Report - koyso.to/game/380?l=schinese

Report Overview

Visited public
2025-07-15 03:47:34
Tags
Submit Tags
URL
koyso.to/game/380?l=schinese
Finishing URL
koyso.to/game/380?l=schinese
IP / ASN
104.26.13.32
#13335 CLOUDFLARENET
Title
警察模拟器: 巡警下载

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
koyso.to	unknown	unknown	2025-05-23	2025-07-12	1.9 kB	242 kB	104.26.13.32
shared.cdn.queniuqe.com	unknown	2021-04-08	2024-10-18	2025-07-02	507 B	6.9 kB	222.73.33.13
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-07-09	429 B	398 kB	142.250.74.168
usrpubtrk.com	unknown	2025-06-16	2025-06-17	2025-07-08	477 B	522 B	104.21.92.33
youradexchange.com	273384	2012-11-09	2013-02-04	2025-07-11	1.9 kB	1.5 kB	104.18.25.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-14	medium	usrpubtrk.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	koyso.to/static/js/abcd.js	ScriptElement	2.2 kB	2025-07-03	2025-07-18
Pretty URL koyso.to/static/js/abcd.js IP 104.26.13.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-03 01:19 Last Seen2025-07-18 23:55 Times Seen10 Hash f590086b3dea9a4d8aefa0007a5ed42f bc58ca53c163966c687860664a9d768a795bc1de cf86d9c1aa2077086b5e137347167fd30f2a0010652b0ac0c258c8cf072be06d Loading...

	koyso.to/aclib.js	ScriptElement	197 kB	2025-07-15	2025-07-15
Pretty URL koyso.to/aclib.js IP 104.26.13.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-15 03:47 Last Seen2025-07-15 03:47 Times Seen1 Hash b949f2b29c0ca15dffe5b6d81ecea9e0 dbba9f7d0f6b658e899383e69035c22eec58eaaf f90df39febbeda58b68bc59628aefad490af3973c6dc2b8d5f535c4ccf010469 Loading...

	www.googletagmanager.com/gtag/js?id=G-0321FYBZZC	ScriptElement	396 kB	2025-07-15	2025-07-15
Pretty URL www.googletagmanager.com/gtag/js?id=G-0321FYBZZC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-15 03:47 Last Seen2025-07-15 03:47 Times Seen1 Hash c06e19df43a11f104d8b3ca1f0771ad0 ecffc30dd9bea8621aa6ad436a0caab5b0e7df67 ba4ab1799e585425f72a418f28c4336b4ab06bae2445715c1270be0929d5f6f5 Loading...

	koyso.to/game/380?l=schinese	ScriptElement	3.6 kB	2025-07-15	2025-07-15
Pretty URL koyso.to/game/380?l=schinese IP 104.26.13.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-15 03:47 Last Seen2025-07-15 03:47 Times Seen1 Hash 31bdbc60bfc07812f63d3ad543e70dea 5491af3180823271c0bfec32356e77115e0d1412 4d8d556e585e7062aefd1f7116c256a3ddddc385158ff37062b3ac3b88f87c18 Loading...

	koyso.to/game/380?l=schinese	ScriptElement	430 B	2024-09-19	2025-07-18
Pretty URL koyso.to/game/380?l=schinese IP 104.26.13.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 21:24 Last Seen2025-07-18 23:55 Times Seen29 Hash c210da1d4e1df27470ce192876c34d61 210d8a79bc576b5582ffd7e05c745b3fe2883cbf 8e155c8d4e6cc5d76ee0644659f9710d81171981088e68b62d0ad866afb5d381 Loading...

	koyso.to/game/380?l=schinese	ScriptElement	209 B	2024-09-19	2025-07-18
Pretty URL koyso.to/game/380?l=schinese IP 104.26.13.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 21:24 Last Seen2025-07-18 23:55 Times Seen29 Hash a7650e598383d8473f7979c336348f48 c8e44e27ce02a7e1307d7c5a3bb6785b7316dcbe bd91255be249893e309c9e18ea21f3f3fda5ce1a0aaad0caa87663b15f35f97d Loading...

	koyso.to/game/380?l=schinese	ScriptElement	36 B	2024-09-19	2025-07-18
Pretty URL koyso.to/game/380?l=schinese IP 104.26.13.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 21:24 Last Seen2025-07-18 23:55 Times Seen29 Hash 33c4e7708aeed4a84ada2662e383fac7 84e2ae09b47ac79c542f73c1898d7f9935984a4c e233738b76367e05d990c2d3d16079d662e9c01b77fae77f8af6cdfeebfe9e44 Loading...

HTTP Transactions (8)

URL IP Response Size

POST usrpubtrk.com/ut/hb.php?cb=0.47878828651245897&v=1

104.21.92.33

204 No Content

0 B

URL POST
usrpubtrk.com/ut/hb.php?cb=0.47878828651245897&v=1
IP
104.21.92.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGoogle Trust Services
Subjectusrpubtrk.com
Fingerprint73:D3:CF:85:0F:63:93:DD:FC:EC:C6:A5:AD:25:E8:9F:46:71:26:ED
ValidityMon, 16 Jun 2025 11:32:07 GMT - Sun, 14 Sep 2025 12:30:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /ut/hb.php?cb=0.47878828651245897&v=1 HTTP/1.1
Host: usrpubtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1932
Origin: https://koyso.to
DNT: 1
Connection: keep-alive
Referer: https://koyso.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Tue, 15 Jul 2025 03:47:14 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MdODELNiUUuYko47vq50UjI6F5VuDsGRLOsOXzHdi44O3bcn2yuSHYY%2FiLF8dFVdMa5OoCmAfp1i5buTBkC6jFGLmXgA4KpWkE0C"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 95f647006ac1b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET youradexchange.com/script/suurl5.php?r=8024870&cbur=0.17332688428373844&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=%E8%AD%A6%E5%AF%9F%E6%A8%A1%E6%8B%9F%E5%99%A8%3A%20%E5%B7%A1%E8%AD%A6%20%E4%B8%8B%E8%BD%BD&cbpage=https%3A%2F%2Fkoyso.to%2Fgame%2F380%3Fl%3Dschinese&cbref=&cbdescription=%E6%B2%A1%E6%9C%89%E9%80%9F%E5%BA%A6%E9%99%90%E5%88%B6%2C%E7%AB%8B%E5%8D%B3%E4%B8%8B%E8%BD%BD%20%7C%20%E6%AC%A2%E8%BF%8E%E6%9D%A5%E5%88%B0Brighton%EF%BC%81%E5%8A%A0%E5%85%A5%E8%BF%99%E5%BA%A7%E8%99%9A%E6%9E%84%E7%BE%8E%E5%9B%BD%E5%9F%8E%E5%B8%82%E7%9A%84%E8%AD%A6%E9%98%9F%EF%BC%8C%E4%BD%93%E9%AA%8C%E8%AD%A6%E5%AE%98%E7%9A%84%E6%97%A5%E5%B8%B8%E7%94%9F%E6%B4%BB%E3%80%82%E4%BB%8E%E6%8C%87%E6%8E%A7%E8%BF%9D%E6%B3%95%E8%A1%8C%E4%B8%BA%E5%92%8C%E7%AD%BE%E5%8F%91%E8%BF%9D%E8%A7%84%E5%81%9C%E8%BD%A6%E7%BD%9A%E5%8D%95%E5%81%9A%E8%B5%B7%EF%BC%8C%E7%84%B6%E5%90%8E%E9%80%9A%E8%BF%87%E5%8A%AA%E5%8A%9B%E9%80%90%E6%B8%90%E6%89%BF%E6%8B%85%E8%B5%B7%E6%9B%B4%E5%A4%9A%E8%B4%A3%E4%BB%BB%E3%80%82%E6%88%90%E4%B8%BABrighton%E7%A4%BE%E5%8C%BA%E7%9A%84%E4%B8%80%E5%91%98%EF%BC%8C%E4%BA%86%E8%A7%A3%E9%82%BB%E9%87%8C%E5%85%B3%E7%B3%BB%E5%B9%B6%E5%A4%84%E7%90%86%E6%97%A5%E5%B8%B8%E8%AD%A6%E5%8A%A1%E5%B7%A5%E4%BD%9C%EF%BC%8C%E4%BB%A5%E4%BE%BF%E5%9C%A8%E5%BD%93%E5%80%BC%E6%9C%9F&cbkeywords=%E8%AD%A6%E5%AF%9F%E6%A8%A1%E6%8B%9F%E5%99%A8%3A%20%E5%B7%A1%E8%AD%A6&cbcdn=qapdututycwyj.store&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1752551234525&srs=63eb87ac31e56943f5b8a0dc097e52e6&atv=62.4&abtg=1&adbv=3-cdn-js

104.18.25.98

200 OK

1.1 kB

URL GET
youradexchange.com/script/suurl5.php?r=8024870&cbur=0.17332688428373844&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=%E8%AD%A6%E5%AF%9F%E6%A8%A1%E6%8B%9F%E5%99%A8%3A%20%E5%B7%A1%E8%AD%A6%20%E4%B8%8B%E8%BD%BD&cbpage=https%3A%2F%2Fkoyso.to%2Fgame%2F380%3Fl%3Dschinese&cbref=&cbdescription=%E6%B2%A1%E6%9C%89%E9%80%9F%E5%BA%A6%E9%99%90%E5%88%B6%2C%E7%AB%8B%E5%8D%B3%E4%B8%8B%E8%BD%BD%20%7C%20%E6%AC%A2%E8%BF%8E%E6%9D%A5%E5%88%B0Brighton%EF%BC%81%E5%8A%A0%E5%85%A5%E8%BF%99%E5%BA%A7%E8%99%9A%E6%9E%84%E7%BE%8E%E5%9B%BD%E5%9F%8E%E5%B8%82%E7%9A%84%E8%AD%A6%E9%98%9F%EF%BC%8C%E4%BD%93%E9%AA%8C%E8%AD%A6%E5%AE%98%E7%9A%84%E6%97%A5%E5%B8%B8%E7%94%9F%E6%B4%BB%E3%80%82%E4%BB%8E%E6%8C%87%E6%8E%A7%E8%BF%9D%E6%B3%95%E8%A1%8C%E4%B8%BA%E5%92%8C%E7%AD%BE%E5%8F%91%E8%BF%9D%E8%A7%84%E5%81%9C%E8%BD%A6%E7%BD%9A%E5%8D%95%E5%81%9A%E8%B5%B7%EF%BC%8C%E7%84%B6%E5%90%8E%E9%80%9A%E8%BF%87%E5%8A%AA%E5%8A%9B%E9%80%90%E6%B8%90%E6%89%BF%E6%8B%85%E8%B5%B7%E6%9B%B4%E5%A4%9A%E8%B4%A3%E4%BB%BB%E3%80%82%E6%88%90%E4%B8%BABrighton%E7%A4%BE%E5%8C%BA%E7%9A%84%E4%B8%80%E5%91%98%EF%BC%8C%E4%BA%86%E8%A7%A3%E9%82%BB%E9%87%8C%E5%85%B3%E7%B3%BB%E5%B9%B6%E5%A4%84%E7%90%86%E6%97%A5%E5%B8%B8%E8%AD%A6%E5%8A%A1%E5%B7%A5%E4%BD%9C%EF%BC%8C%E4%BB%A5%E4%BE%BF%E5%9C%A8%E5%BD%93%E5%80%BC%E6%9C%9F&cbkeywords=%E8%AD%A6%E5%AF%9F%E6%A8%A1%E6%8B%9F%E5%99%A8%3A%20%E5%B7%A1%E8%AD%A6&cbcdn=qapdututycwyj.store&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1752551234525&srs=63eb87ac31e56943f5b8a0dc097e52e6&atv=62.4&abtg=1&adbv=3-cdn-js
IP
104.18.25.98:443
ASN
#13335 CLOUDFLARENET

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint5D:6F:35:ED:36:A9:D9:F7:69:BE:71:FD:6E:3A:C4:28:3D:88:9D:58
ValiditySun, 01 Jun 2025 20:52:12 GMT - Sat, 30 Aug 2025 21:51:56 GMT

File type
JSON text data
Size
1.1 kB (1146 bytes)
Hash
16447346405d8a1b48e99aaf0efb20ad
5b781d1967f7390fbc540932af21d342a2de47ad
17393fe277a8b890e7ad95d636a4614dfa123b94b6cb6962d33e0c2ca0d1828b

HTTP Headers

GET /script/suurl5.php?r=8024870&cbur=0.17332688428373844&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=%E8%AD%A6%E5%AF%9F%E6%A8%A1%E6%8B%9F%E5%99%A8%3A%20%E5%B7%A1%E8%AD%A6%20%E4%B8%8B%E8%BD%BD&cbpage=https%3A%2F%2Fkoyso.to%2Fgame%2F380%3Fl%3Dschinese&cbref=&cbdescription=%E6%B2%A1%E6%9C%89%E9%80%9F%E5%BA%A6%E9%99%90%E5%88%B6%2C%E7%AB%8B%E5%8D%B3%E4%B8%8B%E8%BD%BD%20%7C%20%E6%AC%A2%E8%BF%8E%E6%9D%A5%E5%88%B0Brighton%EF%BC%81%E5%8A%A0%E5%85%A5%E8%BF%99%E5%BA%A7%E8%99%9A%E6%9E%84%E7%BE%8E%E5%9B%BD%E5%9F%8E%E5%B8%82%E7%9A%84%E8%AD%A6%E9%98%9F%EF%BC%8C%E4%BD%93%E9%AA%8C%E8%AD%A6%E5%AE%98%E7%9A%84%E6%97%A5%E5%B8%B8%E7%94%9F%E6%B4%BB%E3%80%82%E4%BB%8E%E6%8C%87%E6%8E%A7%E8%BF%9D%E6%B3%95%E8%A1%8C%E4%B8%BA%E5%92%8C%E7%AD%BE%E5%8F%91%E8%BF%9D%E8%A7%84%E5%81%9C%E8%BD%A6%E7%BD%9A%E5%8D%95%E5%81%9A%E8%B5%B7%EF%BC%8C%E7%84%B6%E5%90%8E%E9%80%9A%E8%BF%87%E5%8A%AA%E5%8A%9B%E9%80%90%E6%B8%90%E6%89%BF%E6%8B%85%E8%B5%B7%E6%9B%B4%E5%A4%9A%E8%B4%A3%E4%BB%BB%E3%80%82%E6%88%90%E4%B8%BABrighton%E7%A4%BE%E5%8C%BA%E7%9A%84%E4%B8%80%E5%91%98%EF%BC%8C%E4%BA%86%E8%A7%A3%E9%82%BB%E9%87%8C%E5%85%B3%E7%B3%BB%E5%B9%B6%E5%A4%84%E7%90%86%E6%97%A5%E5%B8%B8%E8%AD%A6%E5%8A%A1%E5%B7%A5%E4%BD%9C%EF%BC%8C%E4%BB%A5%E4%BE%BF%E5%9C%A8%E5%BD%93%E5%80%BC%E6%9C%9F&cbkeywords=%E8%AD%A6%E5%AF%9F%E6%A8%A1%E6%8B%9F%E5%99%A8%3A%20%E5%B7%A1%E8%AD%A6&cbcdn=qapdututycwyj.store&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1752551234525&srs=63eb87ac31e56943f5b8a0dc097e52e6&atv=62.4&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://koyso.to/
Origin: https://koyso.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Jul 2025 03:47:14 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
server: cloudflare
cf-ray: 95f64700af340b31-OSL
X-Firefox-Spdy: h2

GET koyso.to/game/380?l=schinese

104.26.13.32

200 OK

22 kB

URL User Request GET
koyso.to/game/380?l=schinese
IP
104.26.13.32:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectkoyso.to
Fingerprint7E:BE:8D:F1:46:2C:99:8C:24:5A:14:90:2A:B9:45:B6:23:B4:CC:7B
ValidityTue, 08 Jul 2025 20:31:01 GMT - Mon, 06 Oct 2025 21:30:50 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6061), with CRLF line terminators
Size
22 kB (22179 bytes)
Hash
46b0bd4c55418edae1b5cfa1c2e14c16
5b5f45f8a89064742e90d88bb0151b2fadcae859
c865049464e10099124a4226aac542b8933656a5a86a44650d1b32f409ca402b

HTTP Headers

GET /game/380?l=schinese HTTP/1.1
Host: koyso.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Jul 2025 03:47:12 GMT
content-type: text/html; charset=utf-8
content-encoding: br
cache-control: public, max-age=7200
cf-cache-status: MISS
last-modified: Tue, 15 Jul 2025 03:47:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmhaTCOxiw%2FCy3Ol5k46%2Bc9EL1cGQgTwU4JuUgf%2BzzuNYEie7fOXUoVx2A1Rdo5p3TNC6eJnz%2FeIxQ1F2FljETcGTYKGA7Cpjafg%2BNdGkAdo%2B3B3sOF9IfjP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie
server: cloudflare
cf-ray: 95f646f01c83b4ff-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5661&min_rtt=434&rtt_var=10427&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3189&recv_bytes=1134&delivery_rate=8196226&cwnd=253&unsent_bytes=0&cid=97217c903c716161&ts=195&x=0"
X-Firefox-Spdy: h2

GET shared.cdn.queniuqe.com/store_item_assets/steam/apps/997010/extras/Take-Up-The-Badge-Gif.gif?t=1694696759

222.73.33.13

200 OK

6.2 kB

URL GET
shared.cdn.queniuqe.com/store_item_assets/steam/apps/997010/extras/Take-Up-The-Badge-Gif.gif?t=1694696759
IP
222.73.33.13:443
ASN
#4812 China Telecom Group

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGlobalSign nv-sa
Subject*.queniuam.com
Fingerprint2B:C6:46:8C:C2:A6:56:93:58:07:AE:5A:3F:A5:9D:CE:96:0C:F7:78
ValidityMon, 30 Jun 2025 03:26:07 GMT - Sat, 01 Aug 2026 03:26:06 GMT

File type
GIF image data, version 89a, 615 x 173
Size
6.2 kB (6185 bytes)
Hash
665857841b564117722d25c254ff979a
2e1586f877586ea7f727d4b870be27cf6fa49d51
098316ee299cc27abed9c190e607341494a4d8bcc9c4a1fd0e9be6515a211336

HTTP Headers

GET /store_item_assets/steam/apps/997010/extras/Take-Up-The-Badge-Gif.gif?t=1694696759 HTTP/1.1
Host: shared.cdn.queniuqe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://koyso.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6185
date: Fri, 04 Apr 2025 21:06:08 GMT
last-modified: Tue, 21 Sep 2021 10:24:55 GMT
etag: "6149b2f7-1829"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
accept-ranges: bytes
via: cache49.l2cn8000[0,0,200-0,H], cache63.l2cn8000[1,0], vcache2.cn5626[0,0,200-0,H], vcache25.cn5626[2,0]
age: 8750466
ali-swift-global-savetime: 1743800768
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 02 Jun 2025 13:38:53 GMT
x-swift-cachetime: 397045022
timing-allow-origin: *
eagleid: de49212d17525512341131471e
X-Firefox-Spdy: h2

GET koyso.to/static/picture/logo_u.ico

104.26.13.32

200 OK

17 kB

URL GET
koyso.to/static/picture/logo_u.ico
IP
104.26.13.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGoogle Trust Services
Subjectkoyso.to
Fingerprint7E:BE:8D:F1:46:2C:99:8C:24:5A:14:90:2A:B9:45:B6:23:B4:CC:7B
ValidityTue, 08 Jul 2025 20:31:01 GMT - Mon, 06 Oct 2025 21:30:50 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
2859a84fc9df683d0ed472d8a0b793ec
5d5757a782c4f99054900fa1551f7ac3aa6dd8e0
58b9e6f6ac137e3f029e43ee6214cd9f601bf7ada3b62c6f0cb061e75af589df

HTTP Headers

GET /static/picture/logo_u.ico HTTP/1.1
Host: koyso.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://koyso.to/game/380?l=schinese
Cookie: key=NBQEah#h@6qHr7T!k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 03:47:12 GMT
content-type: image/x-icon
content-encoding: br
last-modified: Sun, 17 Nov 2024 22:41:22 GMT
etag: W/"673a7112-423e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkmERX9v9LHSUzTjX1VKDZx%2FXgegG4UBkqGB4y45DUYFu2Q5aTHkRvoBhezzuSAbLwKR71CQBYd1V0imX9iXxW0BbES%2FV5HXlCD%2Fk8BsDt57%2F63%2ByUSoDwHH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 95f646f469b90b06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4265&min_rtt=1379&rtt_var=2578&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4186&recv_bytes=1233&delivery_rate=661434&cwnd=12000&unsent_bytes=0&cid=f7ce8e618a931b28&ts=692&x=1", cfExtPri, cfHdrFlush;dur=0

GET koyso.to/aclib.js

104.26.13.32

200 OK

197 kB

URL GET
koyso.to/aclib.js
IP
104.26.13.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGoogle Trust Services
Subjectkoyso.to
Fingerprint7E:BE:8D:F1:46:2C:99:8C:24:5A:14:90:2A:B9:45:B6:23:B4:CC:7B
ValidityTue, 08 Jul 2025 20:31:01 GMT - Mon, 06 Oct 2025 21:30:50 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (47506), with NEL line terminators
Size
197 kB (196943 bytes)
Hash
b949f2b29c0ca15dffe5b6d81ecea9e0
dbba9f7d0f6b658e899383e69035c22eec58eaaf
f90df39febbeda58b68bc59628aefad490af3973c6dc2b8d5f535c4ccf010469

HTTP Headers

GET /aclib.js HTTP/1.1
Host: koyso.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://koyso.to/game/380?l=schinese
Cookie: key=NBQEah#h@6qHr7T!k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 03:47:14 GMT
content-type: application/javascript
content-encoding: br
last-modified: Mon, 14 Jul 2025 23:00:01 GMT
etag: W/"68758bf1-3014f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 13831
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0Afd1gOBB8c%2FSnSpJkqAgJCUNobQJoacaW3%2BuvTVhZpJDsJKE5AqhtZLo%2BSNxHuKloxN0MMPecLNkK7xskwxMTTnLcwYoVN9oQ%2B594UaKk31P%2Bbk%2FVB22Ff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 95f646fefcd30b06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3922&min_rtt=1379&rtt_var=2621&sent=18&recv=10&lost=0&retrans=0&sent_bytes=6508&recv_bytes=1547&delivery_rate=1118528&cwnd=12000&unsent_bytes=0&cid=f7ce8e618a931b28&ts=2223&x=1", cfExtPri, cfHdrFlush;dur=0

GET koyso.to/static/js/abcd.js

104.26.13.32

200 OK

2.2 kB

URL GET
koyso.to/static/js/abcd.js
IP
104.26.13.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGoogle Trust Services
Subjectkoyso.to
Fingerprint7E:BE:8D:F1:46:2C:99:8C:24:5A:14:90:2A:B9:45:B6:23:B4:CC:7B
ValidityTue, 08 Jul 2025 20:31:01 GMT - Mon, 06 Oct 2025 21:30:50 GMT

File type
JavaScript source, ASCII text, with very long lines (2249), with no line terminators
Size
2.2 kB (2249 bytes)
Hash
f590086b3dea9a4d8aefa0007a5ed42f
bc58ca53c163966c687860664a9d768a795bc1de
cf86d9c1aa2077086b5e137347167fd30f2a0010652b0ac0c258c8cf072be06d

HTTP Headers

GET /static/js/abcd.js HTTP/1.1
Host: koyso.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://koyso.to/game/380?l=schinese
Cookie: key=NBQEah#h@6qHr7T!k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Jul 2025 03:47:14 GMT
content-type: application/javascript
content-encoding: br
last-modified: Mon, 30 Jun 2025 19:49:20 GMT
etag: W/"6862ea40-8c9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzenOtd%2BWR%2BmeUlOwLk1PwesD5o3GytweWpU2i6tOm8S4aHE9ZRqBGM%2BDgffbgpeLucLpr1zUdCdE65X2D20hD3qMDzdCGLIBGA39sLLu%2B5Y8UW%2BhXy3VtXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 95f646ff1cd80b06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2686&min_rtt=963&rtt_var=2088&sent=69&recv=16&lost=0&retrans=0&sent_bytes=64256&recv_bytes=2045&delivery_rate=20838369&cwnd=48000&unsent_bytes=0&cid=f7ce8e618a931b28&ts=2387&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.googletagmanager.com/gtag/js?id=G-0321FYBZZC

142.250.74.168

200 OK

396 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-0321FYBZZC
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://koyso.to/game/380?l=schinese
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint3A:12:37:38:16:E5:9F:51:4E:B7:1D:5F:1F:C0:84:BB:92:EA:9E:20
ValidityMon, 23 Jun 2025 08:40:16 GMT - Mon, 15 Sep 2025 08:40:15 GMT

File type
JavaScript source, ASCII text, with very long lines (6004)
Size
396 kB (396522 bytes)
Hash
c06e19df43a11f104d8b3ca1f0771ad0
ecffc30dd9bea8621aa6ad436a0caab5b0e7df67
ba4ab1799e585425f72a418f28c4336b4ab06bae2445715c1270be0929d5f6f5

HTTP Headers

GET /gtag/js?id=G-0321FYBZZC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://koyso.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Jul 2025 03:47:14 GMT
expires: Tue, 15 Jul 2025 03:47:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 132331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL POST

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash