urlscan.io logo urlscan.io
SecurityTrails logo

33e9ce3d6fa6.baklib.work Open in urlscan Pro
165.154.98.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://33e9ce3d6fa6.baklib.work/
Effective URL: https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
Submission: On April 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 165.154.98.173, located in Hong Kong, Hong Kong and belongs to UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK. The main domain is 33e9ce3d6fa6.baklib.work.
TLS certificate: Issued by R3 on April 2nd 2024. Valid for: 3 months.
This is the only time 33e9ce3d6fa6.baklib.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 165.154.98.173 135377 (UCLOUD-HK...)
5 2
Apex Domain
Subdomains		 Transfer
7 baklib.work
33e9ce3d6fa6.baklib.work
2 MB
5 1
Domain Requested by
7 33e9ce3d6fa6.baklib.work 2 redirects 33e9ce3d6fa6.baklib.work
5 1

This site contains no links.

Subject Issuer Validity Valid
33e9ce3d6fa6.baklib.work
R3		 2024-04-02 -
2024-07-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
Frame ID: 593286D1E63EF0742085789D738C18FF
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

222123112313

Page URL History Show full URLs

  1. https://33e9ce3d6fa6.baklib.work/ HTTP 302
    https://33e9ce3d6fa6.baklib.work/get_started/complete HTTP 302
    https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1908 kB
Transfer

8676 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://33e9ce3d6fa6.baklib.work/ HTTP 302
    https://33e9ce3d6fa6.baklib.work/get_started/complete HTTP 302
    https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
33e9ce3d6fa6.baklib.work/
Redirect Chain
  • https://33e9ce3d6fa6.baklib.work/
  • https://33e9ce3d6fa6.baklib.work/get_started/complete
  • https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.154.98.173 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
/
Resource Hash
b6a5fa11d172648cf2fba6de074cf36912ffce4deb75f483b06c60a095157ad9
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://33e9ce3d6fa6.lvh.me *.quickcep.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
3267
content-security-policy
frame-ancestors self https://33e9ce3d6fa6.lvh.me *.quickcep.com
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 12:41:45 GMT
etag
W/"b6a5fa11d172648cf2fba6de074cf369"
link
</assets/desk.tailwind-f5eed95be53d3d4dcfd04cc1f5d818ba7ee17d5c.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
d1648da0-0b79-40dc-a27e-5c8c0e0f0a56
x-runtime
0.023926
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
0
content-security-policy
frame-ancestors self https://33e9ce3d6fa6.lvh.me *.quickcep.com
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 12:41:44 GMT
location
https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
180da188-4b84-4627-971e-7e96efabba7a
x-runtime
0.012646
x-xss-protection
1; mode=block
desk.tailwind-f5eed95be53d3d4dcfd04cc1f5d818ba7ee17d5c.css
33e9ce3d6fa6.baklib.work/assets/ 		512 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://33e9ce3d6fa6.baklib.work/assets/desk.tailwind-f5eed95be53d3d4dcfd04cc1f5d818ba7ee17d5c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.154.98.173 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
/
Resource Hash
1eec7eec31c9e75cfff41014d7c8393093d99125da12d609558d74e2ca74f9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 12:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Apr 2024 15:45:38 GMT
vary
Origin
x-xss-protection
1; mode=block
content-type
text/css
desk-a93de5ac381b9fa7952c9e161cec9a3ad0c5e77c.js
33e9ce3d6fa6.baklib.work/assets/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://33e9ce3d6fa6.baklib.work/assets/desk-a93de5ac381b9fa7952c9e161cec9a3ad0c5e77c.js
Requested by
Host: 33e9ce3d6fa6.baklib.work
URL: https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.154.98.173 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
/
Resource Hash
bfb97d9c05941ecdbf85a087e8d9c83fdca47d977e6db5b9f964fac10f92ab00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 12:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Apr 2024 15:45:38 GMT
vary
Origin
x-xss-protection
1; mode=block
content-type
application/javascript
eyJfcmFpbHMiOnsiZGF0YSI6ImdpZDovL2Jha2xpYi9Pcmdhbml6YXRpb24vMTE_ZXhwaXJlc19pblx1MDAyNnVwZGF0ZWRfYXQ9MjAyNC0wMy0wOCsxMyUzQTM4JTNBMzYrJTJCMDgwMCIsInB1ciI6ImRlZmF1bHQifX0=--e61711052ad3bf9991a3de4fff4...
33e9ce3d6fa6.baklib.work/-/avatars/ 		0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://33e9ce3d6fa6.baklib.work/-/avatars/eyJfcmFpbHMiOnsiZGF0YSI6ImdpZDovL2Jha2xpYi9Pcmdhbml6YXRpb24vMTE_ZXhwaXJlc19pblx1MDAyNnVwZGF0ZWRfYXQ9MjAyNC0wMy0wOCsxMyUzQTM4JTNBMzYrJTJCMDgwMCIsInB1ciI6ImRlZmF1bHQifX0=--e61711052ad3bf9991a3de4fff4ba9b860d404a8
Requested by
Host: 33e9ce3d6fa6.baklib.work
URL: https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.154.98.173 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.016590
date
Fri, 05 Apr 2024 12:41:48 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
etag
W/"d8b418a47dfccfea85edd7c0c2c3eeb6"
vary
Origin
x-frame-options
SAMEORIGIN
cache-control
max-age=14400, public, must-revalidate
x-xss-protection
1; mode=block
x-request-id
aeb93db4-3617-40ae-abc8-35e1076abb0e
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ec064ec621eb0aae75171be196bc732c241148cd8f4a6ecc967340bf0cbe498

