urlscan.io logo urlscan.io
SecurityTrails logo

lxiiijrks.online Open in urlscan Pro
104.21.4.81  Public Scan

Go To Rescan Add Verdict Report
URL: https://lxiiijrks.online/
Submission: On December 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 104.21.4.81, located in and belongs to CLOUDFLARENET, US. The main domain is lxiiijrks.online.
TLS certificate: Issued by E1 on December 7th 2023. Valid for: 3 months.
This is the only time lxiiijrks.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 104.21.4.81 13335 (CLOUDFLAR...)
1 142.250.176.200 15169 (GOOGLE)
1 172.217.13.194 15169 (GOOGLE)
1 142.251.35.164 15169 (GOOGLE)
8 4
Apex Domain
Subdomains		 Transfer
5 lxiiijrks.online
lxiiijrks.online
239 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
80 KB
8 4
Domain Requested by
5 lxiiijrks.online lxiiijrks.online
1 www.google.com lxiiijrks.online
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com lxiiijrks.online
8 4

This site contains links to these domains. Also see Links.

Domain
telegram.org
Subject Issuer Validity Valid
lxiiijrks.online
E1		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lxiiijrks.online/
Frame ID: 029E1625B45CBFA227E755C91988C725
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Telegram

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

322 kB
Transfer

629 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lxiiijrks.online/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
844acf815d0d60cc500d851b22e0f2d5baee1de37d52b71d09fab6be380f301f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
831ef4cfba3343af-EWR
content-encoding
br
content-type
text/html
date
Thu, 07 Dec 2023 18:50:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTrpsljlUT2IkkTErzwQkzIHaP0SC%2ByGFskv3QOWa9IsIwXqqJioFl%2BEF%2FxvMa4jWLwXOU09ezFkZC81aK8Lp8uCeqZwnUtx6j7ObKMXPY5M92G5ZgfMKuRJmXMDjQxAz%2BGe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
bootstrap.min.css
lxiiijrks.online/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lxiiijrks.online/css/bootstrap.min.css
Requested by
Host: lxiiijrks.online
URL: https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:50:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:24:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6571e3b5-22688"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRnAL1%2FxaU8Ob969bRXndYI3v8LoECWlbouFarYzZ1txj3WfCq0hnzY%2FAIUHDVOe3dz1Qr5gQq9qSyTOenGyEd6uB49NK6ZEv6h6X8LlP4MyDuf0WZ9jmAuN%2BbhIyod3LmjP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
831ef4d1dc9a43af-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Dec 2023 18:50:48 GMT
detect.js
lxiiijrks.online/css/ 		50 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lxiiijrks.online/css/detect.js
Requested by
Host: lxiiijrks.online
URL: https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960ad722b0d4191078a1128123a26c4c3e45e4250b20657a32ed193b9553d0a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:50:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:24:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6571e3b5-c630"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMyKKSkir077W%2BUdN68EwC%2FVWqpv90KIVBQFkQ5ITfgyuc1msUld3edsoVUHLO5L2GYr%2B4MBsg%2FxZtHflOAifXneTA1ixeyTCyhwak%2FVA4f8JtMVTN9gRS6Ucj8Z8N%2BlaYKz"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
831ef4d1dc9c43af-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Dec 2023 18:50:48 GMT
LogoBig_1x.png
lxiiijrks.online/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lxiiijrks.online/img/LogoBig_1x.png
Requested by
Host: lxiiijrks.online
URL: https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb14dc217f7f5ac7104b4838132dd370e1b808f7df6ccb4fdfd0227de5159bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:50:48 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6571e3b4-663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk9YHsw1q6jVq%2BE%2FBJk3%2Fjql%2FPI3wzFIfuM%2FCflwknXGWLpztA3I011avUqTbjoTld0YW7ppBFvxcWmoTO77Hauls1x%2BOwgapc36YMDxCCqJBVrCSpawhpTw7JREv0zR0VFV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
831ef4d1dc9d43af-EWR
alt-svc
h3=":443"; ma=86400
content-length
1635
expires
Sat, 06 Jan 2024 18:50:48 GMT
logo.png
lxiiijrks.online/img/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lxiiijrks.online/img/logo.png
Requested by
Host: lxiiijrks.online
URL: https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f09e12821b37df9a8e441d40fad6e1b4682ac977ddce209b07b7fdae1f90e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:50:48 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6571e3b4-32ddc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hC1ySdAv4GSwjPlbuDNJkZcjVd2Kkxub%2BaZg6tK4OV0IgpDTgE%2Fk0FuoewZqvM5edR02jhpvx0iC%2BPMGEik3cgy7LLYqO%2BQdClSAutRKvvKS2KDS%2B7beo6IGCk7%2B5VPQaEf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
831ef4d1dc9e43af-EWR
alt-svc
h3=":443"; ma=86400
content-length
208348
expires
Sat, 06 Jan 2024 18:50:48 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11308145338
Requested by
Host: lxiiijrks.online
URL: https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
19b7dafc298ada921f5ac846a2c25f6adf15f129d308edee31e5f858fd5f75dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:50:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81851
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Dec 2023 18:50:48 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11308145338/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11308145338/?random=1701975048776&cv=11&fst=1701975048776&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Flxiiijrks.online%2F&hn=www.googleadservices.com&frm=0&tiba=Telegram&auid=1717858336.1701975049&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11308145338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
35822f1a262a5f9ab1499ddd71276e264d889e715171538bddb3aa678bdb48c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:50:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1227
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11308145338/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11308145338/?random=1701975048776&cv=11&fst=1701972000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Flxiiijrks.online%2F&frm=0&tiba=Telegram&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNSsS5SVlKjRlcAxh-wPrHs9XnN81lGQ&random=911851688&rmt_tld=0&ipr=y
Requested by
Host: lxiiijrks.online
URL: https://lxiiijrks.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lxiiijrks.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:50:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| forEach function| detect object| user string| dlink function| gtag object| dataLayer function| gtag_report_conversion object| google_tag_manager object| google_tag_data object| GooglebQhCsO

2 Cookies

Domain/Path Name / Value
.lxiiijrks.online/ Name: _gcl_au
Value: 1.1.1717858336.1701975049
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission