balance.13141efgtrvbhjd.com Open in urlscan Pro
34.96.246.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://104-pj.xyz/
Effective URL:
https://balance.13141efgtrvbhjd.com/
Submission: On October 30 via api (October 30th 2023, 2:08:39 am UTC) from BY — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 6 domains to perform 8 HTTP transactions. The main IP is 34.96.246.12, located in Hong Kong, Hong Kong and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is balance.13141efgtrvbhjd.com.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.

This is the only time balance.13141efgtrvbhjd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	156.234.127.139 156.234.127.139	40065 (CNSERVERS) (CNSERVERS)
2	34.96.246.12 34.96.246.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	3

1 156.234.127.139 (Hong Kong, Hong Kong)

ASN40065 (CNSERVERS, US)

104-pj.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.246.12 (Hong Kong, Hong Kong)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.246.96.34.bc.googleusercontent.com

balance.13141efgtrvbhjd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	13141efgtrvbhjd.com balance.13141efgtrvbhjd.com	2 KB
1	104-pj.xyz 104-pj.xyz	301 B
0	u3j9shfbake1hc.com Failed akdo3123.u3j9shfbake1hc.com Failed
0	hg5ja97kqay21h3.com Failed rp42kdwo.hg5ja97kqay21h3.com Failed akdo3123.hg5ja97kqay21h3.com Failed
0	kdc694jq5oas194.com Failed akdo3123.kdc694jq5oas194.com Failed
0	h5jqh2kdb3as.com Failed akdo3123.h5jqh2kdb3as.com Failed
8	6

	Domain	Requested by
2	balance.13141efgtrvbhjd.com	104-pj.xyz balance.13141efgtrvbhjd.com
1	104-pj.xyz
0	akdo3123.hg5ja97kqay21h3.com Failed	balance.13141efgtrvbhjd.com
0	akdo3123.u3j9shfbake1hc.com Failed	balance.13141efgtrvbhjd.com
0	rp42kdwo.hg5ja97kqay21h3.com Failed	balance.13141efgtrvbhjd.com
0	akdo3123.kdc694jq5oas194.com Failed	balance.13141efgtrvbhjd.com
0	akdo3123.h5jqh2kdb3as.com Failed	balance.13141efgtrvbhjd.com
8	7

This site contains no links.

Subject Issuer	Validity	Valid
balance.13141efgtrvbhjd.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://balance.13141efgtrvbhjd.com/
Frame ID: 176ED2797F6EB6BA0D7D7B3A9C501C63
Requests: 3 HTTP requests in this frame

Frame: https://akdo3123.h5jqh2kdb3as.com/?_rid=0.5767530901301645
Frame ID: BCCCE17315492839848E798FDBD1C6A2
Requests: 1 HTTP requests in this frame

Frame: https://akdo3123.kdc694jq5oas194.com/?_rid=0.4415511386039739
Frame ID: 5E89861C994796D9FE86029890D72E48
Requests: 1 HTTP requests in this frame

Frame: https://rp42kdwo.hg5ja97kqay21h3.com/?_rid=0.8562746316234264
Frame ID: 595D45A2734FA114D9C25BEA7BECFEFC
Requests: 1 HTTP requests in this frame

Frame: https://akdo3123.u3j9shfbake1hc.com/?_rid=0.36935698459972155
Frame ID: 5BED04411AD61109D58BC3F5FDEB4379
Requests: 1 HTTP requests in this frame

Frame: https://akdo3123.hg5ja97kqay21h3.com/?_rid=0.7120580915139896
Frame ID: 92FFE8DC8664EC136719A7845EBD3061
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://104-pj.xyz/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL

Page Statistics

8
Requests

25 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://104-pj.xyz/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 ok	/ Show response 104-pj.xyz/	165 B 301 B	5350ms 173ms	Document text/html	156.234.127.139 CNSERVERS
General Check archive.org Show headers Download Go to Full URL http://104-pj.xyz/ Protocol HTTP/1.1 Server 156.234.127.139 Hong Kong, Hong Kong, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `636a7936ea5220d6d79d85863c70b6a39344524f7bf62009a1060a9ef0f95830` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Connection close Content-Length 165 Date Mon, 30 Oct 2023 02:08:33 GMT Server nginx
GET H/1.1	200 OK	/ Show response balance.13141efgtrvbhjd.com/	685 B 802 B	5079ms 273ms	Document text/html	34.96.246.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://balance.13141efgtrvbhjd.com/ Requested by Host: 104-pj.xyz URL: http://104-pj.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.96.246.12 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.246.96.34.bc.googleusercontent.com Software / Resource Hash `6a48b76d5c48950c42545a9a48f87c98ff419c5a4144d4438d65829c33da024e` Request headers Referer http://104-pj.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 685 Content-Type text/html; charset=utf-8 Date Mon, 30 Oct 2023 02:08:34 GMT
GET H/1.1	200 OK	Primary Request / Show response balance.13141efgtrvbhjd.com/	1 KB 2 KB	311ms 311ms	Document text/html	34.96.246.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://balance.13141efgtrvbhjd.com/ Requested by Host: balance.13141efgtrvbhjd.com URL: https://balance.13141efgtrvbhjd.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.96.246.12 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.246.96.34.bc.googleusercontent.com Software / Resource Hash `afe42649756213ffbfdf3d7be178bb6b80ce8647a06a16475245c292b773f6a1` Request headers Referer https://balance.13141efgtrvbhjd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Length 1432 Content-Type text/html; charset=utf-8 Date Mon, 30 Oct 2023 02:08:37 GMT
GET		/ akdo3123.h5jqh2kdb3as.com/ Frame BCCC	0 0

GET		/ akdo3123.kdc694jq5oas194.com/ Frame 5E89	0 0

GET		/ rp42kdwo.hg5ja97kqay21h3.com/ Frame 595D	0 0

GET		/ akdo3123.u3j9shfbake1hc.com/ Frame 5BED	0 0

GET		/ akdo3123.hg5ja97kqay21h3.com/ Frame 92FF	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: akdo3123.h5jqh2kdb3as.com
URL: https://akdo3123.h5jqh2kdb3as.com/?_rid=0.5767530901301645

Domain: akdo3123.kdc694jq5oas194.com
URL: https://akdo3123.kdc694jq5oas194.com/?_rid=0.4415511386039739

Domain: rp42kdwo.hg5ja97kqay21h3.com
URL: https://rp42kdwo.hg5ja97kqay21h3.com/?_rid=0.8562746316234264

Domain: akdo3123.u3j9shfbake1hc.com
URL: https://akdo3123.u3j9shfbake1hc.com/?_rid=0.36935698459972155

Domain: akdo3123.hg5ja97kqay21h3.com
URL: https://akdo3123.hg5ja97kqay21h3.com/?_rid=0.7120580915139896

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			balance.13141efgtrvbhjd.com/	1970-01-20 15:50:35	Name: _GATE_DID_ Value: GQ$RGQ$#HG%QRQ#R!@#RWE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

104-pj.xyz
akdo3123.h5jqh2kdb3as.com
akdo3123.hg5ja97kqay21h3.com
akdo3123.kdc694jq5oas194.com
akdo3123.u3j9shfbake1hc.com
balance.13141efgtrvbhjd.com
rp42kdwo.hg5ja97kqay21h3.com
akdo3123.h5jqh2kdb3as.com
akdo3123.hg5ja97kqay21h3.com
akdo3123.kdc694jq5oas194.com
akdo3123.u3j9shfbake1hc.com
rp42kdwo.hg5ja97kqay21h3.com
156.234.127.139
34.96.246.12
636a7936ea5220d6d79d85863c70b6a39344524f7bf62009a1060a9ef0f95830
6a48b76d5c48950c42545a9a48f87c98ff419c5a4144d4438d65829c33da024e
afe42649756213ffbfdf3d7be178bb6b80ce8647a06a16475245c292b773f6a1

balance.13141efgtrvbhjd.com Open in urlscan Pro 34.96.246.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

25 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

3 IPs

1 Countries

3 kBTransfer

2 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Indicators

balance.13141efgtrvbhjd.com Open in urlscan Pro
34.96.246.12 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

25 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions