urlscan.io logo urlscan.io
SecurityTrails logo

freenom.link Open in urlscan Pro
199.59.243.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rabbat.ga/
Effective URL: http://freenom.link/?k=80808080&_=1653768370
Submission: On May 28 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 199.59.243.220, located in United States and belongs to AMAZON-02, US. The main domain is freenom.link. The Cisco Umbrella rank of the primary domain is 167761.
This is the only time freenom.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 195.20.53.212 31624 (VFMNL-AS ...)
1 1 109.235.49.197 47869 (NETROUTIN...)
5 199.59.243.220 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
10 5
1    195.20.53.212 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)
rabbat.ga
1    109.235.49.197 (Netherlands)

ASN47869 (NETROUTING-AS, NL)
domain.dot.tk
5    199.59.243.220 (United States)

ASN16509 (AMAZON-02, US)
freenom.link
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
Apex Domain
Subdomains		 Transfer
5 freenom.link
freenom.link — Cisco Umbrella Rank: 167761
28 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
54 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 768
624 B
1 dot.tk
domain.dot.tk — Cisco Umbrella Rank: 189266
242 B
1 rabbat.ga
rabbat.ga
973 B
10 5
Domain Requested by
5 freenom.link rabbat.ga
freenom.link
2 www.google.com freenom.link
www.google.com
1 partner.googleadservices.com www.google.com
1 domain.dot.tk 1 redirects
1 rabbat.ga
10 5

This site contains no links.

Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://freenom.link/?k=80808080&_=1653768370
Frame ID: 08D6905185851E8C8E32FCB89CCDD7D5
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=1379758844&pcsa=false&channel=pid-bodis-gcontrol100%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol480&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956&format=r3&nocache=1441653768567922&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1653768567922&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&uio=-&cont=rs&jsid=caf&jsv=14100&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1653768370&referer=http%3A%2F%2Frabbat.ga%2F
Frame ID: 857284DB333A1D00886AB8261E92B3A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freenom.link

Page URL History Show full URLs

  1. http://rabbat.ga/ Page URL
  2. http://domain.dot.tk/p/?d=RABBAT.GA&i=95.211.95.246&c=31&ro=0&ref=unknown&_=1653768567038 HTTP 301
    http://freenom.link/?k=80808080&_=1653768370 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

30 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

84 kB
Transfer

221 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rabbat.ga/ Page URL
  2. http://domain.dot.tk/p/?d=RABBAT.GA&i=95.211.95.246&c=31&ro=0&ref=unknown&_=1653768567038 HTTP 301
    http://freenom.link/?k=80808080&_=1653768370 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rabbat.ga/ 		635 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rabbat.ga/
Protocol
HTTP/1.1
Server
195.20.53.212 , Netherlands, ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL),
Reverse DNS
Software
nginx /
Resource Hash
e23f59b08fdcc244f2f31be40be9f6a18bcbd5d499c157616359fd86ccf0778f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
635
Content-Type
text/html;charset=UTF-8
Date
Sat, 28 May 2022 20:09:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
nginx
X-Server
ip-172-30-1-200
Primary Request /
freenom.link/
Redirect Chain
  • http://domain.dot.tk/p/?d=RABBAT.GA&i=95.211.95.246&c=31&ro=0&ref=unknown&_=1653768567038
  • http://freenom.link/?k=80808080&_=1653768370
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://freenom.link/?k=80808080&_=1653768370
Requested by
Host: rabbat.ga
URL: http://rabbat.ga/
Protocol
HTTP/1.1
Server
199.59.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9482d938cc1e41b804a72d66495f4011a73122624db2b208ff22bd764f1ec911

Request headers

Referer
http://rabbat.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 May 2022 20:09:27 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_NcctuqRfg8y9H3hZww6malyL6jlGKJ/Vs1RZg+hSkjBHWVbBfC7fi/Yby09FhJ89pQNWSHfq1A7GxdBTitVDsg==

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=ISO-8859-1
Date
Sat, 28 May 2022 20:06:10 GMT
Location
http://freenom.link/?k=80808080&_=1653768370
Server
Apache/2.4.38 (Debian)
parking.2.89.0.js
freenom.link/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freenom.link/js/parking.2.89.0.js
Requested by
Host: freenom.link
URL: http://freenom.link/?k=80808080&_=1653768370
Protocol
HTTP/1.1
Server
199.59.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2d9d6abca9a665e934e9285c0085ad015144c5e00862ea48a22f55e938b80f1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://freenom.link/?k=80808080&_=1653768370
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 May 2022 20:09:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2022 20:20:07 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
_fd
freenom.link/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://freenom.link/_fd?k=80808080&_=1653768370
Requested by
Host: freenom.link
URL: http://freenom.link/js/parking.2.89.0.js
Protocol
HTTP/1.1
Server
199.59.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
66899a734ca884bd37b4d270d3c7c917f82571fef082d858ebc00ade8b02ab64

Request headers

Accept
application/json
Referer
http://freenom.link/?k=80808080&_=1653768370
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.89.0
Date
Sat, 28 May 2022 20:09:27 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: freenom.link
URL: http://freenom.link/js/parking.2.89.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b459d0d9e7c3858d1d742f781d69fe472b08305c35b4f8375c712e82c7dfa5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://freenom.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 20:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"48462796535800694"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 28 May 2022 20:09:27 GMT
px.gif
freenom.link/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freenom.link/px.gif?ch=1&rn=3.011128583547168
Requested by
Host: freenom.link
URL: http://freenom.link/?k=80808080&_=1653768370
Protocol
HTTP/1.1
Server
199.59.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://freenom.link/?k=80808080&_=1653768370
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 May 2022 20:09:27 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif
freenom.link/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freenom.link/px.gif?ch=2&rn=3.011128583547168
Requested by
Host: freenom.link
URL: http://freenom.link/?k=80808080&_=1653768370
Protocol
HTTP/1.1
Server
199.59.243.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://freenom.link/?k=80808080&_=1653768370
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 May 2022 20:09:27 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
cookie.js
partner.googleadservices.com/gampad/ 		189 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=freenom.link&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0d2b09d0d36a593b7878d3bc54e874df7f549ab94e7b44e4fa1348a521a55041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://freenom.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 20:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180
x-xss-protection
0
ads
www.google.com/afs/ Frame 8572 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=1379758844&pcsa=false&channel=pid-bodis-gcontrol100%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol320%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol480&client=dp-bodis31_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2277932748432058&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956&format=r3&nocache=1441653768567922&num=0&output=afd_ads&domain_name=freenom.link&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1653768567922&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&uio=-&cont=rs&jsid=caf&jsv=14100&rurl=http%3A%2F%2Ffreenom.link%2F%3Fk%3D80808080%26_%3D1653768370&referer=http%3A%2F%2Frabbat.ga%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
9afd1c06c033295bfa3c898f72595c8428a04640a73d75ce7647a56f84fd15dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://freenom.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-Viewport-Width Sec-CH-Viewport-Height Sec-CH-DPR
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
1950
content-type
text/html; charset=UTF-8
date
Sat, 28 May 2022 20:09:27 GMT
expires
Sat, 28 May 2022 20:09:27 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
gws
x-xss-protection
0
caf.js
www.google.com/adsense/domains/ Frame 8572 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/adsense/domains/caf.js?pac=2

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| park object| regeneratorRuntime function| setImmediate function| clearImmediate number| googleNDT_ number| googleAltLoader object| google function| __sasCookie

3 Cookies

Domain/Path Name / Value
rabbat.ga/ Name: JSESSIONID
Value: 46413CEE95AAE8FB437BBD36DF84A1CC
freenom.link/ Name: parking_session
Value: e66b7091-5889-f1c5-433e-4022a30807ae
.freenom.link/ Name: __gsas
Value: ID=425acf519c9afa19:T=1653768567:S=ALNI_Mb3Cfgk4b6On56Rz8ojRabu2TX5Gg