urlscan.io logo urlscan.io
SecurityTrails logo

backdoor.best Open in urlscan Pro
34.132.134.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://backdoor.best/
Effective URL: https://backdoor.best/
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 34.132.134.162, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is backdoor.best.
TLS certificate: Issued by R3 on August 22nd 2023. Valid for: 3 months.
This is the only time backdoor.best was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.132.134.162 396982 (GOOGLE-CL...)
1 5 35.186.245.55 15169 (GOOGLE)
6 3
Apex Domain
Subdomains		 Transfer
5 repl.co
v2.l4ctose.repl.co
14 KB
2 backdoor.best
backdoor.best
1 KB
0 fontawesome.com Failed
kit.fontawesome.com Failed
6 3
Domain Requested by
5 v2.l4ctose.repl.co 1 redirects backdoor.best
v2.l4ctose.repl.co
2 backdoor.best 1 redirects
0 kit.fontawesome.com Failed v2.l4ctose.repl.co
6 3

This site contains no links.

Subject Issuer Validity Valid
backdoor.best
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
l4ctose.repl.co
GTS CA 1P5		 2023-10-13 -
2024-01-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://backdoor.best/
Frame ID: DB4FB5019D65DE760116A0466C44E481
Requests: 1 HTTP requests in this frame

Frame: https://v2.l4ctose.repl.co/bypasser/
Frame ID: D0A4F56DCCA36E10F75E656C6556E01B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Backdoor AI

Page URL History Show full URLs

  1. http://backdoor.best/ HTTP 308
    https://backdoor.best/ Page URL

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

14 kB
Transfer

13 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://backdoor.best/ HTTP 308
    https://backdoor.best/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://v2.l4ctose.repl.co/bypasser HTTP 302
  • https://v2.l4ctose.repl.co/bypasser/

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
backdoor.best/
Redirect Chain
  • http://backdoor.best/
  • https://backdoor.best/
641 B
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://backdoor.best/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
d0c66337b243fe45b81a64ae2cad79439e237968c61e5e83491186373d606a8f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Length
641
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 17:53:43 GMT
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Replit-Cluster
global

Redirect headers

Content-Length
58
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 17:53:42 GMT
Location
https://backdoor.best/
Replit-Cluster
global
Via
1.1 google
/
v2.l4ctose.repl.co/ Frame D0A4 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v2.l4ctose.repl.co/
Requested by
Host: backdoor.best
URL: https://backdoor.best/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
79570132429b986bf81892f7a18dd5ac3b796a6df9e6f13c231994695367125e
Security Headers
Name Value
Strict-Transport-Security max-age=7388834; includeSubDomains

Request headers

Referer
https://backdoor.best/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Length
5073
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 17:53:44 GMT
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Replit-Cluster
global
Strict-Transport-Security
max-age=7388834; includeSubDomains
a076d05399.js
kit.fontawesome.com/ Frame D0A4 		0
0
version
v2.l4ctose.repl.co/ Frame D0A4 		3 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v2.l4ctose.repl.co/version
Requested by
Host: v2.l4ctose.repl.co
URL: https://v2.l4ctose.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d0ff5974b6aa52cf562bea5921840c032a860a91a3512f7fe8f768f6bbe005f6
Security Headers
Name Value
Strict-Transport-Security max-age=7388834; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v2.l4ctose.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=7388834; includeSubDomains
Date
Tue, 17 Oct 2023 17:53:44 GMT
Replit-Cluster
global
Content-Length
3
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type
chat
v2.l4ctose.repl.co/ Frame D0A4 		5 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://v2.l4ctose.repl.co/chat
Requested by
Host: v2.l4ctose.repl.co
URL: https://v2.l4ctose.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
135fc7a09da25f03e44f7a2c700efd4a9d0a989af4d4704eabfe9ada71b26590
Security Headers
Name Value
Strict-Transport-Security max-age=7388834; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v2.l4ctose.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=7388834; includeSubDomains
Date
Tue, 17 Oct 2023 17:53:44 GMT
Replit-Cluster
global
Content-Length
5
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type
/
v2.l4ctose.repl.co/bypasser/ Frame D0A4
Redirect Chain
  • https://v2.l4ctose.repl.co/bypasser
  • https://v2.l4ctose.repl.co/bypasser/
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v2.l4ctose.repl.co/bypasser/
Requested by
Host: v2.l4ctose.repl.co
URL: https://v2.l4ctose.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
266166803b2993b8d69f6b16d3a35a0a0bdbeee70e225a52eca91b28c3e9d325
Security Headers
Name Value
Strict-Transport-Security max-age=7388833; includeSubDomains

Request headers

Referer
https://v2.l4ctose.repl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Length
7295
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 17:53:45 GMT
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Replit-Cluster
global
Strict-Transport-Security
max-age=7388833; includeSubDomains

Redirect headers

Content-Length
33
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 17:53:45 GMT
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Location
/bypasser/
Replit-Cluster
global
Strict-Transport-Security
max-age=7388833; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kit.fontawesome.com
URL
https://kit.fontawesome.com/a076d05399.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

2 Console Messages

Source Level URL
Text
javascript error URL: https://v2.l4ctose.repl.co/
Message:
Access to script at 'https://kit.fontawesome.com/a076d05399.js' from origin 'https://v2.l4ctose.repl.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kit.fontawesome.com/a076d05399.js
Message:
Failed to load resource: net::ERR_FAILED