Request headers

Referer
Origin
https://33e9ce3d6fa6.baklib.work
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
eyJfcmFpbHMiOnsiZGF0YSI6ImdpZDovL2Jha2xpYi9Pcmdhbml6YXRpb24vMTE_ZXhwaXJlc19pblx1MDAyNnVwZGF0ZWRfYXQ9MjAyNC0wMy0wOCsxMyUzQTM4JTNBMzYrJTJCMDgwMCIsInB1ciI6ImRlZmF1bHQifX0=--e61711052ad3bf9991a3de4fff4...
33e9ce3d6fa6.baklib.work/-/avatars/ 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://33e9ce3d6fa6.baklib.work/-/avatars/eyJfcmFpbHMiOnsiZGF0YSI6ImdpZDovL2Jha2xpYi9Pcmdhbml6YXRpb24vMTE_ZXhwaXJlc19pblx1MDAyNnVwZGF0ZWRfYXQ9MjAyNC0wMy0wOCsxMyUzQTM4JTNBMzYrJTJCMDgwMCIsInB1ciI6ImRlZmF1bHQifX0=--e61711052ad3bf9991a3de4fff4ba9b860d404a8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.154.98.173 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://33e9ce3d6fa6.baklib.work/sign_in?back_to=https%3A%2F%2F33e9ce3d6fa6.baklib.work%2Fget_started%2Fcomplete
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
0.018395
date
Fri, 05 Apr 2024 12:41:49 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
etag
W/"d8b418a47dfccfea85edd7c0c2c3eeb6"
vary
Origin
x-frame-options
SAMEORIGIN
cache-control
max-age=14400, public, must-revalidate
x-xss-protection
1; mode=block
x-request-id
ae0a8b83-d829-49c5-8d2f-78cda49542c7

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Turbo object| Chartkick object| TreemapSquared function| SVG object| Apex function| usePopper function| insensitiveCompare function| sameThemeColors function| cloneObject function| themeColors function| Cleave object| __framePainter function| flatpickr object| Stimulus function| hotkeys object| BoldExtension function| LinkExtension function| ImageExtension function| tableExtension function| CodeBlockLowlightExtension function| PasteContent object| Alpine function| Chart function| dayjs function| Swiper function| Sortable function| ApexCharts

5 Cookies

Domain/Path Name / Value
33e9ce3d6fa6.baklib.work/ Name: ahoy_visitor
Value: f88fd9db-419b-493a-8c06-02828e7f2c6e
33e9ce3d6fa6.baklib.work/ Name: ahoy_visit
Value: e6e8dd67-2e69-4288-9c90-2b5a3edaca62
33e9ce3d6fa6.baklib.work/ Name: visitor
Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqRXdNamMyTkRJMVpUUTJZV0U0WW1abE5UZzRaR0UyWm1VMFpXRTRaVE14TkRkbE9ESTVZbUZtTnpCaU5qSTFaalF5T0RZNVl6a3paVGd3TWpjMVkyTWkiLCJleHAiOiIyMDQ0LTA0LTA1VDEyOjQxOjQ0LjY4N1oiLCJwdXIiOiJjb29raWUudmlzaXRvciJ9fQ%3D%3D--a7abb9b8d8bff618ef16742923f6948d2b658569
33e9ce3d6fa6.baklib.work/ Name: _x_darkMode_on
Value: false
33e9ce3d6fa6.baklib.work/ Name: organization_ome3c3
Value: gg20ThjnHNvsaZZfamUQlElp82AU%2FXTGr3%2B3IBq2AEA1WCm9IQ%2BO%2Bhi3qqirGut6o1WT9jkigJmp3DxJ4inY3yCb5pfBJT26uWa5VYa0PCVOun%2BbSGHOrEY3lAvY8ZZQcQ%2FfiRTXsxH%2FOMWOY%2B51uSqi1Rd4v2SLnZn7iF2u3SXdgBQRvqTnyDDYF5S9zXGxFUZt5b7uWFkiaxRiL%2BNwvMnSqX13%2FH%2B6TpEW3ulCTaPbC7cOf0S6q5wUSs%2B%2FVKHsROENwP1xKBKmKDyj4Zy%2BAEq%2Bbgxy2EdTZ7f6DEEClo9PW8%2F188n8d8MfSV7R168LryVddw9fmRfs0Z38u%2BLVxNBwgF1x%2F7bi8L0kCLm3UElqSRPF23BcWHG5B0IHDo7YQorlxsF0b1ZbqaIkal8USan5pHDjzj%2FC%2B1Xr--MW38830rQedSQj2V--6mv47Ecf%2FgMA3fkiTIeMzA%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors self https://33e9ce3d6fa6.lvh.me *.quickcep.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block