bateman.work Open in urlscan Pro
162.0.217.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bateman.work/
Effective URL:
https://bateman.work/
Submission: On November 26 via api (November 26th 2023, 7:40:36 pm UTC) from US — Scanned from NL

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 162.0.217.174, located in Amsterdam, Netherlands and belongs to NAMECHEAP-NET, US. The main domain is bateman.work.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 25th 2023. Valid for: a year.

This is the only time bateman.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	162.0.217.174 162.0.217.174	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
5	34.120.194.28 34.120.194.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	7

3 162.0.217.174 (Amsterdam, Netherlands) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server324-3.web-hosting.com

bateman.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.194.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.194.120.34.bc.googleusercontent.com

cummy.bio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
michi.bio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	michi.bio michi.bio	9 MB
3	bateman.work 1 redirects bateman.work	5 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 903	9 KB
2	cummy.bio cummy.bio	74 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	7 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	35 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	15 KB
11	7

	Domain	Requested by
3	michi.bio	bateman.work
3	bateman.work	1 redirects bateman.work
2	unpkg.com	1 redirects bateman.work
2	cummy.bio	bateman.work
1	cdn.jsdelivr.net	bateman.work
1	i.imgur.com	bateman.work
1	cdnjs.cloudflare.com	bateman.work
11	7

This site contains links to these domains. Also see Links.

Domain
discord.gg
t.me

Subject Issuer	Validity	Valid
bateman.work Sectigo RSA Domain Validation Secure Server CA	`2023-11-25` - `2024-11-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
cummy.bio GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh
michi.bio GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bateman.work/
Frame ID: 900ADD495437D7A2C176BE3A9BEA702B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

@batem

Page URL History Show full URLs

http://bateman.work/ HTTP 301
https://bateman.work/ Page URL

Detected technologies

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">
/particles(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

9574 kB
Transfer

9836 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/boostifyofficial

Search URL Search Domain Scan URL

URL: https://t.me/batemanhere

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bateman.work/ HTTP 301
https://bateman.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/magic-snowflakes/dist/snowflakes.min.js HTTP 302
https://unpkg.com/magic-snowflakes@6.2.0/dist/snowflakes.min.js

11 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bateman.work/
Redirect Chain

http://bateman.work/
https://bateman.work/

19 KB
5 KB

102ms
30ms

Document
text/html

162.0.217.174
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bateman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.217.174 Amsterdam, Netherlands, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server324-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f508675870c0e89048127b74c743b5bb4264c5dc2276c5faf0592fe7db91c952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 5194
content-type: text/html
date: Sun, 26 Nov 2023 19:40:31 GMT
last-modified: Sun, 26 Nov 2023 15:44:13 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 707
content-type: text/html
date: Sun, 26 Nov 2023 19:40:31 GMT
keep-alive: timeout=5, max=100
location: https://bateman.work/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 82 KB
15 KB 92ms
36ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: bateman.work
URL: https://bateman.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2297383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14850
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-3a02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUMmaoe5ktOH5YhIRnSbayRbAsAZqd%2BxL5OwG8ayxz3%2F8wvAnrCS0Us5FFMch%2F3Cp%2BiumxKwNEnjK2Ar1X7I1X%2F0%2FUqHJyDL04JbTwviLZ1oEOyms4YGKVqCK6sL32OO%2FiiZr35oekHv%2BAe9nFSpYbLW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82c49a87af601c1d-AMS
expires: Fri, 15 Nov 2024 19:40:31 GMT

GET
H2 200 x9KeEzV.jpeg
i.imgur.com/ 35 KB
35 KB 116ms
36ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/x9KeEzV.jpeg

Requested by

Host: bateman.work
URL: https://bateman.work/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

98bc1801c628c742f8819b3e5c7c8d0a390a4180f376297d1bb2d30a2eefe2c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 19:40:31 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 260650
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 35730
x-served-by: cache-iad-kcgs7200115-IAD, cache-fra-eddf8230026-FRA
last-modified: Thu, 23 Nov 2023 19:16:22 GMT
server: cat factory 1.0
x-timer: S1701027631.331286,VS0,VE3
etag: "96cc1e1694cd737ed2b3195f2bcb90ea"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0Bmv5zXkYeJh-5xEZuF4uIdJoJL_fwdeNOAKEv0bTMcUk_he35NOJQ==
x-cache-hits: 1, 1

GET
H/1.1 200
OK owner.png
cummy.bio/assets/images/badges/ 34 KB
34 KB 488ms
281ms Image
image/png 34.120.194.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cummy.bio/assets/images/badges/owner.png
Requested by: Host: bateman.work
URL: https://bateman.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.194.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a87c8f65f7be24a78d427538f7a4a430e82d39807a26f094424084d9b1f09a7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Nov 2023 19:40:31 GMT
Replit-Cluster: hacker
Content-Length: 34891
Expect-Ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type: image/png

GET
H/1.1 200
OK nitro1.png
cummy.bio/assets/images/badges/ 40 KB
40 KB 414ms
233ms Image
image/png 34.120.194.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cummy.bio/assets/images/badges/nitro1.png
Requested by: Host: bateman.work
URL: https://bateman.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.194.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 0a33bff759c15419e932baad345cdda9b7e99b62dd42e547128b9e4678b108a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Nov 2023 19:40:31 GMT
Replit-Cluster: hacker
Content-Length: 40724
Expect-Ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type: image/png

GET
H2 404 enter.js
bateman.work/static/assets/js/ 0
0 30ms
29ms Script
text/html 162.0.217.174
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bateman.work/static/assets/js/enter.js
Requested by: Host: bateman.work
URL: https://bateman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.217.174 Amsterdam, Netherlands, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server324-3.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 19:40:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 particles.min.js Show response
cdn.jsdelivr.net/particles.js/2.0.0/ 23 KB
7 KB 93ms
38ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js

Requested by

Host: bateman.work
URL: https://bateman.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 19:40:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2210637
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA, cache-ams21033-AMS
server: cloudflare
etag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKtXCxFQffzE71%2BQG3oH7YCkJTD0pwJUfn7hcJgE8AtZBpyOWAv12n%2BGBgU8A7E5%2BerGzYDuLiozDkkf8p6WLkUijZ1t%2F6iD%2BjtTShRZlxjPMOZGFzfda643Zh8sLscFKFs3Y3A0f5a%2FqNfvhmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82c49a87b9ed656d-AMS

GET
H2

200

snowflakes.min.js Show response
unpkg.com/magic-snowflakes@6.2.0/dist/
Redirect Chain

https://unpkg.com/magic-snowflakes/dist/snowflakes.min.js
https://unpkg.com/magic-snowflakes@6.2.0/dist/snowflakes.min.js

26 KB
9 KB

38ms
38ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/magic-snowflakes@6.2.0/dist/snowflakes.min.js

Requested by

Host: bateman.work
URL: https://bateman.work/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5521f44edf5b63429ca9c4d907693e94093d3edd7670a9b825e3f7bc6782d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 19:40:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 164646
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HG1NB0XAJ3GHSNM0YFPHZR39-ams
server: cloudflare
etag: W/"66ce-MFIEgwCOB+GwEz7kBqpZhFI78DM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82c49a8819676634-AMS

Redirect headers

date: Sun, 26 Nov 2023 19:40:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HG6J13VWTBYBWGZZKHYSXWGS-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 345
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /magic-snowflakes@6.2.0/dist/snowflakes.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 82c49a87c8de6634-AMS

GET
H/1.1 200
OK bateman.mp3
michi.bio/assets/audio/ 135 KB
0 506ms
265ms Media
audio/mpeg 34.120.194.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://michi.bio/assets/audio/bateman.mp3
Requested by: Host: bateman.work
URL: https://bateman.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.194.120.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://bateman.work/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Access-Control-Allow-Origin: *
Content-Range: bytes 0-2897516/2897517
Date: Sun, 26 Nov 2023 19:40:31 GMT
Replit-Cluster: hacker
Content-Length: 2897517
Expect-Ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type

GET
H/1.1 200
OK 3.gif
michi.bio/assets/images/bg/ 9 MB
9 MB 635ms
401ms Image
image/gif 34.120.194.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://michi.bio/assets/images/bg/3.gif
Requested by: Host: bateman.work
URL: https://bateman.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.194.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e20655424c95af41b2041460d8d00170d9d105823973c41a1f71824fede919d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bateman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Nov 2023 19:40:31 GMT
Replit-Cluster: hacker
Content-Length: 9455744
Expect-Ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type: image/gif

GET
H/1.1 200
OK ok.ttf
michi.bio/assets/font/ok123/ 193 KB
194 KB 407ms
245ms Font
application/octet-stream 34.120.194.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://michi.bio/assets/font/ok123/ok.ttf
Requested by: Host: bateman.work
URL: https://bateman.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.194.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 98b1486810c2eccfaa17d4610a83c12794c0798ef5e9eb41aea038794292a187

Request headers

Referer: https://bateman.work/
Origin: https://bateman.work
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 26 Nov 2023 19:40:31 GMT
Replit-Cluster: hacker
Content-Length: 198120
Expect-Ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
Content-Type

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d000fc66fa06007ab95177740f88ac51bb8b3e7c694e2fea2dcc6d3d848360d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ed4c41ca613adbd49d37cbc726bae28cbee794d3605959accd8e0f77a978537

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 152147eca90930efd23a5592e29b320282488409c4911f83888f197692394270

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fb6d519c38002e1ca05cd28beae5218c8eaf9cd6f2647e36ec0dd7d344521e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b50a39997fd61828283637b75e8989689c6e79c6b95964906b3715201ed08785

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 765750ae2d811a2de5e19f63b0e4e581d957fb75f957793d0835c0c8432ba37f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bateman.work/static/assets/js/enter.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bateman.work
cdn.jsdelivr.net
cdnjs.cloudflare.com
cummy.bio
i.imgur.com
michi.bio
unpkg.com
146.75.116.193
162.0.217.174
2606:4700::6810:5914
2606:4700::6810:7baf
2606:4700::6811:180e
34.120.194.28
0a33bff759c15419e932baad345cdda9b7e99b62dd42e547128b9e4678b108a7
0fb6d519c38002e1ca05cd28beae5218c8eaf9cd6f2647e36ec0dd7d344521e3
152147eca90930efd23a5592e29b320282488409c4911f83888f197692394270
6ed4c41ca613adbd49d37cbc726bae28cbee794d3605959accd8e0f77a978537
765750ae2d811a2de5e19f63b0e4e581d957fb75f957793d0835c0c8432ba37f
98b1486810c2eccfaa17d4610a83c12794c0798ef5e9eb41aea038794292a187
98bc1801c628c742f8819b3e5c7c8d0a390a4180f376297d1bb2d30a2eefe2c5
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a87c8f65f7be24a78d427538f7a4a430e82d39807a26f094424084d9b1f09a7b
b50a39997fd61828283637b75e8989689c6e79c6b95964906b3715201ed08785
c5521f44edf5b63429ca9c4d907693e94093d3edd7670a9b825e3f7bc6782d35
d000fc66fa06007ab95177740f88ac51bb8b3e7c694e2fea2dcc6d3d848360d4
e20655424c95af41b2041460d8d00170d9d105823973c41a1f71824fede919d8
f508675870c0e89048127b74c743b5bb4264c5dc2276c5faf0592fe7db91c952
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

bateman.work Open in urlscan Pro 162.0.217.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

9574 kBTransfer

9836 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

bateman.work Open in urlscan Pro
162.0.217.174 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

9574 kB
Transfer

9836 kB
Size

0
Cookies

11 HTTP transactions
6 data transactions