urlscan.io logo urlscan.io
SecurityTrails logo

imlxjqla1.top Open in urlscan Pro
64.190.113.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://7lgphe.aicaitwss.online/ydrynr
Effective URL: http://imlxjqla1.top/lepo8896941
Submission: On July 04 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 7 HTTP transactions. The main IP is 64.190.113.45, located in Los Angeles, United States and belongs to BLNWX, US. The main domain is imlxjqla1.top.
This is the only time imlxjqla1.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.172.128.161 216309 (EVILEMPIR...)
2 64.190.113.45 399629 (BLNWX)
1 2a00:1450:400... 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 6
2    185.172.128.161 (Russian Federation)

ASN216309 (EVILEMPIRE-AS, GB)
7lgphe.aicaitwss.online
2    64.190.113.45 (Los Angeles, United States)

ASN399629 (BLNWX, US)
imlxjqla1.top
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cheekss.click
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
2 imlxjqla1.top
imlxjqla1.top
4 KB
2 aicaitwss.online
7lgphe.aicaitwss.online
4 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 cheekss.click
cheekss.click
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1007 B
7 5
Domain Requested by
2 imlxjqla1.top
2 7lgphe.aicaitwss.online
1 fonts.gstatic.com fonts.googleapis.com
1 cheekss.click 7lgphe.aicaitwss.online
1 fonts.googleapis.com imlxjqla1.top
7 5

This site contains no links.

Subject Issuer Validity Valid
aicaitwss.online
R11		 2024-07-02 -
2024-09-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cheekss.click
GTS CA 1P5		 2024-05-19 -
2024-08-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://imlxjqla1.top/lepo8896941
Frame ID: 93BDBF84FA0244C1636335BACD6FD8F0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eagles have begun

Page URL History Show full URLs

  1. http://7lgphe.aicaitwss.online/ydrynr HTTP 307
    https://7lgphe.aicaitwss.online/ydrynr Page URL
  2. http://imlxjqla1.top/lepo8896941 HTTP 307
    https://imlxjqla1.top/lepo8896941 HTTP 307
    http://imlxjqla1.top/lepo8896941 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

43 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

43 kB
Transfer

55 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://7lgphe.aicaitwss.online/ydrynr HTTP 307
    https://7lgphe.aicaitwss.online/ydrynr Page URL
  2. http://imlxjqla1.top/lepo8896941 HTTP 307
    https://imlxjqla1.top/lepo8896941 HTTP 307
    http://imlxjqla1.top/lepo8896941 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://7lgphe.aicaitwss.online/ydrynr HTTP 307
  • https://7lgphe.aicaitwss.online/ydrynr

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ydrynr
7lgphe.aicaitwss.online/
Redirect Chain
  • http://7lgphe.aicaitwss.online/ydrynr
  • https://7lgphe.aicaitwss.online/ydrynr
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7lgphe.aicaitwss.online/ydrynr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.172.128.161 , Russian Federation, ASN216309 (EVILEMPIRE-AS, GB),
Reverse DNS
Software
openresty / PHP/7.2.30
Resource Hash
60aeb85c83569cc3169c99b6f8541de10044f856c7ef8dc5606e3becfc710af0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jul 2024 15:37:47 GMT
Server
openresty
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.30

Redirect headers

Location
https://7lgphe.aicaitwss.online/ydrynr
Non-Authoritative-Reason
HttpsUpgrades
Primary Request lepo8896941
imlxjqla1.top/
Redirect Chain
  • http://imlxjqla1.top/lepo8896941
  • https://imlxjqla1.top/lepo8896941
  • http://imlxjqla1.top/lepo8896941
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imlxjqla1.top/lepo8896941
Protocol
HTTP/1.1
Server
64.190.113.45 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0f4c49ccf433cebd82a9fb8c9e55508a330eed6feb3a95f63c158ed6c7b82ca6

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://7lgphe.aicaitwss.online/ydrynr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
CF-Cache-Status
DYNAMIC
CF-RAY
89e032eb1a460fb2-LAX
Connection
keep-alive
Content-Encoding
gzip
Date
Thu, 04 Jul 2024 15:37:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPFjlWbFPCst%2FYsw7rx6%2BYBQpdZ%2BCoZ9XfdVmmzfWaMafiUquJToG%2BuQUU2%2Bq96olLW00qcGwvS7htrUUk8%2FjTrbkiRpdq2eGJl3vyjALGpd6U4qHmuR1IMU6A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Origin
X-Powered-By
Express

Redirect headers

Location
http://imlxjqla1.top/lepo8896941
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
7lgphe.aicaitwss.online/ 		552 B
363 B 		Other
General
Check archive.org
Download Go to
Full URL
https://7lgphe.aicaitwss.online/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.172.128.161 , Russian Federation, ASN216309 (EVILEMPIRE-AS, GB),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://7lgphe.aicaitwss.online/ydrynr
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Jul 2024 15:37:47 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
css2
fonts.googleapis.com/ 		4 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: imlxjqla1.top
URL: http://imlxjqla1.top/lepo8896941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://imlxjqla1.top/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 15:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 14:05:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 15:37:51 GMT
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21b83877c56f2f803b051d62a8aafdb762432f0ff1bf7c045f759b8662480001

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
http://imlxjqla1.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
FR-02-07_lepoint
cheekss.click/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cheekss.click/FR-02-07_lepoint?return=js.client&&se_referrer=&default_keyword=eagles%20have%20begun&landing_url=imlxjqla1.top%2Flepo8896941&name=_cNjRvzmkXCszqVYF&host=https%3A%2F%2Fcheekss.click%2FFR-02-07_lepoint
Requested by
Host: 7lgphe.aicaitwss.online
URL: https://7lgphe.aicaitwss.online/ydrynr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4444b4f7a53232968d347956c655243c8689e5ccf9cd2c0d654dec8674e47db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://imlxjqla1.top/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 15:37:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLImNYB%2BADAoeDAW8k%2B%2FovcrBQ9EVBGs8HTaxmztquayOpeFq%2FuIvz8E3yLsTiaIHyrRFiaIPpe0biuiQufDn6JiFqBkUBr7LyZJJOPZpNUhW6YqfrEfUuNEvHM%2BLLrC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
89e032efc934bc4e-ZRH
alt-svc
h3=":443"; ma=86400
content-length
1614
expires
Thu, 04 Jul 2024 15:37:51 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
http://imlxjqla1.top
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:59:20 GMT
x-content-type-options
nosniff
age
9511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 12:59:20 GMT
favicon.ico
imlxjqla1.top/ 		0
618 B 		Other
General
Check archive.org
Download Go to
Full URL
http://imlxjqla1.top/favicon.ico
Protocol
HTTP/1.1
Server
64.190.113.45 Los Angeles, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
http://imlxjqla1.top/lepo8896941
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 04 Jul 2024 15:37:51 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPilAv5U05jqznYxhnHmMcsYnad7xBOtejztFYOGCVSh8unc90IfsIHcmixBT4r4WXJTBRrT6503uEkB%2Bj2OzfxfygQTxjTUCdzrll%2BDQ2zauMXz6glCmW3AZA%3D%3D"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
89e032f0f8370fe1-LAX

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| _cNjRvzmkXCszqVYF object| _VyWDwm4GnB56Vtcb

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://7lgphe.aicaitwss.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://imlxjqla1.top/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)