:1:1627:2ec0:93a1
2606:4700:3031::6815:3d33
2607:f8b0:4006:821::2008
1651b33d7cf0e1df896fb836b8b2fe0c0111ed8bd34dcf8bf77dc4a36bf61163
1d6ee90a894ed32a21124c600fbe82100e0aacf80a7212c853efbba7fd029f05
27c7631d051eaf80f6613108cebbe8f1fcad052146730e1c427d77b38c764a34
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
3607c752fae10dc2829c0c3b888802cb47ab5c8dd91e6eaccfca8691b924f2f0
4f2b000dbba9064016d22be59475d61815101b13303b94cde60cf3d0f74c5779
58f41d131c7c45787e70ba442c58c499351cb88bfc4e5b7091a8ef15e7b39dfa
627e2404c8951030410c72087a8c0b318e14238460d16785c491fa6b4a747321
6cbd38c4f32d17b374ce83a0c93f9964a8282460f1862d8275d13c95f70dc9bd
7320f463d836bc40c9c5d4f354eeaf72a0856f52d917d3e5e2760f9caa59cfac
74875954a484ab04750028a51e78a61273226c8894ef2af8eaf045f1d2303503
7dcd7c18b21b3eba97e70da550981ce943b8a3c2c9f288ca6559231d43737bfc
7ecfa7b6483a3144546ec15359514aff977510f85ead5b4add9d61bd846c4a90
7fddc457b2ad91d3ff023fc12937cd52ebdabcd7eb449ad662dcc8c9d9963348
80efe4ed2c936014558b8c28cb2de77bfc835bc3f337039d27da990683653ab9
80fc4eab0e96a28873a52baa4b69ad3bbf88d6fe322eab2697c26912171ec657
89a0510ea302878acea930e9ab57cddb70d5c3daa3de1cc29e2530c456e496e1
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d
9cc25f0d2ee51b0bc56ac6d547b1ed0adbebef08bf41e4b7ac2135449445d363
b22554a14d31c10f07ea0de3ed20346d5cca42ca43ffcdd8ce0cda4e1117738f
d2a32840421496e872ade591618d2fa5c33797605d1aec04301717e5a90757d0
dda5b98ab69bb22eae493e4640dded8e0eaa90b6e51578e163e5eaf9aebcf3ca
f12e8e49fe60095056e8662f719f97db27528356c083b3e39b2966a2bd83d107
fe5ac0ede54d9c9e629d29ba369b37434cfe966ffedc3e954ed8a90f62f62b17