urlscan.io logo urlscan.io
SecurityTrails logo

perkscat.com Open in urlscan Pro
23.250.10.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://datong-gov.com/h4vzX5o4HIoM
Effective URL: http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
Submission: On September 24 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 7 HTTP transactions. The main IP is 23.250.10.112, located in Stoney Creek, Canada and belongs to SERVER-MANIA, CA. The main domain is perkscat.com.
This is the only time perkscat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 23.250.10.112 55286 (SERVER-MANIA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.102.231.170 15169 (GOOGLE)
7 5
2    2606:4700:3032::681f:44fb (United States)

ASN13335 (CLOUDFLARENET, US)
datong-gov.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    23.250.10.112 (Stoney Creek, Canada)

ASN55286 (SERVER-MANIA, CA)
perkscat.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.102.231.170 (United States)

ASN15169 (GOOGLE, US)
PTR: 170.231.102.34.bc.googleusercontent.com
www.lgljmp.com
Domain Requested by
2 www.lgljmp.com 1 redirects perkscat.com
2 perkscat.com datong-gov.com
perkscat.com
2 datong-gov.com code.jquery.com
1 www.googletagmanager.com perkscat.com
1 code.jquery.com datong-gov.com
7 5

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
lgljmp.com
Go Daddy Secure Certificate Authority - G2		 2019-11-19 -
2021-01-18		 a year crt.sh

This page contains 1 frames:

Frame: https://www.lgljmp.com/2XL7R2S/8ZK7GQ/?__rpt=0&__po=160&__ptid=85928ccc36594904872d32396039b560&__rpa=0&__rc=1&sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=&sub5=&source_id=&__pcd=9
Frame ID: 549F8788F1E3D31D7AFCCBF132BF6CDA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://datong-gov.com/h4vzX5o4HIoM Page URL
  2. http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

7
Requests

29 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

67 kB
Transfer

168 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://datong-gov.com/h4vzX5o4HIoM Page URL
  2. http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.lgljmp.com/2XL7R2S/8X6BQ5/?sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4= HTTP 302
  • https://www.lgljmp.com/2XL7R2S/8ZK7GQ/?__rpt=0&__po=160&__ptid=85928ccc36594904872d32396039b560&__rpa=0&__rc=1&sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=&sub5=&source_id=&__pcd=9

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set h4vzX5o4HIoM
datong-gov.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://datong-gov.com/h4vzX5o4HIoM
Protocol
HTTP/1.1
Server
2606:4700:3032::681f:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6de9ea738ae81311042dcd825b0acc8a61e800ac0c1ee2713731c96620a49a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
datong-gov.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 18:05:40 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7dc25210c2b539dcf68a3b5173be0cb21600970737; expires=Sat, 24-Oct-20 18:05:37 GMT; path=/; domain=.datong-gov.com; HttpOnly; SameSite=Lax a=100669; expires=Fri, 24-Sep-2021 18:05:40 GMT; Max-Age=31536000; Path=/ t=h4vzX5o4HIoM; expires=Fri, 24-Sep-2021 18:05:40 GMT; Max-Age=31536000; Path=/
X-Frame-Options
SAMEORIGIN
CF-Cache-Status
DYNAMIC
cf-request-id
0562e3e0cf0000643d4ea87200000001
Server
cloudflare
CF-RAY
5d7e6f47bef2643d-FRA
Content-Encoding
gzip
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: datong-gov.com
URL: http://datong-gov.com/h4vzX5o4HIoM
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
http://datong-gov.com/h4vzX5o4HIoM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 18:05:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2015 16:20:58 GMT
Server
nginx
ETag
W/"553fb36a-176d5"
Vary
Accept-Encoding
X-HW
1600970741.dop103.fr8.t,1600970741.cds127.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33261
/
datong-gov.com/ajax_post/ 		66 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://datong-gov.com/ajax_post/
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Server
2606:4700:3032::681f:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://datong-gov.com/h4vzX5o4HIoM
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 18:05:42 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5d7e6f5bcfd5643d-FRA
cf-request-id
0562e3ed5c0000643d4eaf7200000001
Primary Request /
perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
Requested by
Host: datong-gov.com
URL: http://datong-gov.com/h4vzX5o4HIoM
Protocol
HTTP/1.1
Server
23.250.10.112 Stoney Creek, Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx /
Resource Hash
ef33327da2cece0bf3ad02a17f59ab267b438b9e6d54afede6289ab6c81c6fa2

Request headers

Host
perkscat.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://datong-gov.com/h4vzX5o4HIoM
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://datong-gov.com/h4vzX5o4HIoM

Response headers

Server
nginx
Date
Thu, 24 Sep 2020 18:10:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: perkscat.com
URL: http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62751266f28c62b3a3fcee15dacd5f4c560bda80f4cfdb87564cb595a4189e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 18:05:42 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26817
x-xss-protection
0
expires
Thu, 24 Sep 2020 18:05:42 GMT
index.php
perkscat.com/ 		229 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://perkscat.com/index.php
Requested by
Host: perkscat.com
URL: http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
Protocol
HTTP/1.1
Server
23.250.10.112 Stoney Creek, Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx /
Resource Hash
53523ece9533703bde4d8c37011e30856cb5b59d102b4dfc0d2d1ee34631fdf9

Request headers

Referer
http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 24 Sep 2020 18:10:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
www.lgljmp.com/2XL7R2S/8ZK7GQ/
Redirect Chain
  • https://www.lgljmp.com/2XL7R2S/8X6BQ5/?sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=
  • https://www.lgljmp.com/2XL7R2S/8ZK7GQ/?__rpt=0&__po=160&__ptid=85928ccc36594904872d32396039b560&__rpa=0&__rc=1&sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=&sub5=&source_id=&__...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lgljmp.com/2XL7R2S/8ZK7GQ/?__rpt=0&__po=160&__ptid=85928ccc36594904872d32396039b560&__rpa=0&__rc=1&sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=&sub5=&source_id=&__pcd=9
Requested by
Host: perkscat.com
URL: http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.231.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.231.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
www.lgljmp.com
:scheme
https
:path
/2XL7R2S/8ZK7GQ/?__rpt=0&__po=160&__ptid=85928ccc36594904872d32396039b560&__rpa=0&__rc=1&sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=&sub5=&source_id=&__pcd=9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uniqueClick_8X6BQ5=607fd88c-31b4-4ddf-a6c2-b7fd3012d68c:1600970743
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://perkscat.com/a95cd37924f6a83d75cc21c1b512d8a65/?sid3=100669

Response headers

status
204
server
nginx
date
Thu, 24 Sep 2020 18:05:43 GMT
vary
Origin
x-eflow-request-id
26701ec4-6539-46aa-ae3b-5b5204465306
via
1.1 google
alt-svc
clear

Redirect headers

status
302
server
nginx
date
Thu, 24 Sep 2020 18:05:43 GMT
content-type
text/html; charset=utf-8
content-length
269
location
https://www.lgljmp.com/2XL7R2S/8ZK7GQ/?__rpt=0&__po=160&__ptid=85928ccc36594904872d32396039b560&__rpa=0&__rc=1&sub1=101113&sub2=900a2825e324e6372cd67863a4679597&sub3=27127&sub4=&sub5=&source_id=&__pcd=9
set-cookie
uniqueClick_8X6BQ5=607fd88c-31b4-4ddf-a6c2-b7fd3012d68c:1600970743; Path=/; Expires=Sat, 24 Oct 2020 18:05:43 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
291aad66-5deb-4d4c-8bd4-f4865744e09f
via
1.1 google
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer function| isTouchDevice boolean| errFirefox object| var_params string| na function| get_ad_block function| emulate_device_support object| http string| _timezone string| url object| params object| google_tag_manager

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN