rx9mipxhws4r.xyz - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2600:9000:2761:8600:1f:5d6d:1800:93a1, located in United States and belongs to AMAZON-02, US. The main domain is rx9mipxhws4r.xyz.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 3rd 2024. Valid for: a year.

This is the only time rx9mipxhws4r.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2600:9000:276... 2600:9000:2761:8600:1f:5d6d:1800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	206.238.197.160 206.238.197.160	399077 (TERAEXCH) (TERAEXCH)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

4 2600:9000:2761:8600:1f:5d6d:1800:93a1 (United States)

ASN16509 (AMAZON-02, US)

rx9mipxhws4r.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.238.197.160 (Singapore, Singapore)

ASN399077 (TERAEXCH, US)

api.gv86knght6r.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ios.d1ksd764a9l.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	rx9mipxhws4r.xyz rx9mipxhws4r.xyz	55 KB
2	gv86knght6r.top api.gv86knght6r.top	2 KB
1	d1ksd764a9l.top ios.d1ksd764a9l.top
7	3

	Domain	Requested by
4	rx9mipxhws4r.xyz	rx9mipxhws4r.xyz
2	api.gv86knght6r.top	rx9mipxhws4r.xyz
1	ios.d1ksd764a9l.top	rx9mipxhws4r.xyz
7	3

This site contains no links.

Subject Issuer	Validity	Valid
7uyrzycqkio3.xyz Amazon RSA 2048 M03	`2024-04-03` - `2025-05-02`	a year	crt.sh
*.gv86knght6r.top ZeroSSL ECC Domain Secure Site CA	`2024-09-09` - `2024-12-08`	3 months	crt.sh
d1ksd764a9l.top WE1	`2024-08-25` - `2024-11-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rx9mipxhws4r.xyz/
Frame ID: ECF6CE15C58DC2307F3287F609AE6941
Requests: 5 HTTP requests in this frame

Frame: https://ios.d1ksd764a9l.top/web2258/
Frame ID: 65AC41E488374152E65FBF28D5DFC375
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

57 kB
Transfer

56 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rx9mipxhws4r.xyz/	1 KB 2 KB	103ms 20ms	Document text/html	2600:9000:2761:8600:1f:5d6d:1800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rx9mipxhws4r.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2761:8600:1f:5d6d:1800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.0 / Resource Hash `01f56b3634ff19a764508dcd65f1b99cb5a8f5b2e7278de3a904b4060c3c8d6a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 33536 content-length 1418 content-type text/html date Thu, 26 Sep 2024 17:31:46 GMT etag "66f427cf-58a" last-modified Wed, 25 Sep 2024 15:10:07 GMT server nginx/1.22.0 via 1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront) x-amz-cf-id eTnK8OzghM5IIAS-PIUFXT9kkq56wHS8A6oIqJmxHFjvRrIHK_U6Dg== x-amz-cf-pop FRA60-P8 x-cache Hit from cloudfront
GET H2	200	crypto-js.min.js Show response rx9mipxhws4r.xyz/static/202401271954/js/	46 KB 47 KB	29ms 27ms	Script application/javascript	2600:9000:2761:8600:1f:5d6d:1800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rx9mipxhws4r.xyz/static/202401271954/js/crypto-js.min.js Requested by Host: rx9mipxhws4r.xyz URL: https://rx9mipxhws4r.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2761:8600:1f:5d6d:1800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.0 / Resource Hash `817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://rx9mipxhws4r.xyz/ Response headers etag "66f427d0-b9d8" age 7695 via 1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 47576 x-amz-cf-id Gl98gqapsnBbMP6ZnuGEHmpsAKMba6FPx70o1fppIsmcxKxuIrIJwA== date Fri, 27 Sep 2024 00:42:27 GMT content-type application/javascript last-modified Wed, 25 Sep 2024 15:10:08 GMT server nginx/1.22.0 x-amz-cf-pop FRA60-P8
GET H2	200	iframe.js Show response rx9mipxhws4r.xyz/static/202401271954/js/	6 KB 6 KB	23ms 22ms	Script application/javascript	2600:9000:2761:8600:1f:5d6d:1800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rx9mipxhws4r.xyz/static/202401271954/js/iframe.js?t=202409091420 Requested by Host: rx9mipxhws4r.xyz URL: https://rx9mipxhws4r.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2761:8600:1f:5d6d:1800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.0 / Resource Hash `a35251bc9360e31cb5f7ad86ec524e3637b8cbbf6fe07ab3a33db65e585fc6bc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://rx9mipxhws4r.xyz/ Response headers etag "66f427d0-16ea" age 36811 via 1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 5866 x-amz-cf-id N6k_RC0cfmo-q2JWVwLsC28kbH0zlREDN83em8nc11kzzdhy-4rZOg== date Thu, 26 Sep 2024 16:37:11 GMT content-type application/javascript last-modified Wed, 25 Sep 2024 15:10:08 GMT server nginx/1.22.0 x-amz-cf-pop FRA60-P8
POST H/1.1	200	request Show response api.gv86knght6r.top/fast-endecode/main/	2 KB 2 KB	311ms 309ms	Fetch application/json	206.238.197.160 TERAEXCH
General Check archive.org Show headers Download Go to Full URL https://api.gv86knght6r.top/fast-endecode/main/request Requested by Host: rx9mipxhws4r.xyz URL: https://rx9mipxhws4r.xyz/static/202401271954/js/iframe.js?t=202409091420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 206.238.197.160 Singapore, Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `e829fded4196b5d137f6cb04ce209f7b83cc4a069d6aadb0392d763339474b0a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://rx9mipxhws4r.xyz/ Response headers Transfer-Encoding chunked NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Encoding gzip CF-Cache-Status DYNAMIC Connection keep-alive Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkrbUNJcIge5b6Xltuj4%2B%2BAY262OZ6%2FpzT0EBHZLFddzZMo4UJQU7nHBXnX3H3Bdnd8YVmmisJtSqIe77tQjGAGI%2FP%2FjPRDn3Se7huzFS6x%2FsWXhFZq8eoTnyL7Ck3aBbj9xSQw%3D"}],"group":"cf-nel","max_age":604800} Access-Control-Allow-Methods GET, POST, OPTIONS CF-RAY 8c983016af2b0486-HKG Access-Control-Allow-Origin * X-Application-Context fast-cloud-zull:prod:8800 Date Fri, 27 Sep 2024 02:50:43 GMT Content-Type application/json;charset=UTF-8 Vary Origin Server nginx/1.17.6 Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
OPTIONS H/1.1	200	request api.gv86knght6r.top/fast-endecode/main/ Frame	0 0	859ms 297ms	Preflight	206.238.197.160 TERAEXCH
General Check archive.org Show headers Download Go to Full URL https://api.gv86knght6r.top/fast-endecode/main/request Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 206.238.197.160 Singapore, Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://rx9mipxhws4r.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization Access-Control-Allow-Methods POST GET, POST, OPTIONS Access-Control-Allow-Origin * CF-Cache-Status DYNAMIC CF-RAY 8c983014cce984af-HKG Connection keep-alive Date Fri, 27 Sep 2024 02:50:43 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXKCRd%2B3%2FXG75KtTSgUmgcoHd%2BRZt0NMeWhGejQVo%2BXwWzvLmrQ4yGQCCRXlieCFjbVff0TlGsNCkQnkYI0DUz8Z4PqvPmv6MtUpkjxnLkV4b2cC0zwwjWX6EFNxrewbHknG0zs%3D"}],"group":"cf-nel","max_age":604800} Server nginx/1.17.6 Transfer-Encoding chunked Vary Origin X-Application-Context fast-cloud-zull:prod:8800
GET H2	404	favicon.ico rx9mipxhws4r.xyz/	153 B 394 B	418ms 415ms	Other text/html	2600:9000:2761:8600:1f:5d6d:1800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rx9mipxhws4r.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2761:8600:1f:5d6d:1800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.0 / Resource Hash `fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://rx9mipxhws4r.xyz/ Response headers via 1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront) x-cache Error from cloudfront content-length 153 x-amz-cf-id FCvmxHY-CstJUInFN6FV9C4EkBJY8mUfe82By_sAKWvlNkf4po4bDA== date Fri, 27 Sep 2024 02:50:42 GMT content-type text/html x-amz-cf-pop FRA60-P8 server nginx/1.22.0
GET H3	200	/ ios.d1ksd764a9l.top/web2258/ Frame 65AC	0 0	666ms 512ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ios.d1ksd764a9l.top/web2258/ Requested by Host: rx9mipxhws4r.xyz URL: https://rx9mipxhws4r.xyz/static/202401271954/js/iframe.js?t=202409091420 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://rx9mipxhws4r.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c983018ae69d3c2-FRA content-encoding br content-type text/html date Fri, 27 Sep 2024 02:50:44 GMT last-modified Wed, 25 Sep 2024 15:10:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoWKx%2BG6BUEV5gO3fXgS4ZE0TK599Y50KweJHYGM2hEW98%2Fbz%2BxB%2FGEl3Yi7%2BQgv19vfbVEiUOCGQf40jiIO5INCc5%2BnKdhDj7xp1rRvI48Qww2bWq74CWQ%2BI8r27DafPlHX3GXm"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rx9mipxhws4r.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.gv86knght6r.top
ios.d1ksd764a9l.top
rx9mipxhws4r.xyz
188.114.96.3
206.238.197.160
2600:9000:2761:8600:1f:5d6d:1800:93a1
01f56b3634ff19a764508dcd65f1b99cb5a8f5b2e7278de3a904b4060c3c8d6a
817c88066f7a344d4471bb20d30652e641f498eedd9c28e5a6ed661c67795010
a35251bc9360e31cb5f7ad86ec524e3637b8cbbf6fe07ab3a33db65e585fc6bc
e829fded4196b5d137f6cb04ce209f7b83cc4a069d6aadb0392d763339474b0a
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7

rx9mipxhws4r.xyz Open in urlscan Pro 2600:9000:2761:8600:1f:5d6d:1800:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

7 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

57 kBTransfer

56 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

rx9mipxhws4r.xyz Open in urlscan Pro
2600:9000:2761:8600:1f:5d6d:1800:93a1 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

57 kB
Transfer

56 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions