urlscan.io logo urlscan.io
SecurityTrails logo

basellpushingfreund.online Open in urlscan Pro
203.161.61.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://basellpushingfreund.online/03z3v06xv309hntfb1dq632464bvwg1h7a5dedx26vsqgrqbamk7e10y8hhlsbc046yrqp3fm4mxbkylg0u7b1468rjgl78c...
Submission Tags: @ecarlesi threat phishing Search All
Submission: On September 28 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 203.161.61.2, located in United States and belongs to NAMECHEAP-NET, US. The main domain is basellpushingfreund.online.
TLS certificate: Issued by R11 on September 28th 2024. Valid for: 3 months.
This is the only time basellpushingfreund.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 203.161.61.2 22612 (NAMECHEAP...)
2 142.250.185.196 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
4 3
Apex Domain
Subdomains		 Transfer
2 google.com
www.google.com — Cisco Umbrella Rank: 3
969 B
1 gstatic.com
www.gstatic.com
214 KB
1 basellpushingfreund.online
basellpushingfreund.online
1 KB
4 3
Domain Requested by
2 www.google.com basellpushingfreund.online
www.gstatic.com
1 www.gstatic.com www.google.com
1 basellpushingfreund.online
4 3

This site contains no links.

Subject Issuer Validity Valid
basellpushingfreund.online
R11		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://basellpushingfreund.online/03z3v06xv309hntfb1dq632464bvwg1h7a5dedx26vsqgrqbamk7e10y8hhlsbc046yrqp3fm4mxbkylg0u7b1468rjgl78cwcrro36i36k3456jvbmqt28vc1474zdtgkcplqyj7gq9fi00bit809/
Frame ID: 53DA2F34F749FFC5BBE875CD2D50561F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcemFEqAAAAAKlG1vHhjHI1Ez8dEPvnamnQ7foY&co=aHR0cHM6Ly9iYXNlbGxwdXNoaW5nZnJldW5kLm9ubGluZTo0NDM.&hl=it&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=7tl3ayx76f01
Frame ID: D6119978AFD4B60A489D06FD664F5A55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

reCAPTCHA: Click Allow to verify that you are not a robot

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

216 kB
Transfer

544 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
basellpushingfreund.online/03z3v06xv309hntfb1dq632464bvwg1h7a5dedx26vsqgrqbamk7e10y8hhlsbc046yrqp3fm4mxbkylg0u7b1468rjgl78cwcrro36i36k3456jvbmqt28vc1474zdtgkcplqyj7gq9fi00bit809/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://basellpushingfreund.online/03z3v06xv309hntfb1dq632464bvwg1h7a5dedx26vsqgrqbamk7e10y8hhlsbc046yrqp3fm4mxbkylg0u7b1468rjgl78cwcrro36i36k3456jvbmqt28vc1474zdtgkcplqyj7gq9fi00bit809/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.161.61.2 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.milnert.com
Software
Apache /
Resource Hash
b345ea353895f93d11993464899feca684e23604bc0d53b33e6be5ed0be194d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
880
Content-Type
text/html
Date
Sat, 28 Sep 2024 15:16:07 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Sat, 28 Sep 2024 09:11:57 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
api.js
www.google.com/recaptcha/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: basellpushingfreund.online
URL: https://basellpushingfreund.online/03z3v06xv309hntfb1dq632464bvwg1h7a5dedx26vsqgrqbamk7e10y8hhlsbc046yrqp3fm4mxbkylg0u7b1468rjgl78cwcrro36i36k3456jvbmqt28vc1474zdtgkcplqyj7gq9fi00bit809/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
0524a95cb2151649c676d3757e387341111ffab6ada45d0780ab3594cec4422a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://basellpushingfreund.online/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 15:16:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 28 Sep 2024 15:16:07 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
recaptcha__it.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 		540 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
269e5b24dd9ee843e7d82c5aa67279997a97df01e8a9de509a53d033a8528d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://basellpushingfreund.online
Referer
https://basellpushingfreund.online/

Response headers

content-encoding
gzip
age
176756
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 14:10:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 14:10:12 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
219123
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame D611 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcemFEqAAAAAKlG1vHhjHI1Ez8dEPvnamnQ7foY&co=aHR0cHM6Ly9iYXNlbGxwdXNoaW5nZnJldW5kLm9ubGluZTo0NDM.&hl=it&v=xds0rzGrktR88uEZ2JUvdgOY&size=normal&cb=7tl3ayx76f01
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SSpZH3cV2n4XMMfAmwuUDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://basellpushingfreund.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SSpZH3cV2n4XMMfAmwuUDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 15:16:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| recaptcha_callback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_3707

0 Cookies