urlscan.io logo urlscan.io
SecurityTrails logo

lo.24open.mn Open in urlscan Pro
104.21.4.98  Public Scan

Go To Rescan Add Verdict Report
URL: https://lo.24open.mn/
Submission: On December 12 via api from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 104.21.4.98, located in and belongs to CLOUDFLARENET, US. The main domain is lo.24open.mn.
TLS certificate: Issued by WE1 on December 12th 2024. Valid for: 3 months.
This is the only time lo.24open.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 104.21.4.98 13335 (CLOUDFLAR...)
1 142.250.181.234 15169 (GOOGLE)
1 142.250.186.131 15169 (GOOGLE)
11 4
Apex Domain
Subdomains		 Transfer
6 24open.mn
lo.24open.mn
62 KB
1 gstatic.com
fonts.gstatic.com
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
0 cloudflareinsights.com Failed
static.cloudflareinsights.com Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
11 5
Domain Requested by
6 lo.24open.mn lo.24open.mn
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com lo.24open.mn
0 static.cloudflareinsights.com Failed lo.24open.mn
0 www.googletagmanager.com Failed lo.24open.mn
11 5

This site contains links to these domains. Also see Links.

Domain
github.com
Subject Issuer Validity Valid
lo.24open.mn
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lo.24open.mn/
Frame ID: ACEF5113CC9A3BABC68C7517C34DA283
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Random Name Picker for Lucky Draw

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

11
Requests

73 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

93 kB
Transfer

236 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lo.24open.mn/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lo.24open.mn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0180e7c8be1e4912a1625d6185181e91e37cecf55293e247291470528cdfba97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f0e5f376aa75aa2-VIE
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 14:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vU%2BxYqoi%2B5XXXaRjvgBeAc62kpOKMckNDIY63x%2BR7%2FiNnj7CRhnE8oQtf5CQC9Bm%2BHUFusikYJs6nSsF8SsAtgJxb4QkGMOpt89F0ifxAxFIUMBz7v5h4kcqz3buHOM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=15034&min_rtt=14603&rtt_var=2975&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4210&recv_bytes=4533&delivery_rate=665&cwnd=12000&unsent_bytes=0&cid=8e284c132a9b6bdb&ts=301&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
gtm.js
www.googletagmanager.com/ 		0
0
vendor.632f687e.js
lo.24open.mn/assets/js/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.24open.mn/assets/js/vendor.632f687e.js
Requested by
Host: lo.24open.mn
URL: https://lo.24open.mn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4768611d6bf36b1a58a515a3379da4f1c25489d636c219b42181395f076bb1b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lo.24open.mn/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"4fad5e16ef0eee1a91eaf9062fd7b352"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bo%2BADsktcYYXCm%2Fo1rv%2F8Hya6ksR3gRmCEALwlZrb%2F9u5yeBOc079RJc7eCkeXLZffF%2BmrUNBme%2FWpT3LEG%2Fu%2BZs8ZwoLcO2Z9VhIzBBSevyHOC1nTgNjFTSPSrv6B4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14992&min_rtt=14592&rtt_var=1080&sent=33&recv=19&lost=0&retrans=0&sent_bytes=23394&recv_bytes=5902&delivery_rate=490747&cwnd=12000&unsent_bytes=0&cid=8e284c132a9b6bdb&ts=597&x=1", cfExtPri, cfHdrFlush;dur=1
date
Thu, 12 Dec 2024 14:23:23 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f0e5f393c335aa2-VIE
access-control-allow-origin
*
server
cloudflare
app.7da32525.js
lo.24open.mn/assets/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.24open.mn/assets/js/app.7da32525.js
Requested by
Host: lo.24open.mn
URL: https://lo.24open.mn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dae4ed07faa16bc2d38371b5d91a9a3847de53cd247733f6699671890e6d194
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lo.24open.mn/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"cb68016922e4575704086ab613d6a9ec"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PspDSIIXeBnsf13YxSJaCwPxiCeU1byU98r2wGkFr2Y1EXt769yrLr2JImi6v9ybuvGbQo4HMM8s%2FAsCVHZBQk5kEMye3xhli%2FLUAubMxikzIVCCJSpoQBFoyyghX94%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14992&min_rtt=14592&rtt_var=1080&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19055&recv_bytes=5902&delivery_rate=490747&cwnd=12000&unsent_bytes=0&cid=8e284c132a9b6bdb&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 14:23:23 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f0e5f393c395aa2-VIE
access-control-allow-origin
*
server
cloudflare
app.7da32525.css
lo.24open.mn/assets/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lo.24open.mn/assets/css/app.7da32525.css
Requested by
Host: lo.24open.mn
URL: https://lo.24open.mn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68fbcf23cb28b9b5008e96471523c2410439def57ec06df08d252186de000e4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lo.24open.mn/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"54d6f89068590ebd9d4588a30a1a88bb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=383IRazhFeLAxOiKHVb3pw5QmN%2FJ1Zs9kWd%2FskyjWurseQ7Vmb3FQmUp5COmvrN5mnqoL%2FvUSM1DWTgd5DMz8Svyvxow%2FTfH5qgm%2BOsodNoa9nd1KnNmrZ9JBQwkU9M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14992&min_rtt=14592&rtt_var=1080&sent=25&recv=19&lost=0&retrans=0&sent_bytes=15354&recv_bytes=5902&delivery_rate=490747&cwnd=12000&unsent_bytes=0&cid=8e284c132a9b6bdb&ts=572&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 14:23:23 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f0e5f393c375aa2-VIE
access-control-allow-origin
*
server
cloudflare
sunburst.0838324a.svg
lo.24open.mn/assets/images/ 		17 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lo.24open.mn/assets/images/sunburst.0838324a.svg
Requested by
Host: lo.24open.mn
URL: https://lo.24open.mn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558cb6419ddb6af27353f58f39f7f880284905ae30106c476076feb78b7b93aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lo.24open.mn/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"86a02d88eaa1cb2df80f9dec3c36b638"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5PngQpm3uXmUkdP6S4F81vuYtOsHf1Ov8beOwDDO8%2BWsmLUhEIN271SFWfJhMJFh5LqjE4WiY3m4q7HhcJiBxV140r7QcbWd2v%2FhOvA6MSdGd9LeiIiq%2Fi31rWGnDw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14992&min_rtt=14592&rtt_var=1080&sent=21&recv=19&lost=0&retrans=0&sent_bytes=11394&recv_bytes=5902&delivery_rate=490747&cwnd=12000&unsent_bytes=0&cid=8e284c132a9b6bdb&ts=568&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 14:23:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f0e5f393c3e5aa2-VIE
access-control-allow-origin
*
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		0
0
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700;800&display=swap
Requested by
Host: lo.24open.mn
URL: https://lo.24open.mn/assets/css/app.7da32525.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
ceb9e3e7e93fbe307881e45fd957e0c341a9028dd98e380f831703399932ba8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lo.24open.mn/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 14:23:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 14:23:23 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 14:19:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
0c7d428e-e8ba-4299-aefa-f316b47ecd59
https://lo.24open.mn/ 		0
0
light-blubs.0d2ddfd6.svg
lo.24open.mn/assets/images/ 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lo.24open.mn/assets/images/light-blubs.0d2ddfd6.svg
Requested by
Host: lo.24open.mn
URL: https://lo.24open.mn/assets/css/app.7da32525.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eded1ad0d8a25f5e86b891882e04b18a333cbf54659450e0dedd83445d14360
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lo.24open.mn/assets/css/app.7da32525.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"742df833102c67096d40bdd9c67293e6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtmu5t0vYa14HrFQp6pNZ7XWTkmJDjoyGgy1o3gxPUwX%2FcFtDDJqjsdpBShDfBy2fbtawt6WtYQCcoz%2BWUjH9c1Kc3DMOJht5bqlNR%2FvyZv4Wv452NKJO%2FyLRvwp1DE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16913&min_rtt=14348&rtt_var=937&sent=73&recv=45&lost=0&retrans=0&sent_bytes=66431&recv_bytes=7351&delivery_rate=1405842&cwnd=38400&unsent_bytes=0&cid=8e284c132a9b6bdb&ts=1269&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 14:23:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f0e5f3db8bb5aa2-VIE
access-control-allow-origin
*
server
cloudflare
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700;800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lo.24open.mn
Referer
https://fonts.googleapis.com/

Response headers

age
82946
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 15:20:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 15:20:57 GMT
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
31052
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-54B6D4G
Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Domain
lo.24open.mn
URL
blob:https://lo.24open.mn/0c7d428e-e8ba-4299-aefa-f316b47ecd59

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| webpackChunkrandom_name_picker

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://lo.24open.mn/
Message:
Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'nonce-ZmFhY2VlMjEtN2M4Ny00YzQxLTk4ODMtMGFlZmU3Mzk5ZjJh' 'nonce-gtm-3929233604' www.googletagmanager.com *.googletagmanager.com www.google-analytics.com analytics.google.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff