urlscan.io logo urlscan.io
SecurityTrails logo

kbhjpc.1819.ca Open in urlscan Pro
152.32.234.129  Public Scan

Go To Rescan Add Verdict Report
URL: http://kbhjpc.1819.ca/
Submission: On October 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 152.32.234.129, located in Los Angeles, United States and belongs to UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK. The main domain is kbhjpc.1819.ca.
This is the only time kbhjpc.1819.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 152.32.234.129 135377 (UCLOUD-HK...)
2 142.250.186.110 15169 (GOOGLE)
2 7 152.32.151.41 135377 (UCLOUD-HK...)
2 142.250.186.45 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
16 5
6    152.32.234.129 (Los Angeles, United States)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)
kbhjpc.1819.ca
2    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
apis.google.com
7    152.32.151.41 (Reston, United States)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)
kbhj.duolefun.com
2    142.250.186.45 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f13.1e100.net
accounts.google.com
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
ssl.gstatic.com
Apex Domain
Subdomains		 Transfer
7 duolefun.com
kbhj.duolefun.com
99 KB
6 1819.ca
kbhjpc.1819.ca
629 KB
4 google.com
apis.google.com
accounts.google.com
57 KB
1 gstatic.com
ssl.gstatic.com
40 KB
16 4
Domain Requested by
7 kbhj.duolefun.com 2 redirects kbhjpc.1819.ca
6 kbhjpc.1819.ca kbhjpc.1819.ca
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 apis.google.com kbhjpc.1819.ca
apis.google.com
1 ssl.gstatic.com accounts.google.com
16 5

This site contains no links.

Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.kbhj.duolefun.com
Go Daddy Secure Certificate Authority - G2		 2021-09-06 -
2022-09-06		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 2 frames:

Primary Page: http://kbhjpc.1819.ca/
Frame ID: 63C4BB313B06F535F6F52D52363F833A
Requests: 13 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E1B3DD8287D518DB4983706B3068C517
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

狂暴合击-多乐游戏◇英雄搭配◆打怪不累◇合击必玩◆三端互通◇小怪爆终极◆不肝不氪满神装

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

63 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

824 kB
Transfer

4748 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://kbhj.duolefun.com/images/newbg2.mp4?v=1 HTTP 301
  • https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Request Chain 8
  • http://kbhj.duolefun.com/images/newbg2.mp4?v=1 HTTP 301
  • https://kbhj.duolefun.com/images/newbg2.mp4?v=1

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kbhjpc.1819.ca/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Server
152.32.234.129 Los Angeles, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2d78e3107e22fb89449d915a08fd75757013cba6a92a6bc0c055e2548ddd33bd

Request headers

Host
kbhjpc.1819.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Thu, 07 Oct 2021 05:23:14 GMT
Content-Type
text/html
Last-Modified
Sun, 03 Oct 2021 13:19:36 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"6159ade8-21f6"
Content-Encoding
gzip
newlogo.png
kbhjpc.1819.ca/images/ 		516 KB
516 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kbhjpc.1819.ca/images/newlogo.png
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Server
152.32.234.129 Los Angeles, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
0f3136c62f44465cf06afbc421e1f05758d7b83ef998e03d469ba34549559723

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kbhjpc.1819.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://kbhjpc.1819.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:23:14 GMT
Last-Modified
Wed, 22 Sep 2021 11:13:52 GMT
Server
nginx
ETag
"614b0ff0-80e62"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
527970
Expires
Sat, 06 Nov 2021 05:23:14 GMT
btn.gif
kbhjpc.1819.ca/images/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kbhjpc.1819.ca/images/btn.gif
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Server
152.32.234.129 Los Angeles, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
f6498beb5208a5557fba6362ae7f992e30b484dd222de0f2f5d937852804198c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kbhjpc.1819.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://kbhjpc.1819.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:23:14 GMT
Last-Modified
Thu, 23 Sep 2021 07:12:54 GMT
Server
nginx
ETag
"614c28f6-10593"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66963
Expires
Sat, 06 Nov 2021 05:23:14 GMT
jquery-1.10.2.min.js
kbhjpc.1819.ca/js/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://kbhjpc.1819.ca/js/jquery-1.10.2.min.js
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Server
152.32.234.129 Los Angeles, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kbhjpc.1819.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://kbhjpc.1819.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:23:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Aug 2019 08:49:52 GMT
Server
nginx
ETag
W/"5d53cb30-16bb3"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 07 Oct 2021 17:23:14 GMT
jquery.md5.js
kbhjpc.1819.ca/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://kbhjpc.1819.ca/js/jquery.md5.js
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Server
152.32.234.129 Los Angeles, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kbhjpc.1819.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://kbhjpc.1819.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:23:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Jun 2011 23:34:58 GMT
Server
nginx
ETag
W/"4df54d22-2586"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 07 Oct 2021 17:23:14 GMT
vidbg.js
kbhjpc.1819.ca/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://kbhjpc.1819.ca/js/vidbg.js?v=13
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Server
152.32.234.129 Los Angeles, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
33f4afb3ba3f2441412f86113b4ac68dd58376cab86ca8c26c6f68e907210ccd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kbhjpc.1819.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://kbhjpc.1819.ca/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:23:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 05:40:00 GMT
Server
nginx
ETag
W/"614d64b0-2bc4"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 07 Oct 2021 17:23:14 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pOXrf4mgSy0FhLg64/AN0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 05:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-pOXrf4mgSy0FhLg64/AN0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Thu, 07 Oct 2021 05:22:04 GMT
sound1.mp3
kbhj.duolefun.com/images/ 		41 KB
41 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://kbhj.duolefun.com/images/sound1.mp3
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.32.151.41 Reston, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b76109a2cb66123519bd1ac0dceeb584f630403de753888e3dc245685e6d571a

Request headers

Referer
http://kbhjpc.1819.ca/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 07 Oct 2021 05:22:04 GMT
Last-Modified
Fri, 24 Sep 2021 02:25:24 GMT
Server
nginx/1.16.1
ETag
"614d3714-a2e6"
Content-Type
audio/mpeg
Content-Range
bytes 0-41701/41702
Cache-Control
max-age=2592000
Connection
keep-alive
Content-Length
41702
Expires
Sat, 06 Nov 2021 05:22:04 GMT
newbg2.mp4
kbhj.duolefun.com/images/
Redirect Chain
  • http://kbhj.duolefun.com/images/newbg2.mp4?v=1
  • https://kbhj.duolefun.com/images/newbg2.mp4?v=1
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.32.151.41 Reston, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:22:05 GMT
Last-Modified
Wed, 29 Sep 2021 09:26:53 GMT
Server
nginx/1.16.1
ETag
"6154315d-396686"
Content-Type
video/mp4
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3761798

Redirect headers

Location
https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Date
Thu, 07 Oct 2021 05:22:05 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
newbg2.mp4
kbhj.duolefun.com/images/
Redirect Chain
  • http://kbhj.duolefun.com/images/newbg2.mp4?v=1
  • https://kbhj.duolefun.com/images/newbg2.mp4?v=1
80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.32.151.41 Reston, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 05:22:05 GMT
Last-Modified
Wed, 29 Sep 2021 09:26:53 GMT
Server
nginx/1.16.1
ETag
"6154315d-396686"
Content-Type
video/mp4
Content-Range
bytes 0-3761797/3761798
Connection
keep-alive
Content-Length
3761798

Redirect headers

Location
https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Date
Thu, 07 Oct 2021 05:22:05 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
newbg2.mp4
kbhj.duolefun.com/images/ 		26 KB
26 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.32.151.41 Reston, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
437746f78edfd4d41974478f0b074d9fe32a55a067c16fce2a99aa4c4b320e37

Request headers

Referer
http://kbhjpc.1819.ca/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=3735552-

Response headers

Date
Thu, 07 Oct 2021 05:22:05 GMT
Last-Modified
Wed, 29 Sep 2021 09:26:53 GMT
Server
nginx/1.16.1
ETag
"6154315d-396686"
Content-Type
video/mp4
Content-Range
bytes 3735552-3761797/3761798
Connection
keep-alive
Content-Length
26246
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 22:42:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34990
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sun, 02 Oct 2022 22:42:08 GMT
iframe
accounts.google.com/o/oauth2/ Frame E1B3 		512 B
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.45 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f13.1e100.net
Software
ESF /
Resource Hash
9346ba4258978610102245d3c94158a7b61d035353d2dd769b14498d74a7cb35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zxnDVrjzZP53JIkPZYIbyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://kbhjpc.1819.ca/
accept-encoding
gzip, deflate, br
cookie
NID=511=YH2aUtjGoUu0j7b94x_gSx5Xa-kXE7uklk79s5eR66iVf3rP1hXY9_IMplh56TTK952t70wQR5ag4CR8MUuCCQ-t6B6zieC9ItjheHrHvGOUErjOOftVuZbDkZM66TxLTMpiKMEZ5PB2TmFvef4c_rWBN6lUYx6o3JpXLzFkv2c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://kbhjpc.1819.ca/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 07 Oct 2021 05:22:06 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-zxnDVrjzZP53JIkPZYIbyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
newbg2.mp4
kbhj.duolefun.com/images/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://kbhj.duolefun.com/images/newbg2.mp4?v=1
Requested by
Host: kbhjpc.1819.ca
URL: http://kbhjpc.1819.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.32.151.41 Reston, United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
http://kbhjpc.1819.ca/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

Date
Thu, 07 Oct 2021 05:22:06 GMT
Last-Modified
Wed, 29 Sep 2021 09:26:53 GMT
Server
nginx/1.16.1
ETag
"6154315d-396686"
Content-Type
video/mp4
Content-Range
bytes 65536-3761797/3761798
Connection
keep-alive
Content-Length
3696262
314319633-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame E1B3 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/314319633-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
fc045e89c97ebbb9db23cf4f70b29e1a7f01f8af8cae5e601c4bc766738ff197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 13:17:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40205
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 02:13:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Thu, 06 Oct 2022 13:17:50 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame E1B3 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=http%3A%2F%2Fkbhjpc.1819.ca&client_id=324744501487-6b057i4b6bf43uvhfplf0tm4vlu59htu.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/314319633-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.45 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f13.1e100.net
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 05:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 07 Oct 2021 06:22:06 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| regfnc function| google_login function| attachSignin object| jQuery1102037159410980683405 object| gapi object| ___jsl object| osapi object| auth2

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=YH2aUtjGoUu0j7b94x_gSx5Xa-kXE7uklk79s5eR66iVf3rP1hXY9_IMplh56TTK952t70wQR5ag4CR8MUuCCQ-t6B6zieC9ItjheHrHvGOUErjOOftVuZbDkZM66TxLTMpiKMEZ5PB2TmFvef4c_rWBN6lUYx6o3JpXLzFkv2c
.kbhjpc.1819.ca/ Name: G_ENABLED_IDPS
Value: google