urlscan.io logo urlscan.io
SecurityTrails logo

ww.ofmarannshome.be Open in urlscan Pro
212.123.8.52  Public Scan

Go To Rescan Add Verdict Report
URL: http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
Submission: On February 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 212.123.8.52, located in Ghent, Belgium and belongs to TELENET-AS, BE. The main domain is ww.ofmarannshome.be.
This is the only time ww.ofmarannshome.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 212.123.8.52 6848 (TELENET-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 4
2    212.123.8.52 (Ghent, Belgium)

ASN6848 (TELENET-AS, BE)
PTR: 212-123-8-52.ifiber.telenet-ops.be
ww.ofmarannshome.be
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3037::6815:5e68 (United States)

ASN13335 (CLOUDFLARENET, US)
www.click1xxx.xyz
click1xxx.xyz
1    2606:4700:3030::ac43:de5b (United States)

ASN13335 (CLOUDFLARENET, US)
click1xxx.xyz
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
2 click1xxx.xyz 1 redirects ww.ofmarannshome.be
2 www.click1xxx.xyz 2 redirects
2 ww.ofmarannshome.be ww.ofmarannshome.be
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ww.ofmarannshome.be
5 5

This site contains links to these domains. Also see Links.

Domain
www.click1xxx.xyz
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-06 -
2021-08-06		 a year crt.sh

This page contains 2 frames:

Primary Page: http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
Frame ID: 283ED07A3CC8A2E1233DAC047C442FBE
Requests: 4 HTTP requests in this frame

Frame: https://click1xxx.xyz/page/208
Frame ID: 99B623505C4561B83FEE2C4D854C9629
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

5
Requests

20 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

13 kB
Transfer

13 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.click1xxx.xyz/page/208 HTTP 301
  • https://www.click1xxx.xyz/page/208 HTTP 301
  • http://click1xxx.xyz/page/208 HTTP 301
  • https://click1xxx.xyz/page/208

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request loadlink.php
ww.ofmarannshome.be/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
Protocol
HTTP/1.1
Server
212.123.8.52 Ghent, Belgium, ASN6848 (TELENET-AS, BE),
Reverse DNS
212-123-8-52.ifiber.telenet-ops.be
Software
Microsoft-IIS/7.5 / PHP/5.3.28 ASP.NET
Resource Hash
edbac16fd4196c7340b65866b581b0048f543fe73de5b35abf7c0de40bee3bbb

Request headers

Host
ww.ofmarannshome.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.3.28 ASP.NET
Date
Tue, 02 Feb 2021 09:59:52 GMT
Content-Length
1109
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: ww.ofmarannshome.be
URL: http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d80f75d440bdac86e42db51c4c28467cec86111ac33d5d0c6e1f02025ae8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 09:59:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Feb 2021 09:59:56 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 02 Feb 2021 09:59:56 GMT
colors.css
ww.ofmarannshome.be/css/ 		714 B
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ww.ofmarannshome.be/css/colors.css
Requested by
Host: ww.ofmarannshome.be
URL: http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
Protocol
HTTP/1.1
Server
212.123.8.52 Ghent, Belgium, ASN6848 (TELENET-AS, BE),
Reverse DNS
212-123-8-52.ifiber.telenet-ops.be
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a6b54f74f5be185abc9e25de601cf2db189730557d42b1e14d40e67115639c75

Request headers

Referer
http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 09:59:52 GMT
Last-Modified
Thu, 12 Jun 2014 11:45:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"31b043c03386cf1:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
714
208
click1xxx.xyz/page/ Frame 99B6
Redirect Chain
  • http://www.click1xxx.xyz/page/208
  • https://www.click1xxx.xyz/page/208
  • http://click1xxx.xyz/page/208
  • https://click1xxx.xyz/page/208
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://click1xxx.xyz/page/208
Requested by
Host: ww.ofmarannshome.be
URL: http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
click1xxx.xyz
:scheme
https
:path
/page/208
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ww.ofmarannshome.be/loadlink.php?link=click1xxx.xyz/page/208

Response headers

date
Tue, 02 Feb 2021 09:59:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d6d9a9e77ca21317a2466bcf33c2b56541612259997; expires=Thu, 04-Mar-21 09:59:57 GMT; path=/; domain=.click1xxx.xyz; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0803c84d8e0000074690001000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BkfL1pwWpOvIUbRSuceXV6764%2BhtzG9rXvCsXxs6dRk5PA1%2BX4uZOoXXqYWqUq3as8khHRC3yFRawOO8jizyPSzNE5VQllKUp0m5GDplKOZu7%2F%2Fy1MSUNsFO"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61b30ff5aabc0746-FRA
content-encoding
br

Redirect headers

Date
Tue, 02 Feb 2021 09:59:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Tue, 02 Feb 2021 10:59:57 GMT
Location
https://click1xxx.xyz/page/208
cf-request-id
0803c84d7800004a91f913b000000001
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qw2BALnwJ27IinmL9eDCLr87lQCyghH6srmjPS94zTAp9CR39u0a57YDqtXxivt1FnW%2FnVVbx10hsozH2nMKbRQbOgILvGp%2FBae7w6IRaPMY2wppdlRCcpLI"}]}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
61b30ff589854a91-FRA
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://ww.ofmarannshome.be
Referer
http://fonts.googleapis.com/css?family=Open+Sans
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 16:19:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:09:28 GMT
Server
sffe
Age
63639
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9132
X-XSS-Protection
0
Expires
Tue, 01 Feb 2022 16:19:17 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

0 Cookies