xlooynx.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 104.21.48.218, located in and belongs to CLOUDFLARENET, US. The main domain is xlooynx.com.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.

This is the only time xlooynx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.137.111 15.197.137.111	16509 (AMAZON-02) (AMAZON-02)
2 8	104.21.48.218 104.21.48.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2

1 15.197.137.111 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aba0842b8980f9efc.awsglobalaccelerator.com

rebrand.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.48.218 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

xlooynx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	xlooynx.com 2 redirects xlooynx.com	18 KB
1	rebrand.ly 1 redirects rebrand.ly — Cisco Umbrella Rank: 29158	160 B
7	2

	Domain	Requested by
8	xlooynx.com	2 redirects xlooynx.com
1	rebrand.ly	1 redirects
7	2

This site contains no links.

Subject Issuer	Validity	Valid
xlooynx.com GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://xlooynx.com/nrdd
Frame ID: 2A56175487FB087FEC14AE1EDC5113CC
Requests: 3 HTTP requests in this frame

Frame: https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 40F5D92CB0DBD90BE999EFFFC3E1FF63
Requests: 2 HTTP requests in this frame

Frame: https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: D3F609BA382E22573A057A60E355C267
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

https://rebrand.ly/91b324 HTTP 301
https://xlooynx.com/nrdd Page URL
https://xlooynx.com/nrdd Page URL

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

18 kB
Transfer

23 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rebrand.ly/91b324 HTTP 301
https://xlooynx.com/nrdd Page URL
https://xlooynx.com/nrdd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://rebrand.ly/91b324 HTTP 301
https://xlooynx.com/nrdd

Request Chain 2

https://xlooynx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 4

https://xlooynx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

nrdd Show response
xlooynx.com/
Redirect Chain

https://rebrand.ly/91b324
https://xlooynx.com/nrdd

7 KB
8 KB

709ms
210ms

Document
text/html

104.21.48.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xlooynx.com/nrdd

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.21.48.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67b7a2096dc041eab0a97426f21513a67b967833e52c092480fc62c950134ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8443876d8fb7b50b-OSL
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 07:01:35 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7njNKPckajhOsk5tCxoqihsiu4XED5uBxocRokzcJ%2BjZ5pZjDr43U13gAZJ2l1Inm1tVrHhOPGXy%2FYab4FWqkl7nJs8jVymO252v4Xaavr4uCceFNtsOIKdINWsnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

cache-control: no-cache, no-store
content-length: 0
date: Fri, 12 Jan 2024 07:01:34 GMT
engine: Rebrandly.redirect, version 2.1
expires: -1
location: https://xlooynx.com/nrdd
strict-transport-security: max-age=15552000

POST
H2 204 nrdd
xlooynx.com/ 0
705 B 353ms
352ms XHR
text/plain 104.21.48.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xlooynx.com/nrdd

Requested by

Host: xlooynx.com
URL: https://xlooynx.com/nrdd

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.21.48.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

8VRFVhpg6ohbWKrNZu8IRVvDR3U: 31252135
X-Requested-TimeStamp-Expire
accept-language: fi-FI,fi;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Referer: https://xlooynx.com/nrdd
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp
r9SQ5cVT6ICk2y6I7fBO-BX2kUs: 6rPEF7H6i0fHn6vuypwdcWfnl8Q

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 07:01:35 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Tb55nAYT5Y5F9rQr%2BLqwYHmqW5DE9z8BlsnQ7XEAee4qLoROerbI4CFCcFLIIYUqoE7gb0Yzl1kORs0p%2BLDPfESzqLxPRPCWh3i8h8U4lrq%2Fc5KYadn4TiksPZTaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8443876f18cbb50b-OSL
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H2

200

main.js
xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 40F5
Redirect Chain

https://xlooynx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

267ms
267ms

Script
application/javascript

104.21.48.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Protocol

H2

Server

104.21.48.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lB1u0SSHptG4%2B5rD7DgvmornPJgZkCf7rjjhcPX%2FaBt7hMsXTN2pumWsuEOuU54fwCn2DKE3DVvIyIl0dydBbjbn4mglwcttRMhaUV44joWcDJQ2lZHz2gTbNDkCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 844387700a44b50b-OSL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 12 Jan 2024 07:01:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FiYTo4EPQQ3a85iTF8chD9vkydGONDD3uIxy00TFPUpPPr7%2BltslQFU8UjytSRa0KBhPI%2BAYOBmgWE0dbd9tU9k%2BXp5iiyZ%2FUClwW68gou8%2FLsIuiOBe1LhOY300g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 8443876f38ddb50b-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 403 Primary Request nrdd Show response
xlooynx.com/ 2 KB
949 B 140ms
138ms Document
text/html 104.21.48.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xlooynx.com/nrdd

Requested by

Host: xlooynx.com
URL: https://xlooynx.com/nrdd

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.21.48.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fceff9d924bcbd7f4bf8484f7f21dacc5c11a103d45a4aec2f36602977b264

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://xlooynx.com/nrdd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844387717bd8b50b-OSL
content-encoding: br
content-type: text/html
date: Fri, 12 Jan 2024 07:01:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FArQUNvtq%2B2sgg%2BCxQH0DIVUjvmPxmDd8fJEV3LFJtq1Cv2yJjlmJn35kSUe1n27kRNpIz1Kl9OsOQOB6Hs6rlMxpQB1%2FexnQ27LVm7YUO6pnhsCPrdfoEr9mhdHWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block

POST 8443876d8fb7b50b
xlooynx.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 40F5 0
0

GET
H2

200

main.js Show response
xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame D3F6
Redirect Chain

https://xlooynx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

128ms
127ms

Script
application/javascript

104.21.48.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xlooynx.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Protocol

H2

Server

104.21.48.218 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3449756d05d7e6cd3495b0592124652900133419348bb431235731d1cdecae37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BwEXlGPsa2GoSurEckOdoN0USJ7XcvgOirQv82JLeEotxk2ptUCAI%2FBhU99as6zqKNs4M5isW%2BIyTQRBtYnlbKeKYY1st8G%2BcQmjV8R9e4MtV%2BwyCB9i2Ruu%2FaxoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 844387737d7bb50b-OSL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 12 Jan 2024 07:01:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvXt%2FqCx8xOBI%2BCGgSOZXhmjOuqsCt3Zd2b9AuS%2FxuoPed2q7BNENENY4z2mNVTaB%2BjyPQDWadosuF%2FjU9uU776sFcyy9fPau2W%2B8HSm21coSaqgSZrP2O698A1XFA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 84438772ace4b50b-OSL
alt-svc: h3=":443"; ma=86400

POST
H2 200 844387717bd8b50b Show response
xlooynx.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D3F6 0
445 B 82ms
81ms XHR
text/plain 104.21.48.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlooynx.com/cdn-cgi/challenge-platform/h/b/jsd/r/844387717bd8b50b
Requested by: Host: xlooynx.com
URL: https://xlooynx.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.218 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 07:01:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV5Y%2FbgGXEXP7HbB8VNCDiU2LTG8pgOWmvWcgR0QP8IMcrBEmi7gFYsPpEqEeZM4irHlH4VIQBHpbLB15aDvtZEJ5C6TBDTtL9UrOXtxiwHg7cQmQEdMXpiijM6CXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 844387746e24b50b-OSL
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xlooynx.com
URL: https://xlooynx.com/cdn-cgi/challenge-platform/h/b/jsd/r/8443876d8fb7b50b

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xlooynx.com/	1970-01-20 17:38:49	Name: _HImXjSpzS6HF8dvBDjsQI7puQY Value: h5ze15fcgEfc6B7ib-fJRdIPmC8
xlooynx.com/	1970-01-20 17:38:49	Name: _2Gyg8NH6Ht2_rC_vCq1j0-YBDE Value: 1705042887
xlooynx.com/	1970-01-20 17:38:49	Name: oQz1lBs-KJTbEFcohFu9VlZy9d4 Value: 1705129287
xlooynx.com/	1970-01-20 17:38:49	Name: 5Y2K4jVsqKtMHv_xi5u_KZmr0JA Value: _pWRhMqqHRQTXCvDDzGpxO1_Zac
xlooynx.com/	1970-01-20 17:38:49	Name: RaAel8w0Iux6WX_kGvMQxTUsde4 Value: oJCH61Gt4sGZWPENh7ZDsdo3Wa0
xlooynx.com/	1970-01-20 17:38:49	Name: orqCP8dXErb966YopbrqVO93cBo Value: 46AERmVScm1cr8AH_3_7dF-AtaI
xlooynx.com/	1970-01-20 17:38:49	Name: JFOoBYilgk8h0cMNInuQocSKJ2M Value: 1705042895
xlooynx.com/	1970-01-20 17:38:49	Name: hwlQKKjFKIFewsvCS6CJ3IOK1bg Value: 1705129295
xlooynx.com/	1970-01-20 17:38:49	Name: JfpTsguTmKmIJk5b8ezakI_MvIg Value: bHv9tZAtRn6bVAdtuDHo6KvvyGc
xlooynx.com/	1970-01-20 17:38:49	Name: anUTYnEN99Lk1PR4yVDRuyYv2es Value: DyMxOZEDn_aR83rg22WGra7GG0Q
.xlooynx.com/	1970-01-21 02:22:58	Name: cf_clearance Value: ZfADLBsR25mWOdqFGG59cdFqe_MWMNUjMWadVWp8GNs-1705042896-0-2-14914d64.3d505b08.43901284-0.2.1705042896

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xlooynx.com/nrdd Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://xlooynx.com/nrdd Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rebrand.ly
xlooynx.com
xlooynx.com
104.21.48.218
15.197.137.111
3449756d05d7e6cd3495b0592124652900133419348bb431235731d1cdecae37
67b7a2096dc041eab0a97426f21513a67b967833e52c092480fc62c950134ad6
87fceff9d924bcbd7f4bf8484f7f21dacc5c11a103d45a4aec2f36602977b264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

xlooynx.com Open in urlscan Pro 104.21.48.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

57 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

18 kBTransfer

23 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

11 Cookies

2 Console Messages

Security Headers

Indicators

xlooynx.com Open in urlscan Pro
104.21.48.218 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

18 kB
Transfer

23 kB
Size

11
Cookies

7 HTTP transactions
0 data transactions