cerimaxwin.xyz Open in urlscan Pro
162.0.209.240 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cerimaxwin.xyz/
Submission: On April 04 via api (April 4th 2024, 4:16:08 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 12 HTTP transactions. The main IP is 162.0.209.240, located in United States and belongs to NAMECHEAP-NET, US. The main domain is cerimaxwin.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 4th 2024. Valid for: a year.

This is the only time cerimaxwin.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	162.0.209.240 162.0.209.240	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
4	172.67.128.74 172.67.128.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	5

4 162.0.209.240 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business99-3.web-hosting.com

cerimaxwin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.128.74 (United States)

ASN13335 (CLOUDFLARENET, US)

rtpgacorcipit888.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	rtpgacorcipit888.pro rtpgacorcipit888.pro	50 KB
4	cerimaxwin.xyz cerimaxwin.xyz	304 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	70 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	274 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 332	25 KB
12	5

	Domain	Requested by
4	rtpgacorcipit888.pro	cerimaxwin.xyz
4	cerimaxwin.xyz	cerimaxwin.xyz
2	connect.facebook.net	cerimaxwin.xyz connect.facebook.net
1	www.facebook.com	cerimaxwin.xyz
1	cdn.jsdelivr.net	cerimaxwin.xyz
12	5

This site contains no links.

Subject Issuer	Validity	Valid
cerimaxwin.xyz Sectigo RSA Domain Validation Secure Server CA	`2024-04-04` - `2025-04-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
rtpgacorcipit888.pro GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-12` - `2024-04-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cerimaxwin.xyz/
Frame ID: 762D48F85F92A3502C66FA2894C6E8B2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daftar

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

450 kB
Transfer

788 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cerimaxwin.xyz/ 15 KB
4 KB 958ms
715ms Document
text/html 162.0.209.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cerimaxwin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business99-3.web-hosting.com
Software: LiteSpeed / PHP/8.0.30
Resource Hash: f83bd2d2e075a17c6688d8a9d843ca852ac84dee2d577bcdbdcea655e059fafb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-length: 3976
content-type: text/html; charset=UTF-8
date: Thu, 04 Apr 2024 16:16:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 93ms
30ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
Origin: https://cerimaxwin.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Apr 2024 16:16:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2427932
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-nyc-kteb1890064-NYC
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo.png
cerimaxwin.xyz/ 59 KB
60 KB 172ms
170ms Image
image/png 162.0.209.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cerimaxwin.xyz/logo.png
Requested by: Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business99-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c9912ccd912f4912ec5c853264d9a2d100f87aa2c2cf7e6215745f2def2cf96f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:16:00 GMT
last-modified: Thu, 04 Apr 2024 14:19:59 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 60914
expires: Thu, 11 Apr 2024 16:16:00 GMT

GET
H3 200 gates-of-olympus.jpg
rtpgacorcipit888.pro/assets/imgs/gacor/pragmaticplay/ 14 KB
15 KB 556ms
228ms Image
image/jpeg 172.67.128.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtpgacorcipit888.pro/assets/imgs/gacor/pragmaticplay/gates-of-olympus.jpg
Requested by: Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c23f1ac60f17d62b6b4792be068e222369eb47c82af2c9333eaaa35798e57d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:16:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 20:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mR04aVMpuT7MXAKU5WtVN%2F7QKXACYc9KGVkTV3WecSpzFTZSgdQE7a81e5ij%2FCQtcpWddaRQCK%2Bqxr09WVKvdxu84wMAjB20ved7dSmTobtVuA5uHgMeV%2BnlVzZir4CmO2iWu8BDZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f299b68b8c6aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14369
expires: Thu, 11 Apr 2024 16:16:01 GMT

GET
H3 200 starlight-princess.jpg
rtpgacorcipit888.pro/assets/imgs/gacor/pragmaticplay/ 12 KB
13 KB 386ms
163ms Image
image/jpeg 172.67.128.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtpgacorcipit888.pro/assets/imgs/gacor/pragmaticplay/starlight-princess.jpg
Requested by: Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9bdc5b6da25ae55c3afaec34285375d3cc2dc4b435d29951aa1210aaa9fd5c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:16:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 20:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSrTSOJOUH4M5vJ2GMIb2OZ2rCTOEEx8EYBMsQN8ItCLCdfSmyXoaCxbEkA3kfCtiIG8H1rKWJhCT%2F%2Fx8Ui2zj7znO5ZPc3J6ZagnL5hn7GzkKGRNUd0Q3jp7oteh%2B%2FpYuHUDK%2BFRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f299b68b8e6aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 12666
expires: Thu, 11 Apr 2024 16:16:01 GMT

GET
H3 200 sweet-bonanza-xmas.jpg
rtpgacorcipit888.pro/assets/imgs/gacor/pragmaticplay/ 11 KB
11 KB 405ms
182ms Image
image/jpeg 172.67.128.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtpgacorcipit888.pro/assets/imgs/gacor/pragmaticplay/sweet-bonanza-xmas.jpg
Requested by: Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7d12763e54d3ec78acaddd86509e78c5c3c14ae871b89349b9b6b0b60bd29f5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:16:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 20:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XN%2B9vzQNRBh%2Feaa4B6Cw1VIzu4Ey3IV7N%2Fmpt93G4n0FRtJD65TZhtH0ilmwtU6A62aO2av%2FERrg3hGp6LRzH%2F%2BFD%2FN3D2eMx1KO0leEMm3eetnoOqSJ%2BZbeq5HSYjrMQWAO4cOJ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f299b68b8d6aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 11105
expires: Thu, 11 Apr 2024 16:16:01 GMT

GET
H3 200 mahjong-ways.jpg
rtpgacorcipit888.pro/assets/imgs/gacor/pgsoft/ 11 KB
11 KB 404ms
182ms Image
image/jpeg 172.67.128.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtpgacorcipit888.pro/assets/imgs/gacor/pgsoft/mahjong-ways.jpg
Requested by: Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe84c73e3d42df69d717f98847c25fea33140ada638d43554f6b809f5dc54dbe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:16:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 20:22:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJ0hCqus0HL9YGBMP12ONGly0hB3OXiB%2FkhXTpq%2F9sVtieTjbiMp8qZG%2B20dh6fRuQfdPSvhc0RUfTrNGVLALVM%2F%2F54HR79YbFoePwRUAPYurMMEL92nA5DkIl8H1H0lLFmtPPd6Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86f299b68b8b6aee-BUF
alt-svc: h3=":443"; ma=86400
content-length: 11170
expires: Thu, 11 Apr 2024 16:16:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 259ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Apr 2024 16:16:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1294, tbw=2775, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: KMSHWkgsyXCqjws/xz6Qsrzjh0pGDHy9ZXvwyKyh4kqfHx6dLEGuRzVwJyMnJ3Qzp+KTTojb6QDj1/G5qz3TyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 background.jpeg
cerimaxwin.xyz/ 238 KB
239 KB 149ms
148ms Image
image/jpeg 162.0.209.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cerimaxwin.xyz/background.jpeg
Requested by: Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business99-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1e5086d95a18ce3b1c8cd718ed426f2eccf85a54eb2649c4c21599460cd7203f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 16:16:00 GMT
last-modified: Thu, 04 Apr 2024 14:18:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 244123
expires: Thu, 11 Apr 2024 16:16:00 GMT

GET
H2 200 1779514679234969 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 84ms
83ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1779514679234969?v=2.9.151&r=stable&domain=cerimaxwin.xyz&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5133af1260d634e9a3299dcf88eb4ce8f0b575e5330ae89f305f7dc78def06c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Apr 2024 16:16:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=63, mss=1294, tbw=63220, tp=-1, tpl=-1, uplat=47, ullat=0
pragma: public
x-fb-debug: zZId0GMphhUf+hUISZdlXC46rINDwb9fRvwdJ9QNUksKR8gqUp48bMJOnEwLHiCm9RsbJuJTqj8nlIWtpfGsXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 110ms
36ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1779514679234969&ev=PageView&dl=https%3A%2F%2Fcerimaxwin.xyz%2F&rl=&if=false&ts=1712247361277&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712247361275.880206975&ler=empty&cdl=API_unavailable&it=1712247361164&coo=false&rqm=GET

Requested by

Host: cerimaxwin.xyz
URL: https://cerimaxwin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1294, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Apr 2024 16:16:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 404 favicon.ico
cerimaxwin.xyz/ 1 KB
1 KB 109ms
108ms Other
text/html 162.0.209.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cerimaxwin.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business99-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cerimaxwin.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 16:16:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1251
content-type: text/html

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cerimaxwin.xyz/	1970-01-20 21:47:03	Name: _fbp Value: fb.1.1712247361275.880206975

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://cerimaxwin.xyz/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://cerimaxwin.xyz/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://connect.facebook.net/signals/config/1779514679234969?v=2.9.151&r=stable&domain=cerimaxwin.xyz&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cerimaxwin.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cerimaxwin.xyz
connect.facebook.net
rtpgacorcipit888.pro
www.facebook.com
162.0.209.240
172.67.128.74
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:200::485
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
1e5086d95a18ce3b1c8cd718ed426f2eccf85a54eb2649c4c21599460cd7203f
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
55c23f1ac60f17d62b6b4792be068e222369eb47c82af2c9333eaaa35798e57d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
9b9bdc5b6da25ae55c3afaec34285375d3cc2dc4b435d29951aa1210aaa9fd5c
b7d12763e54d3ec78acaddd86509e78c5c3c14ae871b89349b9b6b0b60bd29f5
c9912ccd912f4912ec5c853264d9a2d100f87aa2c2cf7e6215745f2def2cf96f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5133af1260d634e9a3299dcf88eb4ce8f0b575e5330ae89f305f7dc78def06c
f83bd2d2e075a17c6688d8a9d843ca852ac84dee2d577bcdbdcea655e059fafb
fe84c73e3d42df69d717f98847c25fea33140ada638d43554f6b809f5dc54dbe

cerimaxwin.xyz Open in urlscan Pro 162.0.209.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

450 kBTransfer

788 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

cerimaxwin.xyz Open in urlscan Pro
162.0.209.240 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

450 kB
Transfer

788 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions