urlscan.io logo urlscan.io
SecurityTrails logo

dx65rr2.space Open in urlscan Pro
154.195.63.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xtroax.site/
Effective URL: http://dx65rr2.space/404_1.html
Submission: On July 13 via api from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 154.195.63.5, located in Johannesburg, South Africa and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is dx65rr2.space.
This is the only time dx65rr2.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.51.165.169 132839 (POWERLINE...)
2 58.216.109.108 23650 (CHINANET-...)
1 154.195.63.5 132839 (POWERLINE...)
1 183.131.207.66 136190 (CHINATELE...)
12 5
Apex Domain
Subdomains		 Transfer
3 51.la
js.users.51.la
ia.51.la Failed
6 KB
2 xtroax.site
xtroax.site
www.xtroax.site
732 B
1 dx65rr2.space
dx65rr2.space
904 B
0 ue8898lj.com Failed
ad020.ue8898lj.com Failed
0 ggyum.com Failed
ad021.ggyum.com Failed
12 5
Domain Requested by
2 js.users.51.la www.xtroax.site
dx65rr2.space
1 ia.51.la www.xtroax.site
dx65rr2.space
1 dx65rr2.space www.xtroax.site
1 www.xtroax.site
1 xtroax.site 1 redirects
0 ad020.ue8898lj.com Failed dx65rr2.space
0 ad021.ggyum.com Failed dx65rr2.space
12 7

This site contains no links.

Subject Issuer Validity Valid
*.users.51.la
GlobalSign Domain Validation CA - SHA256 - G2		 2018-01-15 -
2021-03-19		 3 years crt.sh

This page contains 7 frames:

Primary Page: http://dx65rr2.space/404_1.html
Frame ID: 711D57AD718128728AB7562BAA28EE93
Requests: 6 HTTP requests in this frame

Frame: http://ad021.ggyum.com:2516/code/sex_nav.php?&size=1&b=000000&k=666666&zi=FFFFFF&u=118992
Frame ID: 5B6205EB883394FA436C74128A2A1D35
Requests: 1 HTTP requests in this frame

Frame: http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=1&zi=2D374B&u=118992
Frame ID: 6E699A75920457B1F180EB4E2128F7BF
Requests: 1 HTTP requests in this frame

Frame: http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=2&zi=2D374B&u=118992
Frame ID: FB76DBBCD593DFF8B161671B2E0DD572
Requests: 1 HTTP requests in this frame

Frame: http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=3&zi=2D374B&u=118992
Frame ID: 35769F34BBD7E747A094989C0720EA4C
Requests: 1 HTTP requests in this frame

Frame: http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=4&zi=2D374B&u=118992
Frame ID: A691369E071D779B9B49A69D9471F4C5
Requests: 1 HTTP requests in this frame

Frame: http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=5&zi=2D374B&u=118992
Frame ID: 8CAD480913B41EE58FE991EE48B46CE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xtroax.site/ HTTP 301
    http://www.xtroax.site/ Page URL
  2. http://dx65rr2.space/404_1.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

8 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

8 kB
Transfer

12 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xtroax.site/ HTTP 301
    http://www.xtroax.site/ Page URL
  2. http://dx65rr2.space/404_1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xtroax.site/ HTTP 301
  • http://www.xtroax.site/

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.xtroax.site/
Redirect Chain
  • http://xtroax.site/
  • http://www.xtroax.site/
766 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.xtroax.site/
Protocol
HTTP/1.1
Server
185.51.165.169 , Netherlands, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
d291bb460121abb38b3337aadf46490f077c40d06fa4d5f7c88d503f2ada0db8

Request headers

Host
www.xtroax.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Mon, 13 Jul 2020 07:17:06 GMT
Content-Type
text/html;charset=uft-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 13 Jul 2020 07:17:04 GMT
Content-Type
text/html;charset=uft-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://www.xtroax.site
20723247.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/20723247.js
Requested by
Host: www.xtroax.site
URL: http://www.xtroax.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
58.216.109.108 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
cc84e1efc1c8a0b08a5b4b8d5ef6ffe0281c0b79898b2d6d05761aa303298cb5

Request headers

Referer
http://www.xtroax.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
20723247
Date
Mon, 13 Jul 2020 07:17:07 GMT
Content-Encoding
gzip
Age
85898
Transfer-Encoding
chunked
X-Via
1.1 PSjszjsx2ph155:5 (Cdn Cache Server V2.0)[0 200 0], 1.1 wzhoudxin146:5 (Cdn Cache Server V2.0)[0 200 0], 1.1 houdxin69:6 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Request-Id
00000172B3A78EF89418FD08498ABAEE
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSh2ScThhNWv0vuZe07ecAFoawwj47UE
Last-Modified
Tue Mar 31 01:12:17 CST 2020
Server
nginx/1.14.0
ETag
"f143e002517e4df566785a1905f73801"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G00111712C6DFC80FFFF90541C5DF92B
Primary Request 404_1.html
dx65rr2.space/ 		2 KB
904 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dx65rr2.space/404_1.html
Requested by
Host: www.xtroax.site
URL: http://www.xtroax.site/
Protocol
HTTP/1.1
Server
154.195.63.5 Johannesburg, South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
48e6d8d386bdd6c03d7022ff6afb816c2fcb024701e7e80f5602747a949740a9

Request headers

Host
dx65rr2.space
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.xtroax.site/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.xtroax.site/

Response headers

Server
nginx
Date
Mon, 13 Jul 2020 07:17:08 GMT
Content-Type
text/html
Last-Modified
Thu, 09 Jul 2020 13:01:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5f071512-6d2"
Content-Encoding
gzip
go1
ia.51.la/ 		0
0
20723247.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.users.51.la/20723247.js
Requested by
Host: dx65rr2.space
URL: http://dx65rr2.space/404_1.html
Protocol
HTTP/1.1
Server
58.216.109.108 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
cc84e1efc1c8a0b08a5b4b8d5ef6ffe0281c0b79898b2d6d05761aa303298cb5

Request headers

Referer
http://dx65rr2.space/404_1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
20723247
Date
Mon, 13 Jul 2020 07:17:08 GMT
Content-Encoding
gzip
Age
85899
Transfer-Encoding
chunked
X-Via
1.1 PSjszjsx2ph155:5 (Cdn Cache Server V2.0)[0 200 0], 1.1 wzhoudxin146:5 (Cdn Cache Server V2.0)[0 200 0], 1.1 houdxin69:6 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Request-Id
00000172B3A78EF89418FD08498ABAEE
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSh2ScThhNWv0vuZe07ecAFoawwj47UE
Last-Modified
Tue Mar 31 01:12:17 CST 2020
Server
nginx/1.14.0
ETag
"f143e002517e4df566785a1905f73801"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G00111712C6DFC80FFFF90541C5DF92B
sex_nav.php
ad021.ggyum.com/code/ Frame 5B62 		0
0
Ncode20161123.php
ad020.ue8898lj.com/code/ Frame 6E69 		0
0
Ncode20161123.php
ad020.ue8898lj.com/code/ Frame FB76 		0
0
Ncode20161123.php
ad020.ue8898lj.com/code/ Frame 3576 		0
0
Ncode20161123.php
ad020.ue8898lj.com/code/ Frame A691 		0
0
Ncode20161123.php
ad020.ue8898lj.com/code/ Frame 8CAD 		0
0
go1
ia.51.la/ 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ia.51.la/go1?id=20723247&rt=1594624628839&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1594624628839&tt=&kw=&cu=http%253A%252F%252Fdx65rr2.space%252F404_1.html&pu=http%253A%252F%252Fwww.xtroax.site%252F
Requested by
Host: dx65rr2.space
URL: http://dx65rr2.space/404_1.html
Protocol
HTTP/1.1
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://dx65rr2.space/404_1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 13 Jul 2020 07:17:13 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ia.51.la
URL
http://ia.51.la/go1?id=20723247&rt=1594624627828&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1594624627828&tt=404%2520Not%2520Found&kw=&cu=http%253A%252F%252Fwww.xtroax.site%252F&pu=
Domain
ad021.ggyum.com
URL
http://ad021.ggyum.com:2516/code/sex_nav.php?&size=1&b=000000&k=666666&zi=FFFFFF&u=118992
Domain
ad020.ue8898lj.com
URL
http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=1&zi=2D374B&u=118992
Domain
ad020.ue8898lj.com
URL
http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=2&zi=2D374B&u=118992
Domain
ad020.ue8898lj.com
URL
http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=3&zi=2D374B&u=118992
Domain
ad020.ue8898lj.com
URL
http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=4&zi=2D374B&u=118992
Domain
ad020.ue8898lj.com
URL
http://ad020.ue8898lj.com:2516/code/Ncode20161123.php?&size=1&b=5&zi=2D374B&u=118992

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies