baltoot.com
Open in
urlscan Pro
2606:4700:3036::ac43:a9f1
Public Scan
Effective URL: https://baltoot.com/49ow/sos.html
Submission: On September 15 via manual from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on August 30th 2023. Valid for: 3 months.
This is the only time baltoot.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 207.211.31.113 207.211.31.113 | 14135 (NAVISITE-...) (NAVISITE-EAST-2) | |
1 1 | 2606:4700:303... 2606:4700:3030::6815:3eef | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3036::ac43:a9f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3033::ac43:cab8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
4 | 4 |
ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com
protect-us.mimecast.com |
ASN13335 (CLOUDFLARENET, US)
aldimashqi-kensington.co.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
mimecast.com
2 redirects
protect-us.mimecast.com — Cisco Umbrella Rank: 10627 |
2 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 918 |
30 KB |
1 |
jing-vpe.com
jing-vpe.com |
892 B |
1 |
baltoot.com
baltoot.com |
609 B |
1 |
aldimashqi-kensington.co.uk
1 redirects
aldimashqi-kensington.co.uk |
570 B |
4 | 5 |
Domain | Requested by | |
---|---|---|
2 | protect-us.mimecast.com | 2 redirects |
1 | code.jquery.com |
jing-vpe.com
|
1 | jing-vpe.com |
baltoot.com
code.jquery.com |
1 | baltoot.com | |
1 | aldimashqi-kensington.co.uk | 1 redirects |
4 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
baltoot.com GTS CA 1P5 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
jing-vpe.com GTS CA 1P5 |
2023-09-11 - 2023-12-10 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://baltoot.com/49ow/sos.html
Frame ID: EB03E9362BA69C1476FF4446C002A6F8
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://protect-us.mimecast.com/s/pK3_CqxWMVHO4DynSZX34A?domain=aldimashqi-kensington.co.uk
HTTP 307
https://protect-us.mimecast.com/r/sXLrOaBspN39ihqSGGJ5WiOaPY_KPaKfd0dfWFxQTv2F_35D-qY2PS4W2Q1SySVGHXMQ-PjsOa... HTTP 307
https://aldimashqi-kensington.co.uk/mde/anti.php HTTP 302
https://baltoot.com/49ow/sos.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-us.mimecast.com/s/pK3_CqxWMVHO4DynSZX34A?domain=aldimashqi-kensington.co.uk
HTTP 307
https://protect-us.mimecast.com/r/sXLrOaBspN39ihqSGGJ5WiOaPY_KPaKfd0dfWFxQTv2F_35D-qY2PS4W2Q1SySVGHXMQ-PjsOar5imBqV3uSR5nrg7Ma-zpQRkDRkTPSfVEiZuHRujouPG4WUUtX-6U6w0W-aiX6Yb1qTC3HQvK0bafvEqniM__tdAbthcQAexJrBk6pTvqptNewHveiIOj2Lh2yEWnZx9ojuwFBB3IgvoyZCtSGZCbLlkLaTZQHLO60BpafzXMijqbm1g17OiY85vYbR-5Dl25uVdkx7CtzbktMpjnrjEtbb5bDEJPVReIFrB3QzKw4ylGjCaB_haLact7UPSQSLmGN1cZ_Wtj-oIGjdVj_tiLEi-v0uR7mwaOjBRY_yZl3gKOhI_pNuKmDrOXSQV9ZMsupusHbsgEpfMsbv3f5xX6--tKQu1DXMrjP1UoY-CO9vM0DpXgzf6Vm2lZF5Sc3RP6K6GKueRRTrbmQaaenHWN2Nj-wmR3-l_wgffEBh5KbSL54xf3w4py007B90Aj7_nttuPpgA2n5FJFQpIUruVkkoxgq38bDXklP_RrwjgkI9P5AM6pylUXMqKH0Rwkb_TArEl5Xqwf3Fuy9tJlruZi15mfNrr4SrJYyUGAwtX4_eP-wQ_jcRUk4X01owE8CmWtNbbgcpsZjgVOkn75DtnLWwWbaZQlTr-FOd-4BlNo6YCtH0oX4zklGsICu4q2lkMavZHVr2sqRcIJZcbwh0Z9L3V9droWUzcP1oj3QcLzHRWkT90WQ-9aTZuCPcL05ltegKl0xeieVj-cAC29nNsEBybHPR1qhiEdZRxifaspO8O6srZr6bJqcLEJ8SA5aANkxltdENf6tu2pXSAIJEraols2CiACaGiwt2GizJG--YKMOoC88M5kdq6NKAU1J553AiX9ItSjfd_gDy9QGmMJnIome1jf-oKd_3lUJMDnGt5FrDGGBrm5W8o2CBcHGeHNbf-txQPGy_nA1f4CxjsO2TgVJz4eu2WDrN3lPed70ss1utZggUjf9KilP4hZeX_ku_xCV4BMnV2hRtyxfs4zv6fKP01eF6hzlkD3gB3pOrDmfgtJiQbzoy75APrHME0FpVcbCQNxWU81sKtVpuV2OymU9nUerHpuFrEfAtuQoyyI8WVGEgDRQejZtPvLEQ-VHlAIQvc1AZop1EPwLDo2Zb9cDWobqnfE2aWgmCyveygrDHq2HtxCf1IxOzk3104svmTFa1uYqS_DED7-VEPlMTO6EZ1TxYgEaB6dYtWbIj8ezHfjIohX8MYcnNiWHMpzRarFcp6-5C_AiuEyuZmYrdXti_UtjeQOqaQSGECyPy8YfY0k7KquMKeQ3QGT5cZj6EgSVn_UyJ8rhXx1akEZpYQG7b79TWkVgWk8reKGfxTGvQFZWFVRcXBVQZYBmt_Zy1oAU_nhGan5Om9MgUoTEL0OJI8StVZ5OTSX64Ye9eVMvJwtOsA0HP41Nu7KE6YGOgag8-CEV0rvxyjNeD1BXQ4tvV5S52u156Ff-ohLmdXW71Cma_6DanZGN3u4qT7jDntMx1p8BsAPBvkTfbAARI8pkF1pUX_RpZ6Q7kIAL9jSfSKnegoZwVebuaOXDANC6tBLzONFFKf3wTB7hPgkHNtU_u6o7_zcuRjrqIPq9HAdUMx70AfDZg9GF9EeWUQ-X5kINteiBwsmOljicNaKa9e7DUyOR0NL5gGiPzVkXeH2BuiIv2FnA HTTP 307
https://aldimashqi-kensington.co.uk/mde/anti.php HTTP 302
https://baltoot.com/49ow/sos.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
sos.html
baltoot.com/49ow/ Redirect Chain
|
220 B 609 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc.php
jing-vpe.com/host22/admin/js/ |
819 B 892 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
18b7e20.php
jing-vpe.com/host22/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- jing-vpe.com
- URL
- https://jing-vpe.com/host22/18b7e20.php
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| scr string| stc number| autograb function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
aldimashqi-kensington.co.uk/ | Name: PHPSESSID Value: 746a87f605fb6d9bd05f58454224a3df |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aldimashqi-kensington.co.uk
baltoot.com
code.jquery.com
jing-vpe.com
protect-us.mimecast.com
jing-vpe.com
207.211.31.113
2606:4700:3030::6815:3eef
2606:4700:3033::ac43:cab8
2606:4700:3036::ac43:a9f1
2a04:4e42::649
28b563456ae25b6e7b93271b10fec852df4a7a2de1eb6f292c18aa68ac577c64
5bb3ccb574c9ab20b1679390f792ad3eb57dda543b4a4c7d103a6d1a60a54c92
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf