urlscan.io logo urlscan.io
SecurityTrails logo

hxsn.xyz Open in urlscan Pro
2606:4700:3033::6815:103f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://avoprema.me/G1CU
Effective URL: https://hxsn.xyz/golden
Submission: On January 25 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3033::6815:103f, located in United States and belongs to CLOUDFLARENET, US. The main domain is hxsn.xyz.
TLS certificate: Issued by GTS CA 1P5 on January 16th 2024. Valid for: 3 months.
This is the only time hxsn.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 37.48.106.204 60781 (LEASEWEB-...)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
8 hxsn.xyz
hxsn.xyz
19 KB
1 avoprema.me
avoprema.me
244 B
7 2
Domain Requested by
8 hxsn.xyz 2 redirects hxsn.xyz
1 avoprema.me 1 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
hxsn.xyz
GTS CA 1P5		 2024-01-16 -
2024-04-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://hxsn.xyz/golden
Frame ID: 5A5ECCAD4CA56888B8D11FBB37DBE58D
Requests: 3 HTTP requests in this frame

Frame: https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: EBFD25443FA4AEBBCED2C5126E82B696
Requests: 2 HTTP requests in this frame

Frame: https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 6B11E6F95FCD15DA450643088C2550EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://avoprema.me/G1CU HTTP 301
    https://hxsn.xyz/golden Page URL
  2. https://hxsn.xyz/golden Page URL

Page Statistics

7
Requests

57 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

18 kB
Transfer

23 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://avoprema.me/G1CU HTTP 301
    https://hxsn.xyz/golden Page URL
  2. https://hxsn.xyz/golden Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://avoprema.me/G1CU HTTP 301
  • https://hxsn.xyz/golden
Request Chain 2
  • https://hxsn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 4
  • https://hxsn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
golden
hxsn.xyz/
Redirect Chain
  • http://avoprema.me/G1CU
  • https://hxsn.xyz/golden
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hxsn.xyz/golden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:103f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1d816f60636658f305aa7b6f0e60b8169e6145380f11d791d3e03596384062
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
84ae02530f40b8f1-AMS
content-type
text/html; charset=utf-8
date
Thu, 25 Jan 2024 05:10:19 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9n8okiRpPgGHgtWqBvHVqvWk0Zhe4FWkNzyM%2FG3s7Q%2FpzzejVKQKGgrLb3be4FMkTN1nfbiYQCHWydtnmFHCzfWA7lNXNkNwUGdJsTufCqUw%2FzgIfq0rAsa7JSwcy6b5FL98C0EWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 25 Jan 2024 05:10:18 GMT
Keep-Alive
timeout=1, max=120
Location
https://hxsn.xyz/golden
Server
Apache
golden
hxsn.xyz/ 		0
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hxsn.xyz/golden
Requested by
Host: hxsn.xyz
URL: https://hxsn.xyz/golden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:103f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

g9Tkt3ILyASW5tAJvRT3lis9Ns8
0a-bm1G8GNX7aMYG00cuz2XbUO0
X-Requested-TimeStamp-Expire
MiX3QLbPE4VRD7xdZWav34jO5o
44252148
accept-language
nl-NL,nl;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Referer
https://hxsn.xyz/golden
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 05:10:19 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJAOFSccvQSB2OavFktBnvvbBxJbDWWgvVJEb8l5sAIaDxwDU2e767z6fE9RNZIeIA%2FDgZ34OtQjG%2BHyIHoXxzdyTsVC8WbQYj%2BLNKhVExW4C7KNXZ2gFzG7hn0YLJXLE%2Fp8ZyKAAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
84ae0253fff9b8f1-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame EBFD
Redirect Chain
  • https://hxsn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Protocol
H2
Server
2606:4700:3033::6815:103f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c67a626cbf99e07ba74aa0d410d166708778789b84fff8a566d2fd506ac811e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 05:10:19 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjzBifIkLQaU%2FeJ5YQVF0OvzhA%2BDeW%2BqguemHPD6R%2F%2FYf1e8FBK%2ButjliOSeGKIkZBMwpQG1IaWfpfpE9%2B2hMz5%2FseWZ6ofWKrZ2KN1P6D1E0C2Cd6WuI006BN%2B1UrHxM1TNZH8MAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84ae02542825b8f1-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 25 Jan 2024 05:10:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLRxbNv0T9LAqYcDOa%2BpUExfbvY85%2Bhd2N%2BqSfUbu9R66dnvDoUziUkIOnJAFTVM9G11189HKROSKFrtNL6TywKyk1nU1JsVrrMXky0nIqv4So0VIm6cqeMuXN5LIp8eX2BU53viGg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control
max-age=300, public
cf-ray
84ae02540806b8f1-AMS
alt-svc
h3=":443"; ma=86400
84ae02530f40b8f1
hxsn.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EBFD 		0
0
Primary Request golden
hxsn.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hxsn.xyz/golden
Requested by
Host: hxsn.xyz
URL: https://hxsn.xyz/golden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:103f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0875e6cd951892c02ee574c1103b4246341ecc8550b5e61b032433f2f17624e0
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://hxsn.xyz/golden
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84ae0254e832660f-AMS
content-encoding
br
content-type
text/html
date
Thu, 25 Jan 2024 05:10:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCElzj4T5swzSoy0icCwGkoQYDJUUnv3xR4pDJOELMfWcc0qVMFDvu9ZwH%2BVxEkTqFP1VzYhAr1wxiJiSLr6k94LBjIqez20jeMJ0G8OuK4E2Ug3OeuVL7vBmzUgz632Elsqc5Jwzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 6B11
Redirect Chain
  • https://hxsn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Protocol
H3
Server
2606:4700:3033::6815:103f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62a4fb80a270dcb5d4c1ce5c3a5ea8b0e9f0ed6bd7e01337fd845cdd99f13fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 05:10:19 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iro3TUm4oeMrSRUqxk3WqUUHjUtGff0e%2B%2BtOeOTiYKUaPFidqaAgtAyUxpXXf8XLZM7ID%2BPJ0c0mcDh%2F6%2F18EIH%2FOX9xeRhFarxQFV1R6aRMkamwyEfNB5wh91laVC0q1TZk4bylsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84ae0255f902660f-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 25 Jan 2024 05:10:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJMoJK1V2Fbd7LhV1pNLZK6GbDtJFNFH7p0bmVR9%2FfD8lM0lTpLcZGKF4gYaGVo%2Brp76idgP0Nl8G0l%2FY4CUzJs5zcYytKrGj70wXJ%2FaHFlGiSPXnGxTJ%2Bhn%2BqmaO06S6Lcok5aVuw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control
max-age=300, public
cf-ray
84ae0255d8ec660f-AMS
alt-svc
h3=":443"; ma=86400
84ae0254e832660f
hxsn.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6B11 		0
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/84ae0254e832660f
Requested by
Host: hxsn.xyz
URL: https://hxsn.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:103f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jan 2024 05:10:21 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8BNgG3ZuYpBrYAbzzRomJbOd3IVQu1OSfnKOjbZbmJ%2BF%2BtOGYcivGOC5PyIICQjUNAAx5OegO3vjaKdOQhChOqOOcRkpWXOO47cJXckpVnzZBMP6WAFN6DsoA7WoAEekPKVpcpU6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
84ae02569973660f-AMS
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hxsn.xyz
URL
https://hxsn.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/84ae02530f40b8f1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Domain/Path Name / Value
hxsn.xyz/ Name: EcNHt1FHp8mGyJVO7lvl0tL8xJA
Value: rySAJYiIrzdcmzxCOt2XG1RXYhY
hxsn.xyz/ Name: h3GmrvaIVKh34zybwmTaPyVsOME
Value: 1706159392
hxsn.xyz/ Name: dPPdSYHnAaw2Gw_WpyduUfLPzDw
Value: 1706245792
hxsn.xyz/ Name: cHJiI5Y1JKs1eJEigSsSlqANzCk
Value: nSg680tq_HRHjECIn--Ezmps528
hxsn.xyz/ Name: 08ZVD2g6UpADN21xQF1S8Kvq9_o
Value: QbwnnJJnxMa4Ms3Naqaqc5Utz4o
hxsn.xyz/ Name: PEu1wLs1tOcq8nbbUCGL127oPXg
Value: d5zOugjJpOqFyiXqJsl58biHV0A
hxsn.xyz/ Name: 1o1YsoqLmmiYC0NoILggEUgAfR0
Value: 1706159418
hxsn.xyz/ Name: m_MecY4xpDT6nwyqKpAYXuF56hQ
Value: 1706245818
hxsn.xyz/ Name: NLZQ3MpqHNej8VDjwL-SzmgrnJ8
Value: V359uQv_uQMklVn4TXYtLI8B_RM
hxsn.xyz/ Name: S7-7QnmbfRwba8JeeDJKYXULr9w
Value: JAyv9dhiZWftqy8bzOUju3jfUuM
.hxsn.xyz/ Name: cf_clearance
Value: YBAKGbm1KpN6YX7utgJBO0gOEvSFT.dWhzvHLb9dJ7o-1706159421-1-ARDA+1ico+vrE6sRIO6fK95RLWjrjZraa77yBBkIvQjpkhGNYIdVWRn85c3bU2Sa2Jid5fdb0qLhGr43eqvAtdw=

2 Console Messages

Source Level URL
Text
network error URL: https://hxsn.xyz/golden
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://hxsn.xyz/golden
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block