urlscan.io logo urlscan.io
SecurityTrails logo

backdoor.best Open in urlscan Pro
34.111.254.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://backdoor.best/
Effective URL: https://backdoor.best/
Submission: On January 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 34.111.254.92, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is backdoor.best.
TLS certificate: Issued by R3 on January 4th 2024. Valid for: 3 months.
This is the only time backdoor.best was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.111.254.92 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 35.186.245.55 15169 (GOOGLE)
4 34.117.33.233 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 173.231.16.76 18450 (WEBNX)
2 84.246.80.96 50673 (SERVERIUS-AS)
19 10
2    34.111.254.92 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.254.111.34.bc.googleusercontent.com
backdoor.best
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    35.186.245.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com
v2.l4ctose.repl.co
4    34.117.33.233 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 233.33.117.34.bc.googleusercontent.com
v-2-l4ctose.replit.app
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org
api.ipify.org
2    84.246.80.96 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
cors-proxy.fringe.zone
Apex Domain
Subdomains		 Transfer
4 replit.app
v-2-l4ctose.replit.app
39 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
2 KB
3 gstatic.com
fonts.gstatic.com
141 KB
2 fringe.zone
cors-proxy.fringe.zone
2 backdoor.best
backdoor.best
2 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2685
224 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1219
30 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1695
252 B
1 repl.co
v2.l4ctose.repl.co
387 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
92 KB
19 10
Domain Requested by
4 v-2-l4ctose.replit.app backdoor.best
v-2-l4ctose.replit.app
4 fonts.googleapis.com backdoor.best
v-2-l4ctose.replit.app
3 fonts.gstatic.com fonts.googleapis.com
2 cors-proxy.fringe.zone v-2-l4ctose.replit.app
2 backdoor.best 1 redirects
1 api.ipify.org v-2-l4ctose.replit.app
1 code.jquery.com v-2-l4ctose.replit.app
1 region1.google-analytics.com www.googletagmanager.com
1 v2.l4ctose.repl.co 1 redirects
1 www.googletagmanager.com backdoor.best
19 10

This site contains no links.

Subject Issuer Validity Valid
backdoor.best
R3		 2024-01-04 -
2024-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
replit.app
GTS CA 1D4		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
cors-proxy.fringe.zone
R3		 2023-11-11 -
2024-02-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://backdoor.best/
Frame ID: FC7E20FFBA7ECAA1B7DD421C6F8D5A37
Requests: 5 HTTP requests in this frame

Frame: https://v-2-l4ctose.replit.app/ai/
Frame ID: D73AD52C60C6C0ACDA91A0285D885E3E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Backdoor AI

Page URL History Show full URLs

  1. http://backdoor.best/ HTTP 301
    https://backdoor.best/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

307 kB
Transfer

552 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://backdoor.best/ HTTP 301
    https://backdoor.best/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://v2.l4ctose.repl.co/ai/gpt.png HTTP 308
  • https://v-2-l4ctose.replit.app/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
backdoor.best/
Redirect Chain
  • http://backdoor.best/
  • https://backdoor.best/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://backdoor.best/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.254.92 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
92.254.111.34.bc.googleusercontent.com
Software
/
Resource Hash
9151fe06f6caa72d0f1357a8cf9331729edb2491e00e0bfd0fa4cba0c585c921
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2161
content-length
1771
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 03:24:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains

Redirect headers

Content-Length
57
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Jan 2024 03:24:42 GMT
Location
https://backdoor.best/
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VJ7179BQCC
Requested by
Host: backdoor.best
URL: https://backdoor.best/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7cc96c8a10c15e651f5afe0a9e7c1a7cc411652333342cd9b32df98c5d1c5ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://backdoor.best/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93360
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Jan 2024 03:24:42 GMT
css2
fonts.googleapis.com/ 		4 KB
950 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap
Requested by
Host: backdoor.best
URL: https://backdoor.best/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46f8cce0826f2b934c7ef9af81e9667f64a36dca24ff6782e09b298e79480cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://backdoor.best/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:17:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 03:24:42 GMT
/
v-2-l4ctose.replit.app/
Redirect Chain
  • https://v2.l4ctose.repl.co/ai/gpt.png
  • https://v-2-l4ctose.replit.app/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-2-l4ctose.replit.app/
Protocol
H2
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://backdoor.best/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

