urlscan.io logo urlscan.io
SecurityTrails logo

app1.kipgtmi.xyz Open in urlscan Pro
45.158.56.116  Public Scan

Go To Rescan Add Verdict Report
URL: https://app1.kipgtmi.xyz/
Submission Tags: @phishunt_io
Submission: On October 13 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 45.158.56.116, located in Singapore and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is app1.kipgtmi.xyz.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.
This is the only time app1.kipgtmi.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 45.158.56.116 209242 (CLOUDFLAR...)
1 43.135.83.230 132203 (TENCENT-N...)
22 3
Apex Domain
Subdomains		 Transfer
21 kipgtmi.xyz
app1.kipgtmi.xyz
1 MB
1 hbniu.com
tcdn.hbniu.com
3 KB
22 2
Domain Requested by
21 app1.kipgtmi.xyz app1.kipgtmi.xyz
1 tcdn.hbniu.com
22 2

This site contains links to these domains. Also see Links.

Domain
www.manycai.com
www.lopa1k9.xyz
www.manycai.club
www.jdcfwealth.com
Subject Issuer Validity Valid
app1.kipgtmi.xyz
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
tcdn.sioe4t.xyz
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.kipgtmi.xyz/
Frame ID: D9F744EDFC20C044BAAB3594F07CFC71
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TD LOTO

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1445 kB
Transfer

4917 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app1.kipgtmi.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
a0dc300b3c507bb4e3fa4789597773f78738b0f266b4dbee2350e25c566d39c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 22:03:24 GMT
server
****
vary
Accept-Encoding
x-cache
BYPASS
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-request-id
e689835cb03a6c6701bc0311f11b0699
0.d6abcb812af3e766f760.css
app1.kipgtmi.xyz/webx/td/desktop/styles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/styles/0.d6abcb812af3e766f760.css?v=23.08.19.14532
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 10 Oct 2023 18:01:31 GMT
server
****
etag
W/"6525917b-2421"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
07abd157981ca0bfb4410e36b1b9526b
expires
Fri, 20 Oct 2023 22:03:24 GMT
index.d6ab.css
app1.kipgtmi.xyz/webx/td/desktop/styles/ 		1 MB
247 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
9f9a50fae54f9cf4d4362626dc1832fec4324b0b83499104cfa09350ec8789b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 10 Oct 2023 18:01:31 GMT
server
****
etag
W/"6525917b-1150ea"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
d838134e1419a9f9d4b289b442454065
expires
Fri, 20 Oct 2023 22:03:24 GMT
chunk.vendor.00d1.js
app1.kipgtmi.xyz/webx/td/desktop/javascript/ 		767 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/javascript/chunk.vendor.00d1.js?v=23.08.19.14532
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
67366b46873817065a0d492f826c9609604225507e19a8cc1e21349d324c56f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 10 Oct 2023 18:01:31 GMT
server
****
etag
W/"6525917b-bfb86"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
2b0a0f36e95444684d4e59b4b416d74a
expires
Fri, 20 Oct 2023 22:03:24 GMT
base.d6ab.js
app1.kipgtmi.xyz/webx/td/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/javascript/base.d6ab.js?v=23.08.19.14532
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
0ec7384b17c8749c167a25ac03cdf728911cfb6f64dbe13c847479b8ebdc4db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 10 Oct 2023 18:01:31 GMT
server
****
etag
W/"6525917b-26b1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
41453f1ef499ad0a04e91188b9daafdd
expires
Fri, 20 Oct 2023 22:03:24 GMT
bootstrap.d6ab.js
app1.kipgtmi.xyz/webx/td/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/javascript/bootstrap.d6ab.js?v=23.08.19.14532
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
6adbba5333e4cda26411107edd3ecadaf9419888a88db2241608151435b97526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 10 Oct 2023 18:01:31 GMT
server
****
etag
W/"6525917b-222f"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
b62df860d43ac02b38477a6698713aef
expires
Fri, 20 Oct 2023 22:03:24 GMT
index.d6ab.js
app1.kipgtmi.xyz/webx/td/desktop/javascript/ 		901 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/javascript/index.d6ab.js?v=23.08.19.14532
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2c1915558e87672077afeea31bd98ede33035e0e9945534c256467187f4730d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 10 Oct 2023 18:01:31 GMT
server
****
etag
W/"6525917b-e13c9"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
d0f724635e0ec568d68d3d5aeac8c5d9
expires
Fri, 20 Oct 2023 22:03:24 GMT
/
app1.kipgtmi.xyz/api/settings/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/api/settings/?fields=
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/webx/td/desktop/javascript/chunk.vendor.00d1.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
37995267119cc37b783d43c016def513c1ef91a7074a9b9e10f9ff43db06710e

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.kipgtmi.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Fri, 13 Oct 2023 22:03:26 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
16d57dbe9459cb3cd6630dd160554f85
x-runtime
0.078
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
methods.js
app1.kipgtmi.xyz/webx/td/static/ 		2 MB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/webx/td/static/methods.js?27e72f10
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/webx/td/desktop/javascript/index.d6ab.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2305b505275a877afe6064ff6a28bfed1978cf93164545e21030a60058272074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:20:17 GMT
server
****
etag
W/"647f78e1-189eab"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
db777a3f3257db0d1ac7de52283a14e8
expires
Fri, 20 Oct 2023 22:03:27 GMT
3c93c7.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/3c93c7.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
ca1dff45e859100904bcf00c56a56a5a4dfafd1b7ba87ca2f6deb4e02d356e5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 22 Feb 2021 18:13:37 GMT
server
****
etag
"6033f451-24b3f"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
150335
x-xss-protection
1
x-request-id
ed742411e74a8d7670c7cc241d024954
expires
Fri, 20 Oct 2023 22:03:27 GMT
da6a36.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/da6a36.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
e44a721189d51ee1ac550c301691d3987fcaa70c9569f4e4d0fae522afad47db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 22 Feb 2021 18:13:37 GMT
server
****
etag
"6033f451-3c74f"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
247631
x-xss-protection
1
x-request-id
c930eaaceac9854dadc9d838cf57ff21
expires
Fri, 20 Oct 2023 22:03:27 GMT
04b303.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/04b303.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
e988399588e4bea9ab58c949c9b4a2ff7deb680a847ad2a515c698c4830bad4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 07:57:34 GMT
server
****
etag
"644a2aee-1fba"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
8122
x-xss-protection
1
x-request-id
264a213a9d158dc388e6c238c1c92914
expires
Fri, 20 Oct 2023 22:03:27 GMT
448982.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/448982.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
b5be69c16d6d790717588e2628667448f032d6f74d1deb699e9dfea83bd7688f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:47:32 GMT
server
****
etag
"644a36a4-1dee"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
7662
x-xss-protection
1
x-request-id
2e83626fa40b18c4d158cf14d77ad1ce
expires
Fri, 20 Oct 2023 22:03:27 GMT
3db03a.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/3db03a.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
35a5fd1dc7c4863ccde2fb5681107a2c78b1a98155de49ca373d9ff9a393593f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 07:57:33 GMT
server
****
etag
"644a2aed-21fd"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
8701
x-xss-protection
1
x-request-id
11864a01d22f0e6d08f73ebc8bdeebc8
expires
Fri, 20 Oct 2023 22:03:27 GMT
71f2af.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/71f2af.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
80dc5e4dd89358df05e2b06bd0c5626305a5fc07a08300e429963f05bfca9bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 Nov 2021 19:08:29 GMT
server
****
etag
"618d6a2d-1e73"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
7795
x-xss-protection
1
x-request-id
7c98cdb3d2f05616f0300715dc3723c8
expires
Fri, 20 Oct 2023 22:03:27 GMT
truncated
/ 		761 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c3426fa6126fe1cabf42a8d8bed74505823b85ed738e08d1442bb0ecda429a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
0f51b8.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/0f51b8.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
49aac1defaca09caf07ee3d9bac16f2fb068af08818019422e4d8ce7b6145240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:07:11 GMT
server
****
etag
"644a3b3f-14f6"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
5366
x-xss-protection
1
x-request-id
c4fefc409e5cf964e37176f35c0b6537
expires
Fri, 20 Oct 2023 22:03:27 GMT
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
qr_code.png
tcdn.hbniu.com/td/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.hbniu.com/td/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.135.83.230 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
0cb57bb36018bc3494e9012cbb005a67e36e4593aedafd19c7674f8f3cecd2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:13:28 GMT
date
Fri, 13 Oct 2023 22:03:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Fri, 18 Aug 2023 07:47:13 GMT
server
nginx
etag
"64df2201-c3d"
content-type
image/png
x-remote-addr
176.115.236.18
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
3133
x-xss-protection
1
x-proxy-cache
REVALIDATED
6b1f82.jpg
app1.kipgtmi.xyz/webx/td/desktop/images/ 		63 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/6b1f82.jpg
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
26560f6092994e6e929060bdc880a0b9c83325e864927011cd36d250db3b95c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:34:46 GMT
server
****
etag
W/"644a41b6-fd13"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=1800
x-xss-protection
1
x-request-id
3abf99028d935e8e55b04f2f4c64c82d
expires
Fri, 20 Oct 2023 22:03:27 GMT
bd43af.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/bd43af.png
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
feb7e93563d88db7b97cc7eae2a74169204336cfbc36b2fd0f0c52e45295b44a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:34:47 GMT
server
****
etag
"644a41b7-33cb"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
13259
x-xss-protection
1
x-request-id
f2a40064ea21130d420d293b9635176b
expires
Fri, 20 Oct 2023 22:03:27 GMT
e2a1ce.png
app1.kipgtmi.xyz/webx/td/desktop/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz/webx/td/desktop/images/e2a1ce.png
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
ec646801779d8d358b817ac6a6b48cf9bdc71ce68a399da2d9aae8ceb019f123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/webx/td/desktop/styles/index.d6ab.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 22 Feb 2021 18:13:37 GMT
server
****
etag
"6033f451-54be"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
21694
x-xss-protection
1
x-request-id
1cfc0c1125c5099b09db91d2b04728fc
expires
Fri, 20 Oct 2023 22:03:27 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
344e303d7f105b9cace59b65fb4b21fc070bc59ed19896d66002455a3c7971c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
speedtests
app1.kipgtmi.xyz/api/domain/platform/ 		80 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.kipgtmi.xyz/api/domain/platform/speedtests
Requested by
Host: app1.kipgtmi.xyz
URL: https://app1.kipgtmi.xyz/webx/td/desktop/javascript/chunk.vendor.00d1.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
4fd14acc1a155bc01d6610bea316e3c3a2d9c49612a8ada324dece3a4f4b9db9

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.kipgtmi.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
f1227e5c513549a496ab6d6eeb91dd4c
x-runtime
0.043
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
point.bmp
app1.kipgtmi.xyz// 		68 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.kipgtmi.xyz//point.bmp?r=70418
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.116 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.kipgtmi.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:03:27 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 18 Jul 2018 07:15:23 GMT
server
****
etag
"5b4ee90b-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
fb86c8ab09a80c0b2fdb19312a980b5c
expires
Fri, 20 Oct 2023 22:03:27 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| PushStream object| PushStreamManager function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole function| _i18n number| serverTime number| localTime number| during object| method-data

1 Cookies

Domain/Path Name / Value
app1.kipgtmi.xyz/ Name: session_sslproxy_server
Value: 97661b59-aae5-4281cdbb8d5af2363311e35c80e016d817d5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.kipgtmi.xyz
tcdn.hbniu.com
43.135.83.230
45.158.56.116
0cb57bb36018bc3494e9012cbb005a67e36e4593aedafd19c7674f8f3cecd2b3
0ec7384b17c8749c167a25ac03cdf728911cfb6f64dbe13c847479b8ebdc4db9
2305b505275a877afe6064ff6a28bfed1978cf93164545e21030a60058272074
26560f6092994e6e929060bdc880a0b9c83325e864927011cd36d250db3b95c6
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
2c1915558e87672077afeea31bd98ede33035e0e9945534c256467187f4730d6
32c3426fa6126fe1cabf42a8d8bed74505823b85ed738e08d1442bb0ecda429a
344e303d7f105b9cace59b65fb4b21fc070bc59ed19896d66002455a3c7971c6
35a5fd1dc7c4863ccde2fb5681107a2c78b1a98155de49ca373d9ff9a393593f
37995267119cc37b783d43c016def513c1ef91a7074a9b9e10f9ff43db06710e
49aac1defaca09caf07ee3d9bac16f2fb068af08818019422e4d8ce7b6145240
4fd14acc1a155bc01d6610bea316e3c3a2d9c49612a8ada324dece3a4f4b9db9
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8
67366b46873817065a0d492f826c9609604225507e19a8cc1e21349d324c56f8
6adbba5333e4cda26411107edd3ecadaf9419888a88db2241608151435b97526
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
80dc5e4dd89358df05e2b06bd0c5626305a5fc07a08300e429963f05bfca9bc4
9f9a50fae54f9cf4d4362626dc1832fec4324b0b83499104cfa09350ec8789b1
a0dc300b3c507bb4e3fa4789597773f78738b0f266b4dbee2350e25c566d39c5
b5be69c16d6d790717588e2628667448f032d6f74d1deb699e9dfea83bd7688f
ca1dff45e859100904bcf00c56a56a5a4dfafd1b7ba87ca2f6deb4e02d356e5e
e44a721189d51ee1ac550c301691d3987fcaa70c9569f4e4d0fae522afad47db
e988399588e4bea9ab58c949c9b4a2ff7deb680a847ad2a515c698c4830bad4e
ec646801779d8d358b817ac6a6b48cf9bdc71ce68a399da2d9aae8ceb019f123
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99
feb7e93563d88db7b97cc7eae2a74169204336cfbc36b2fd0f0c52e45295b44a