urlscan.io logo urlscan.io
SecurityTrails logo

14.128.38.38 Open in urlscan Pro
14.128.38.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xppj.bid/
Effective URL: https://14.128.38.38:1001/
Submission: On November 09 via api from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 3 domains to perform 12 HTTP transactions. The main IP is 14.128.38.38, located in Singapore and belongs to BGNL-HK BGP Network Limited, HK. The main domain is 14.128.38.38.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 27th 2024. Valid for: a year.
This is the only time 14.128.38.38 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 154.85.10.115 209242 (CLOUDFLAR...)
1 194.147.99.245 201106 (SPARTANHOST)
1 156.227.1.84 58879 (ANCHNET S...)
1 14.128.38.50 64050 (BGNL-HK B...)
1 14.128.38.38 64050 (BGNL-HK B...)
4 157.185.177.205 54994 (ML-1432-5...)
12 7
1    154.85.10.115 (Tokyo, Japan)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
xppj.bid
1    194.147.99.245 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)
194.147.99.245
1    156.227.1.84 (Hong Kong)

ASN58879 (ANCHNET Shanghai ruisu network technology co.,LTD, CN)
156.227.1.84
1    14.128.38.50 (Singapore)

ASN64050 (BGNL-HK BGP Network Limited, HK)
14.128.38.50
1    14.128.38.38 (Singapore)

ASN64050 (BGNL-HK BGP Network Limited, HK)
14.128.38.38
4    157.185.177.205 (Monrovia, United States)

ASN54994 (ML-1432-54994, CA)
pcca.bspuer.com
Apex Domain
Subdomains		 Transfer
4 bspuer.com
pcca.bspuer.com
491 KB
1 xppj.bid
xppj.bid
662 B
0 Failed
function sub() { [native code] }. Failed
12 3
Domain Requested by
4 pcca.bspuer.com 14.128.38.38
1 xppj.bid
0 156.227.1.84 Failed xppj.bid
0 194.147.99.245 Failed xppj.bid
12 4

This site contains no links.

Subject Issuer Validity Valid

2021-08-13 -
2022-08-13		 a year crt.sh
194.147.99.245
Certum Domain Validation CA SHA2		 2024-04-16 -
2025-05-16		 a year crt.sh
156.227.1.84
Certum Domain Validation CA SHA2		 2024-06-24 -
2025-07-24		 a year crt.sh
14.128.38.36
Sectigo RSA Domain Validation Secure Server CA		 2024-09-27 -
2025-09-27		 a year crt.sh
*.bspuer.com
Sectigo RSA Domain Validation Secure Server CA		 2024-10-17 -
2025-10-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://14.128.38.38:1001/
Frame ID: 0CA5484153FCD84437CD395203927700
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://xppj.bid/ Page URL
  2. https://14.128.38.50:1003/BptBfMjowAYiigSEgstU/5DMeVNzZhJh2kJTLVUDA.php?c=8858HTRK Page URL
  3. https://14.128.38.38:1001/ Page URL

Page Statistics

12
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

7
IPs

4
Countries

494 kB
Transfer

3023 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xppj.bid/ Page URL
  2. https://14.128.38.50:1003/BptBfMjowAYiigSEgstU/5DMeVNzZhJh2kJTLVUDA.php?c=8858HTRK Page URL
  3. https://14.128.38.38:1001/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xppj.bid/ 		476 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xppj.bid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.85.10.115 Tokyo, Japan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
242d7d2d0a61d09cb0342469b46f5fae538bcea5d97804927212dc7307ad248c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=259200
Connection
close
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Nov 2024 10:42:37 GMT
Transfer-Encoding
chunked
dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
194.147.99.245/ 		0
0
dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
156.227.1.84/ 		0
0
dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
194.147.99.245/ 		178 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://194.147.99.245:11718/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
Requested by
Host: xppj.bid
URL: https://xppj.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.147.99.245 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
nginx /
Resource Hash
dabc41a4980bd7d82c6e9d0fa513644b4d260649711c67940cb1b633f3c9d05e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xppj.bid/

Response headers

cache-control
max-age=60
referrer-policy
same-origin
expires
Sat, 09 Nov 2024 10:46:59 GMT
x-cache
MISS
content-length
178
date
Sat, 09 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
vary
Origin
server
nginx
x-frame-options
DENY
dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
156.227.1.84/ 		178 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://156.227.1.84:5118/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
Requested by
Host: xppj.bid
URL: https://xppj.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.227.1.84 , Hong Kong, ASN58879 (ANCHNET Shanghai ruisu network technology co.,LTD, CN),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xppj.bid/

Response headers

cache-control
max-age=60
referrer-policy
same-origin
expires
Sat, 09 Nov 2024 10:46:59 GMT
x-cache
MISS
content-length
178
date
Sat, 09 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
vary
Origin
server
nginx
x-frame-options
DENY
5DMeVNzZhJh2kJTLVUDA.php
14.128.38.50/BptBfMjowAYiigSEgstU/ 		134 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://14.128.38.50:1003/BptBfMjowAYiigSEgstU/5DMeVNzZhJh2kJTLVUDA.php?c=8858HTRK
Requested by
Host: 194.147.99.245
URL: https://194.147.99.245:11718/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.128.38.50 , Singapore, ASN64050 (BGNL-HK BGP Network Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
8ff4ca574caf3c879c9178d168466920ac5c69ee8efd386ce8ab60f3ecb31bc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://xppj.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Nov 2024 10:45:59 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
Primary Request /
14.128.38.38/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://14.128.38.38:1001/
Requested by
Host: 14.128.38.50
URL: https://14.128.38.50:1003/BptBfMjowAYiigSEgstU/5DMeVNzZhJh2kJTLVUDA.php?c=8858HTRK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.128.38.38 , Singapore, ASN64050 (BGNL-HK BGP Network Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f2a2870c27833a138611562bce5c9ad22c43746f3433544bd9d269595ba8ffb6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://14.128.38.50:1003/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
222
cache-control
no-cache
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 09 Nov 2024 10:46:00 GMT
etag
W/"041436bea3bdecebb35e0f50635632c2"
last-modified
Fri, 25 Oct 2024 05:38:21 GMT
server
nginx
strict-transport-security
max-age=15768000
vary
accept-encoding
via
1.1 dae06bf8d21ab46f580fe0c968bf0f52.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-requestid
84552318435dfaf41f07242636fe863f
reset.css
pcca.bspuer.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcca.bspuer.com/static/css/reset.css
Requested by
Host: 14.128.38.38
URL: https://14.128.38.38:1001/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
44115d7e6f1175fcec30a183b1db0742792644bb5a0df238dcb59bbddd6881cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://14.128.38.38:1001/

Response headers

Transfer-Encoding
chunked
X-Px
ht PSmgasbIAD1pb76IAD
x-ws-request-id
672f3d69_PSmgasbIAD1pb76_32895-21595
Content-Encoding
gzip
ETag
W/"e4cc0eb09f3f01cc86ec06776c9d4cca"
Age
42800
Connection
keep-alive
Via
1.1 6d255aa30f772ee8cf75b91b803419aa.cloudfront.net (CloudFront), 1.1 PS-JJN-01tZH152:10 (W), 1.1 PS-CZX-0165159:7 (W), 1.1 PS-FOC-01rf4118:2 (W), 1.1 PSmgasbIAD1pb76:6 (W)
X-Amz-Cf-Id
SEc78fPni6dbJYfcCgihv2aGRKBKX9r1IEHEU5xb8UymG5ujIpM0oQ==
Date
Sat, 09 Nov 2024 10:46:01 GMT
Content-Type
text/css
Last-Modified
Tue, 19 Mar 2024 06:07:03 GMT
Server
PWS/8.3.1.0.8
X-Amz-Cf-Pop
LAX54-P2
x-amz-server-side-encryption
AES256
app.ef953bf8bc635632f8b9cd458809ab79.css
pcca.bspuer.com/static/css/ 		1 MB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcca.bspuer.com/static/css/app.ef953bf8bc635632f8b9cd458809ab79.css
Requested by
Host: 14.128.38.38
URL: https://14.128.38.38:1001/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2fd1fb71d451fad9ebb56b71a918f645a04c6edee151a8c62ea90ddb2d44d325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://14.128.38.38:1001/

Response headers

Transfer-Encoding
chunked
X-Px
ht PSmgasbIAD1pb76IAD
x-ws-request-id
672f3d69_PSmgasbIAD1pb76_33948-2725
Content-Encoding
gzip
ETag
W/"06638b7e1378a9856faff7673cb45787"
Age
85315
Connection
keep-alive
Via
1.1 40320435ee6c0ba79ad788a52054783c.cloudfront.net (CloudFront), 1.1 PS-PEK-01uCd33:3 (W), 1.1 PS-CZX-01bnS57:2 (W), 1.1 PS-FOC-01kD0116:6 (W), 1.1 PSmgasbIAD1pb76:12 (W)
X-Amz-Cf-Id
I3bVxzoWOk8kqnOlhKXqZ80sKfTzpcZFvhoU_MqtY2n2ogzheqm5YQ==
Date
Sat, 09 Nov 2024 10:46:01 GMT
Content-Type
text/css
Last-Modified
Fri, 25 Oct 2024 05:38:21 GMT
Server
PWS/8.3.1.0.8
X-Amz-Cf-Pop
NRT20-P6
x-amz-server-side-encryption
AES256
manifest.fb034d045310f6776778.1729674698120.js
pcca.bspuer.com/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcca.bspuer.com/static/js/manifest.fb034d045310f6776778.1729674698120.js
Requested by
Host: 14.128.38.38
URL: https://14.128.38.38:1001/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e2c0b7d822a6829d7a407e7b9c0357fead9431696f25a161cb1638bef3d59cd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://14.128.38.38:1001/

Response headers

Transfer-Encoding
chunked
X-Px
ht PSmgasbIAD1ak79IAD
x-ws-request-id
672f3d69_PSmgasbIAD1pb76_38031-61480
Content-Encoding
gzip
ETag
W/"29da2985feaed7ac35adb39ef1be0785"
Age
11971
Connection
keep-alive
Via
1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront), 1.1 PS-JJN-01Xbi199:4 (W), 1.1 PS-FOC-01kD0116:4 (W), 1.1 PSmgasbIAD1ak79:3 (W)
X-Amz-Cf-Id
DRIn_LWwaDb4QpsWq4ayV4cKf1MomVb9PzzV9uXRWKmm4tkFMa266w==
Date
Sat, 09 Nov 2024 10:46:01 GMT
Content-Type
application/javascript
Last-Modified
Fri, 25 Oct 2024 05:38:25 GMT
Server
PWS/8.3.1.0.8
X-Amz-Cf-Pop
FRA56-P6
x-amz-server-side-encryption
AES256
vendor.b88d27e2eebc251cf703.1729674698120.js
pcca.bspuer.com/static/js/ 		0
0
app.8f8aad2cf68b25162edb.1729674698120.js
pcca.bspuer.com/static/js/ 		2 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcca.bspuer.com/static/js/app.8f8aad2cf68b25162edb.1729674698120.js
Requested by
Host: 14.128.38.38
URL: https://14.128.38.38:1001/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.205 Monrovia, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c8746b9bea9f9b9a731ace96c7a6589ebaf511953046984ccb2b85b93b5d3356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://14.128.38.38:1001/

Response headers

Transfer-Encoding
chunked
X-Px
ht PSmgasbIAD1ak79IAD
x-ws-request-id
672f3d69_PSmgasbIAD1pb76_35715-30892
Content-Encoding
gzip
ETag
W/"81829ae2e053e113f48ffcf587486587"
Age
11970
Connection
keep-alive
Via
1.1 7e78a57e41e53126c098ff103516aa8e.cloudfront.net (CloudFront), 1.1 PS-PEK-01uCd33:11 (W), 1.1 PS-CZX-0165159:14 (W), 1.1 PS-FOC-01rf4118:8 (W), 1.1 PSmgasbIAD1ak79:16 (W)
X-Amz-Cf-Id
q84gpB8Jqvo_ajnsVSTEcy0Kq_kA6zVeObdRfpkkPmuB9dtZRqwxLA==
Date
Sat, 09 Nov 2024 10:46:01 GMT
Content-Type
application/javascript
Last-Modified
Fri, 25 Oct 2024 05:38:25 GMT
Server
PWS/8.3.1.0.8
X-Amz-Cf-Pop
NRT20-P6
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
194.147.99.245
URL
http://194.147.99.245:11719/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
Domain
156.227.1.84
URL
http://156.227.1.84:5119/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js
Domain
pcca.bspuer.com
URL
https://pcca.bspuer.com/static/js/vendor.b88d27e2eebc251cf703.1729674698120.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pcGowap_hash function| webpackJsonp

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://xppj.bid/
Message:
Mixed Content: The page at 'https://xppj.bid/' was loaded over HTTPS, but requested an insecure script 'http://194.147.99.245:11719/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://xppj.bid/
Message:
Mixed Content: The page at 'https://xppj.bid/' was loaded over HTTPS, but requested an insecure script 'http://156.227.1.84:5119/dT1odHRwczovL3hwcGouYmlkLyZwPS8=.js'. This request has been blocked; the content must be served over HTTPS.