Location
https://v-2-L4CTOSE.replit.app
Strict-Transport-Security
max-age=5439775; includeSubDomains
Date
Wed, 10 Jan 2024 03:24:42 GMT
Replit-Cluster
global
Expect-Ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Length
66
Content-Type
text/html; charset=utf-8
/
v-2-l4ctose.replit.app/ Frame D73A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v-2-l4ctose.replit.app/
Requested by
Host: backdoor.best
URL: https://backdoor.best/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
8cefef1becab48d022c1ec634dc1f19466356ef5c11eb14429953a8f29f1dbd9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://backdoor.best/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
252678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2126
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 03:24:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VJ7179BQCC&gtm=45je4180v9170583853&_p=1704857082579&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1880630890.1704857083&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704857082&sct=1&seg=0&dl=https%3A%2F%2Fbackdoor.best%2F&dt=Backdoor%20AI&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=614
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJ7179BQCC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://backdoor.best/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jan 2024 03:24:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://backdoor.best
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame D73A 		1 KB
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3499bd0d6e6b9d2d80d08684882f2715adc7a8066b853cf032f30b9f244aac7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v-2-l4ctose.replit.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 03:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:49:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 03:24:42 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame D73A 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://v-2-l4ctose.replit.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:39:51 GMT
x-content-type-options
nosniff
age
128691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 15:39:51 GMT
/
v-2-l4ctose.replit.app/ai/ Frame D73A 		33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v-2-l4ctose.replit.app/ai/
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0832c13fe6c70234ff1c3cc746d1f48c7960f61c9bddc951bbc1cf75c868d8af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://v-2-l4ctose.replit.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33529
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 03:24:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
css2
fonts.googleapis.com/ Frame D73A 		1 KB
450 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3499bd0d6e6b9d2d80d08684882f2715adc7a8066b853cf032f30b9f244aac7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v-2-l4ctose.replit.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 03:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 01:35:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 03:24:43 GMT
icon
fonts.googleapis.com/ Frame D73A 		569 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v-2-l4ctose.replit.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jan 2024 03:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 03:24:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jan 2024 03:24:43 GMT
jquery-3.6.0.min.js
code.jquery.com/ Frame D73A 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v-2-l4ctose.replit.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:24:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4254467
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230110-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1704857084.736899,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 379028
gpt.png
v-2-l4ctose.replit.app/ai/ Frame D73A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-2-l4ctose.replit.app/ai/gpt.png
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3473e73114d17b01dc7abd437db23e7b99eecc319ae14fb09486c1e442579b07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v-2-l4ctose.replit.app/ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
date
Wed, 10 Jan 2024 03:24:43 GMT
via
1.1 google
age
68543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
content-type
image/png
data.png
v-2-l4ctose.replit.app/ai/ Frame D73A 		0
0
/
api.ipify.org/ Frame D73A 		24 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
api.ipify.org
Software
nginx/1.25.1 /
Resource Hash
63202b5c941905dd279794f1bf747825eb60dc8c80cd3a72573291aa14351fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v-2-l4ctose.replit.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Jan 2024 03:24:44 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
24
Vary
Origin
Content-Type
application/json
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame D73A 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://v-2-l4ctose.replit.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:39:51 GMT
x-content-type-options
nosniff
age
128692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 15:39:51 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ Frame D73A 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://v-2-l4ctose.replit.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:59:33 GMT
x-content-type-options
nosniff
age
95110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:59:33 GMT
7FmRH6wAKVVJOFUwX9dJs9wy63XbC7nMJU9lWPDn3zkvfBYjDk7yatPZVj0jxJY_EfxE
cors-proxy.fringe.zone/https://discord.com/api/webhooks/1170933800897888276/ Frame D73A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cors-proxy.fringe.zone/https://discord.com/api/webhooks/1170933800897888276/7FmRH6wAKVVJOFUwX9dJs9wy63XbC7nMJU9lWPDn3zkvfBYjDk7yatPZVj0jxJY_EfxE
Requested by
Host: v-2-l4ctose.replit.app
URL: https://v-2-l4ctose.replit.app/ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.246.80.96 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://v-2-l4ctose.replit.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 03:24:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-ratelimit-bucket
3d2712a9e4fe17cc9d3fed4a8e672e5f
x-ratelimit-reset-after
1
content-security-policy
frame-ancestors 'none'; default-src 'none'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-final-url
https://discord.com/api/webhooks/1170933800897888276/7FmRH6wAKVVJOFUwX9dJs9wy63XbC7nMJU9lWPDn3zkvfBYjDk7yatPZVj0jxJY_EfxE
alt-svc
h3=":443"; ma=86400
server
nginx
x-request-url
https://discord.com/api/webhooks/1170933800897888276/7FmRH6wAKVVJOFUwX9dJs9wy63XbC7nMJU9lWPDn3zkvfBYjDk7yatPZVj0jxJY_EfxE
x-ratelimit-remaining
4
access-control-allow-methods
POST, GET, PUT, PATCH, DELETE
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jk%2BbglxcqQcVIORi%2FzeMVVHOkJTn1inXUUUamBDCpE1nhDxAi2PtOXlPKH7BH9hL0m%2FxoTLslYPZAxd%2FLxhv9GAcZ6a9wgQ3dGdJuJJ2y76Kf7%2FuVz7qrtHJKduB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
date,content-type,connection,access-control-allow-origin,access-control-allow-credentials,access-control-allow-methods,access-control-allow-headers,access-control-expose-headers,strict-transport-security,x-ratelimit-bucket,x-ratelimit-limit,x-ratelimit-remaining,x-ratelimit-reset,x-ratelimit-reset-after,via,alt-svc,cf-cache-status,report-to,nel,x-content-type-options,content-security-policy,server,cf-ray,x-final-url
access-control-allow-credentials
true
x-ratelimit-reset
1704857085
x-ratelimit-limit
5
cf-ray
8431cf095ee2b90c-AMS
access-control-allow-headers
Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-MFA-Authorization, X-Discord-MFA-V1-Code, Range, X-RateLimit-Precision
7FmRH6wAKVVJOFUwX9dJs9wy63XbC7nMJU9lWPDn3zkvfBYjDk7yatPZVj0jxJY_EfxE
cors-proxy.fringe.zone/https://discord.com/api/webhooks/1170933800897888276/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cors-proxy.fringe.zone/https://discord.com/api/webhooks/1170933800897888276/7FmRH6wAKVVJOFUwX9dJs9wy63XbC7nMJU9lWPDn3zkvfBYjDk7yatPZVj0jxJY_EfxE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
84.246.80.96 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://v-2-l4ctose.replit.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
date
Wed, 10 Jan 2024 03:24:44 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
v-2-l4ctose.replit.app
URL
https://v-2-l4ctose.replit.app/ai/data.png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.backdoor.best/ Name: _ga
Value: GA1.1.1880630890.1704857083
.backdoor.best/ Name: _ga_VJ7179BQCC
Value: GS1.1.1704857082.1.0.1704857082.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains