urlscan.io logo urlscan.io
SecurityTrails logo

xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top Open in urlscan Pro
95.214.27.247  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bing.com/ck/a?!&&p=6d5ead2c0420bb7eJmltdHM9MTY5MTQ1MjgwMCZpZ3VpZD0wNDcwYjhjOS1kYmUyLTY2ZjUtM2UxZi1hYmFmZG...
Effective URL: https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username=
Submission: On September 01 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 95.214.27.247, located in Amsterdam, Netherlands and belongs to AS_DELIS, US. The main domain is xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.
This is the only time xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
2 95.214.27.247 211252 (AS_DELIS)
3 3
Apex Domain
Subdomains		 Transfer
2 baxterfreight.top
xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top
183 KB
1 pages.dev
47002731.kkjidh009873mnhbg3.pages.dev
827 B
1 bergencountyalanon.org
www.bergencountyalanon.org
724 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 75
426 B
3 4
Domain Requested by
2 xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top 47002731.kkjidh009873mnhbg3.pages.dev
xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top
1 47002731.kkjidh009873mnhbg3.pages.dev
1 www.bergencountyalanon.org 1 redirects
1 www.bing.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
kkjidh009873mnhbg3.pages.dev
GTS CA 1P5		 2023-08-31 -
2023-11-29		 3 months crt.sh
baxterfreight.top
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username=
Frame ID: F75A00D177E9277AD13144BABA75AB05
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

reCAPTCHA

Page URL History Show full URLs

  1. https://www.bing.com/ck/a?!&&p=6d5ead2c0420bb7eJmltdHM9MTY5MTQ1MjgwMCZpZ3VpZD0wNDcwYjhjOS1kYmUyLT... HTTP 302
    http://www.bergencountyalanon.org/Files/BCML05032021.pdf HTTP 301
    https://47002731.kkjidh009873mnhbg3.pages.dev/ Page URL
  2. https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username= Page URL

Page Statistics

3
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

184 kB
Transfer

415 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bing.com/ck/a?!&&p=6d5ead2c0420bb7eJmltdHM9MTY5MTQ1MjgwMCZpZ3VpZD0wNDcwYjhjOS1kYmUyLTY2ZjUtM2UxZi1hYmFmZGFlMjY3YzQmaW5zaWQ9NTE2Mg&ptn=3&hsh=3&fclid=0470b8c9-dbe2-66f5-3e1f-abafdae267c4&psq=site%3abergencountyalanon.org&u=a1aHR0cDovL3d3dy5iZXJnZW5jb3VudHlhbGFub24ub3JnL0ZpbGVzL0JDTUwwNTAzMjAyMS5wZGY HTTP 302
    http://www.bergencountyalanon.org/Files/BCML05032021.pdf HTTP 301
    https://47002731.kkjidh009873mnhbg3.pages.dev/ Page URL
  2. https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.bing.com/ck/a?!&&p=6d5ead2c0420bb7eJmltdHM9MTY5MTQ1MjgwMCZpZ3VpZD0wNDcwYjhjOS1kYmUyLTY2ZjUtM2UxZi1hYmFmZGFlMjY3YzQmaW5zaWQ9NTE2Mg&ptn=3&hsh=3&fclid=0470b8c9-dbe2-66f5-3e1f-abafdae267c4&psq=site%3abergencountyalanon.org&u=a1aHR0cDovL3d3dy5iZXJnZW5jb3VudHlhbGFub24ub3JnL0ZpbGVzL0JDTUwwNTAzMjAyMS5wZGY HTTP 302
  • http://www.bergencountyalanon.org/Files/BCML05032021.pdf HTTP 301
  • https://47002731.kkjidh009873mnhbg3.pages.dev/

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
47002731.kkjidh009873mnhbg3.pages.dev/
Redirect Chain
  • https://www.bing.com/ck/a?!&&p=6d5ead2c0420bb7eJmltdHM9MTY5MTQ1MjgwMCZpZ3VpZD0wNDcwYjhjOS1kYmUyLTY2ZjUtM2UxZi1hYmFmZGFlMjY3YzQmaW5zaWQ9NTE2Mg&ptn=3&hsh=3&fclid=0470b8c9-dbe2-66f5-3e1f-abafdae267c4&...
  • http://www.bergencountyalanon.org/Files/BCML05032021.pdf
  • https://47002731.kkjidh009873mnhbg3.pages.dev/
409 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://47002731.kkjidh009873mnhbg3.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2d13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7ffc6ca90dec9b33-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 09:18:11 GMT
etag
W/"279a44f5012175eb69172f1ab7761fde"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItMZp%2BBD2KFBekvJTR%2Be7Tn9DoZzFQzyn8PKPceC%2BYyyHqRIZ%2BexaIItG2x07HN8X56x4CJQ558ACHgh%2FRSwVe1tc%2FfAflGwOht0JMy3pejLA%2B%2Bt4o%2BeMzR9UC3vO8o4COO3XxSXdAOibAtAoWRffB9y7yv4K6ZFDir9rJczgeTLfBg6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex

Redirect headers

CF-RAY
7ffc6ca8afd7365b-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 01 Sep 2023 09:18:11 GMT
Expires
Fri, 01 Sep 2023 10:18:11 GMT
Location
https://47002731.kkjidh009873mnhbg3.pages.dev/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWjHAdoq68en7EAwaszduG5P%2B4IcLVsA%2F%2FdLAjkl2Yc%2FtInbl4uOAL9B6qekCpP%2BBOJ%2FzmiAVon%2B2KUsAOw1yT%2FYwlUJb5eWApkI%2FFapzVBG2DMu2j4mMoat2VE9fbYFk0B70ZynPCM2MGWsquUpOGIrDc37iduQpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
Primary Request /
xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top// 		315 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username=
Requested by
Host: 47002731.kkjidh009873mnhbg3.pages.dev
URL: https://47002731.kkjidh009873mnhbg3.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.214.27.247 Amsterdam, Netherlands, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
nginx /
Resource Hash
d40427c938f9cf847ddd3362f36ac6b72f74965db9ed345a22feaf6b0d6cf999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://47002731.kkjidh009873mnhbg3.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 09:18:12 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top// 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username=
Requested by
Host: xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top
URL: https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.214.27.247 Amsterdam, Netherlands, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xxoiyyhhrr-enneuhnf-00jehhdbfff.baxterfreight.top//?username=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:18:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae920a439284930fb403f50265cb02327be4b7245d01fd19476cbdbf3ec29fc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| a0_0x1211 function| a0_0x4c70 function| onCheckBoxChange

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff