urlscan.io logo urlscan.io
SecurityTrails logo

l9rt.xyz Open in urlscan Pro
2606:50c0:8001::153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l9rt.xyz/
Effective URL: https://l9rt.xyz/
Submission: On May 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 10 HTTP transactions. The main IP is 2606:50c0:8001::153, located in United States and belongs to FASTLY, US. The main domain is l9rt.xyz.
TLS certificate: Issued by R3 on May 6th 2024. Valid for: 3 months.
This is the only time l9rt.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:50c0:800... 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 78.159.114.6 28753 (LEASEWEB-...)
1 144.76.109.178 24940 (HETZNER-AS)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
10 7
4    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
l9rt.xyz
1    2606:4700:4400::6812:2640 (United States)

ASN13335 (CLOUDFLARENET, US)
i.pinimg.com
1    78.159.114.6 (Leipzig, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
www.pngall.com
1    144.76.109.178 (Hamm, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.109.76.144.clients.your-server.de
www.freeiconspng.com
1    2a04:4e42:400::810 (United States)

ASN54113 (FASTLY, US)
open.spotify.com
1    2606:4700:3038::6815:eb2e (United States)

ASN13335 (CLOUDFLARENET, US)
www.wallpaperflare.com
Apex Domain
Subdomains		 Transfer
4 l9rt.xyz
l9rt.xyz
9 KB
1 wallpaperflare.com
www.wallpaperflare.com — Cisco Umbrella Rank: 188392
323 KB
1 spotify.com
open.spotify.com — Cisco Umbrella Rank: 2936
1 freeiconspng.com
www.freeiconspng.com — Cisco Umbrella Rank: 137565
19 KB
1 pngall.com
www.pngall.com — Cisco Umbrella Rank: 103760
24 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1942
1 MB
0 worldtimeapi.org Failed
worldtimeapi.org Failed
10 7
Domain Requested by
4 l9rt.xyz l9rt.xyz
1 www.wallpaperflare.com l9rt.xyz
1 open.spotify.com l9rt.xyz
1 www.freeiconspng.com l9rt.xyz
1 www.pngall.com l9rt.xyz
1 i.pinimg.com l9rt.xyz
0 worldtimeapi.org Failed l9rt.xyz
10 7

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
l9rt.xyz
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh
*.pinimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-09 -
2024-07-09		 a year crt.sh
www.pngall.com
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
freeiconspng.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-12 -
2025-03-13		 a year crt.sh
open.spotify.com
Certainly Intermediate R1		 2024-05-02 -
2024-06-01		 a month crt.sh
wallpaperflare.com
E1		 2024-04-29 -
2024-07-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://l9rt.xyz/
Frame ID: 249B87CB1AF464AC8BED5720C646C5D7
Requests: 9 HTTP requests in this frame

Frame: https://open.spotify.com/embed/playlist/1jhIn68SS1GtBme408NWa3
Frame ID: 05A487CDE6D2018996CDD6696E5F766D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Na0mi's Garden

Page URL History Show full URLs

  1. http://l9rt.xyz/ HTTP 307
    https://l9rt.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

10
Requests

90 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1519 kB
Transfer

1524 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l9rt.xyz/ HTTP 307
    https://l9rt.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
l9rt.xyz/
Redirect Chain
  • http://l9rt.xyz/
  • https://l9rt.xyz/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
c997db73dc16d43f10b56e07dda68f5db69e0b2c23fe8d2954d9190754439490

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
1006
content-type
text/html; charset=utf-8
date
Mon, 06 May 2024 20:10:53 GMT
etag
W/"6638fd11-8f6"
expires
Mon, 06 May 2024 20:20:53 GMT
last-modified
Mon, 06 May 2024 15:53:53 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
e3977a386aa4853fce89cad199e54050e7d9d1ac
x-github-request-id
97F0:38D071:5A0823B:5C7548E:6639394D
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230022-FRA
x-timer
S1715026253.457133,VS0,VE105

Redirect headers

Location
https://l9rt.xyz/
Non-Authoritative-Reason
HttpsUpgrades
styles.css
l9rt.xyz/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l9rt.xyz/styles.css
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
6f98319dc3110e4719841bd1ec3b9d48611c34be1b8c56eda13e71835f747990

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
8e45d0bea02e93ef020d7983f4c5ec2eae91ea5e
date
Mon, 06 May 2024 20:10:53 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
999
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 06 May 2024 15:53:53 GMT
server
GitHub.com
x-github-request-id
C992:10B6E7:2039096:211B06C:6639394D
x-timer
S1715026254.573638,VS0,VE113
etag
W/"6638fd11-c74"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Mon, 06 May 2024 20:20:53 GMT
2383a2ca06088993c0e00a82700259e7.gif
i.pinimg.com/originals/23/83/a2/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/23/83/a2/2383a2ca06088993c0e00a82700259e7.gif
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94afb78f7abff5ad35cd9bc6c5eb112618e3a18a7a15e8298e4cf86c47f7f57

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 20:10:53 GMT
x-cdn
cloudflare
server
cloudflare
etag
"c43d81eca45fb8ccf7a5a255ffd56156"
edge-start
1715026253607
vary
Origin, Accept-Encoding
content-type
image/gif
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
87fb9dc50f4771d1-FRA
alt-svc
h3=":443"; ma=600
content-length
1169704
origin-latency
41
Discord-Logo-PNG-Images.png
www.pngall.com/wp-content/uploads/13/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngall.com/wp-content/uploads/13/Discord-Logo-PNG-Images.png
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.159.114.6 Leipzig, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
37d16fd453d7dd8e9bf6825e8cfcebf58fe456988d18c6d710eede388961d290
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 20:10:53 GMT
strict-transport-security
max-age=15552000;
x-protect
ByREV WP-PICShield , HOTLINK Defence
server
nginx/1.14.0 (Ubuntu)
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/png
cache-control
no-cache, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
info-icon--6.png
www.freeiconspng.com/thumbs/information-icon/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freeiconspng.com/thumbs/information-icon/info-icon--6.png
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.109.178 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.109.76.144.clients.your-server.de
Software
nginx /
Resource Hash
4f6a5145086b17c6656d673da65ca5d7f0fb24a5a95d3396878de78702f7c0c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 20:10:53 GMT
last-modified
Mon, 06 Jul 2020 17:11:42 GMT
server
nginx
etag
"4a6c-5a9c8f7f2ef80"
content-type
image/png
cache-control
max-age=3600, no-cache, must-revalidate
accept-ranges
bytes
content-length
19052
expires
Mon, 06 May 2024 21:10:53 GMT
script.js
l9rt.xyz/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l9rt.xyz/script.js
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
9352ccada56e70f745b3b29f0b475677e55eb99bd09914e504ec70306132a173

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
efc49d441d08a03178498d946b6a4a720f54e77c
date
Mon, 06 May 2024 20:10:53 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
836
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 06 May 2024 15:53:53 GMT
server
GitHub.com
x-github-request-id
3832:38D071:5A08259:5C754AD:6639394C
x-timer
S1715026254.586775,VS0,VE100
etag
W/"6638fd11-95a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Mon, 06 May 2024 20:20:53 GMT
1jhIn68SS1GtBme408NWa3
open.spotify.com/embed/playlist/ Frame 05A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://open.spotify.com/embed/playlist/1jhIn68SS1GtBme408NWa3
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::810 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy / Next.js
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://l9rt.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
critical-origin-trial
Tpcd
date
Mon, 06 May 2024 20:10:53 GMT
etag
"f8piiealn26k5"
origin-trial
AjTBCzHiqtNU3PxD6GL8VpVl68/SfxkZJuLQbbyvSNj6/o9VuhZ5EPb/2dTYqi+Mot0AD6XOHBeIatAwEt4lAQcAAABOeyJvcmlnaW4iOiJodHRwczovL29wZW4uc3BvdGlmeS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
server
envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
HTTP/1.1 fringe, HTTP/2 edgeproxy, 1.1 google, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-envoy-upstream-service-time
123
x-powered-by
Next.js
x-served-by
cache-fra-eddf8230065-FRA, cache-fra-eddf8230065-FRA
x-timer
S1715026254.616274,VS0,VE159
Brussels
worldtimeapi.org/api/timezone/Europe/ 		0
0
ultra-wide-photography-space-art-blue-wallpaper.jpg
www.wallpaperflare.com/static/885/649/176/ 		322 KB
323 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wallpaperflare.com/static/885/649/176/ultra-wide-photography-space-art-blue-wallpaper.jpg
Requested by
Host: l9rt.xyz
URL: https://l9rt.xyz/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477a93cc592365ab6eb2cd3c116042b1319188452afc0158b631f70eefb07708

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 20:10:53 GMT
cf-cache-status
MISS
last-modified
Thu, 10 Jan 2019 06:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c36e1f8-50855"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUgx6sG8STO4lnxyo%2FMclEOeXyD3ox12Z1EmE8AKGtc5QvKLu4qSCpurvRGB4HCT7v8mwbboZE8vPp4xFU4%2BeDLcBV4Rj8G004pA%2BWanfK4k3CqdJ2Z9STLlZ1yjpr86jE53jEP77Y9Xck%2F8hlZOXHW7t%2Blk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
87fb9dc6ed044d5b-FRA
alt-svc
h3=":443"; ma=86400
content-length
329813
expires
Thu, 01 May 2025 20:10:53 GMT
favicon.ico
l9rt.xyz/ 		9 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://l9rt.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://l9rt.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
07042467069d51213f65a9f4ef8fdb3c447f9078
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
via
1.1 varnish
date
Mon, 06 May 2024 20:10:54 GMT
age
0
x-cache
MISS
x-cache-hits
0
content-length
5254
x-served-by
cache-fra-eddf8230022-FRA
server
GitHub.com
x-github-request-id
DFCC:17F4B9:21F605E:22E18C7:6639394E
x-timer
S1715026254.421311,VS0,VE109
etag
W/"64d39a40-24a3"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-proxy-cache
MISS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
worldtimeapi.org
URL
http://worldtimeapi.org/api/timezone/Europe/Brussels

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| updateTimeFromAPI function| dragElement function| openAboutMe function| closeAboutMe

2 Cookies

Domain/Path Name / Value
.spotify.com/ Name: sp_t
Value: 779d80d6da6482b3a3dc6c82f186d688
.spotify.com/ Name: sp_landing
Value: https%3A%2F%2Fl9rt.xyz%2F%3Fsp_cid%3D779d80d6da6482b3a3dc6c82f186d688%26device%3Ddesktop

7 Console Messages

Source Level URL
Text
security error URL: https://l9rt.xyz/script.js(Line 5)
Message:
Mixed Content: The page at 'https://l9rt.xyz/' was loaded over HTTPS, but requested an insecure resource 'http://worldtimeapi.org/api/timezone/Europe/Brussels'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://l9rt.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://l9rt.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://l9rt.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://l9rt.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://l9rt.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://l9rt.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()