urlscan.io logo urlscan.io
SecurityTrails logo

lnbvoc.yt48258.xyz Open in urlscan Pro
156.251.181.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://slxxzs.com:443/
Effective URL: https://lnbvoc.yt48258.xyz:39002/?GTXRFKXZ
Submission: On July 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 156.251.181.8, located in United States and belongs to CNSERVERS, US. The main domain is lnbvoc.yt48258.xyz.
TLS certificate: Issued by R10 on June 7th 2024. Valid for: 3 months.
This is the only time lnbvoc.yt48258.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 156.245.25.174 133199 (SONDERCLO...)
1 45.32.65.219 20473 (AS-CHOOPA)
2 51.222.244.150 16276 (OVH)
2 156.251.181.8 40065 (CNSERVERS)
8 5
Apex Domain
Subdomains		 Transfer
2 yt48258.xyz
lnbvoc.yt48258.xyz
4 KB
2 uv60.cn
uv60.cn — Cisco Umbrella Rank: 273281
23 KB
2 slxxzs.com
slxxzs.com
2 KB
1 xss9.com
xss9.com
591 B
0 yt47849.vip Failed
pik5nptc.yt47849.vip Failed
8 5
Domain Requested by
2 lnbvoc.yt48258.xyz xss9.com
lnbvoc.yt48258.xyz
2 uv60.cn xss9.com
uv60.cn
2 slxxzs.com
1 xss9.com slxxzs.com
0 pik5nptc.yt47849.vip Failed lnbvoc.yt48258.xyz
8 5

This site contains no links.

Subject Issuer Validity Valid
test.eduo.net
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
xss9.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
uv60.cn
Sectigo RSA Domain Validation Secure Server CA		 2024-05-19 -
2025-05-19		 a year crt.sh
yt18932.vip
R10		 2024-06-07 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Frame: https://pik5nptc.yt47849.vip:39002/5885/index.html?channelCode=GTXRFKXZ
Frame ID: 52A00051023F7F9076DA61F54E13C561
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

安全跳转

Page URL History Show full URLs

  1. http://slxxzs.com:443/ HTTP 307
    https://slxxzs.com/ Page URL
  2. https://lnbvoc.yt48258.xyz:39002/?GTXRFKXZ Page URL

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

29 kB
Transfer

69 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://slxxzs.com:443/ HTTP 307
    https://slxxzs.com/ Page URL
  2. https://lnbvoc.yt48258.xyz:39002/?GTXRFKXZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://slxxzs.com:443/ HTTP 307
  • https://slxxzs.com/

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
slxxzs.com/
Redirect Chain
  • http://slxxzs.com:443/
  • https://slxxzs.com/
963 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slxxzs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.245.25.174 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
3cab93a98d01a902bcaac44d9dfe44691f37cef22dc9dcb5335cde9ae1f46498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
963
content-type
text/html
date
Mon, 08 Jul 2024 23:24:19 GMT
etag
"666f00d1-3c3"
last-modified
Sun, 16 Jun 2024 15:12:17 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

Location
https://slxxzs.com/
Non-Authoritative-Reason
HttpsUpgrades
FWkB
xss9.com/ 		796 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xss9.com/FWkB
Requested by
Host: slxxzs.com
URL: https://slxxzs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.65.219 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.65.219.vultrusercontent.com
Software
Apache /
Resource Hash
1e6d0431d05aa7bfeb40a40a9a7d627426ce8905659c4d2849068e167fc186b8

Request headers

Referer
https://slxxzs.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jul 2024 23:24:22 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
nocache
content-length
474
tongji.js
uv60.cn/tj/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uv60.cn/tj/tongji.js?v=2.08
Requested by
Host: xss9.com
URL: https://xss9.com/FWkB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.222.244.150 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5005926.ip-51-222-244.net
Software
nginx /
Resource Hash
2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://slxxzs.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 08 Jul 2024 23:24:25 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Thu, 30 May 2024 04:56:57 GMT
Server
nginx
ETag
W/"66580719-da2e"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
favicon.ico
slxxzs.com/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://slxxzs.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.245.25.174 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://slxxzs.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 23:24:23 GMT
server
nginx
content-length
548
content-type
text/html
start
uv60.cn/api/v1/api2/statistics/ 		102 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uv60.cn/api/v1/api2/statistics/start?s=c2ec238df4a2909eed20364c47290b50&d=OEVUbWx2dWlvZmM1aXl0a3k4b3piR0s1SjFtaE5sWHU5bnJMYkFuVmowcE5FTm00enlCb2NUWVF4OWJDYWFRbkhwZVd4TktaY3pWclFiaDlYZzlTdW9nd2Z5dXpDcThUS1lYcDlza09Uemdpa1hIZ3lyRDY1UU9EbjFLbkpyV2JleXlsTzE3TENqMWt1VUZHQkxBYjZ2QittQjdSUkdpT0VKaFI4WG9oejJOdHZrdWZoQTYxRTF0QnZBVU44ZEFxdjd5elhTUUFZcVd2ZzN1M2tDeEhBNFlPaW5MTjA5c0F0OXNzZ2pUd1hEU1hJQWtrcnp4S1JnamhYMmJxeFlHcXk5NkZscHBkRGF1WmlhcEJnd3p4WGJybk5TM2h3MkNDYzFTVEROQXlyZnV5eHJVNTRqMVZrcW5uTU91QTBKV3NnYyt1YTk2NStmKzhYdW5zdFZseGdGa0lSUTVrMGpGUEtCOW5vUTV1N2F2RlZiYUVHaDI0NFBmdm9YU2JmenNBb3RDRzRuUTFwWllwN1hRdjVwcUtxMjQ0MDJVeDB2VmFhYXBpMEwwOGJhZFZqbkliLzJWWkp1UE1YTlRlYnNieldjaDJCVGhuLzN1eEpHM3dqNGFNbUE9PQ==&t=1720481066576
Requested by
Host: uv60.cn
URL: https://uv60.cn/tj/tongji.js?v=2.08
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.222.244.150 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5005926.ip-51-222-244.net
Software
nginx /
Resource Hash
09437a6c9553fc4fbdb0ed1e7f5dbc560c8e966f87d9ec54766089b0e7720693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://slxxzs.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 08 Jul 2024 23:24:26 GMT
Strict-Transport-Security
max-age=31536000
Server
nginx
Access-Control-Max-Age
10080
Access-Control-Allow-Methods
POST,GET,DELETE,OPTIONS,HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://slxxzs.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
Content-Length
102
Primary Request /
lnbvoc.yt48258.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lnbvoc.yt48258.xyz:39002/?GTXRFKXZ
Requested by
Host: xss9.com
URL: https://xss9.com/FWkB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.251.181.8 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
83d24215386cd36e1b755cfc21e05ca92ca370684447d04cc861c03c1064c34e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://slxxzs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Length
932
Content-Type
text/html
Date
Mon, 08 Jul 2024 23:24:28 GMT
Etag
W/"66792a9c-732"
Last-Modified
Mon, 24 Jun 2024 08:13:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Cache
BYPASS
and.js
lnbvoc.yt48258.xyz/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnbvoc.yt48258.xyz:39002/and.js
Requested by
Host: lnbvoc.yt48258.xyz
URL: https://lnbvoc.yt48258.xyz:39002/?GTXRFKXZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.251.181.8 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
7e599aa22406f6c96e7147d9aea8c19993d5c32f32aa23417c020223c531fbe3

Request headers

Referer
https://lnbvoc.yt48258.xyz:39002/?GTXRFKXZ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 08 Jul 2024 22:36:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jul 2024 22:36:55 GMT
Server
nginx
Etag
W/"6688e517-2a4d"
Vary
Accept-Encoding
X-Cache
HIT, policy, disk
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=43200
Expires
Tue, 09 Jul 2024 10:36:55 GMT
index.html
pik5nptc.yt47849.vip/5885/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pik5nptc.yt47849.vip
URL
https://pik5nptc.yt47849.vip:39002/5885/index.html?channelCode=GTXRFKXZ

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadBaiduAnalytics function| checkURLAndExecute function| loadBaiduAnalyticscnzz object| sheet function| getKeyOrDefault string| String0 number| index_random string| url_send

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://slxxzs.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000