testing.mybolster.com

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 162.241.225.204, located in and belongs to . The main domain is testing.mybolster.com.
TLS certificate: Issued by R3 on May 21st 2023. Valid for: 3 months.

This is the only time testing.mybolster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	157.7.44.168 157.7.44.168	7506 (INTERQ GM...) (INTERQ GMO Internet)
1 1	104.21.63.14 104.21.63.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	91.215.42.31 91.215.42.31	57724 (DDOS-GUARD) (DDOS-GUARD)
1	162.241.225.204 162.241.225.204	() ()
3	3

1 157.7.44.168 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: users004.vip.heteml.jp

xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.63.14 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jii.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.42.31 (Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)

gg.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.225.204 (None, )

ASN- ()

testing.mybolster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	mybolster.com testing.mybolster.com
1	gg.gg 1 redirects gg.gg — Cisco Umbrella Rank: 512947	813 B
1	jii.li 1 redirects jii.li	599 B
1	xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo	332 B
3	4

	Domain	Requested by
1	testing.mybolster.com	testing.mybolster.com
1	gg.gg	1 redirects
1	jii.li	1 redirects
1	xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo
3	4

This site contains no links.

Subject Issuer	Validity	Valid
xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
www.testing.mybolster.com R3	`2023-05-21` - `2023-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://testing.mybolster.com/.well-known/-/-/tax/
Frame ID: 0541F65F8B66DAFE495BFA6762A790F5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo/-/recovery.htm Page URL
https://jii.li/MqpWV HTTP 301
https://gg.gg/australian-taxrefund688 HTTP 301
https://testing.mybolster.com/.well-known/-/-/tax/ Page URL

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

0 kB
Transfer

47 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo/-/recovery.htm Page URL
https://jii.li/MqpWV HTTP 301
https://gg.gg/australian-taxrefund688 HTTP 301
https://testing.mybolster.com/.well-known/-/-/tax/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	recovery.htm Show response xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo/-/	183 B 332 B	172ms 26ms	Document text/html	157.7.44.168 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo/-/recovery.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.44.168 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users004.vip.heteml.jp Software Apache / Resource Hash `eebd05dbdd6b39a71dcbf25c7f94eaf6088dd603d42e43653b9ceab9b92a3182` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language jp-jp,jp;q=0.9 Response headers accept-ranges none content-encoding gzip content-length 163 content-type text/html date Tue, 27 Jun 2023 22:27:10 GMT last-modified Tue, 27 Jun 2023 18:05:34 GMT server Apache vary Range,Accept-Encoding
GET H2	200	Primary Request / testing.mybolster.com/.well-known/-/-/tax/ Redirect Chain https://jii.li/MqpWV https://gg.gg/australian-taxrefund688 https://testing.mybolster.com/.well-known/-/-/tax/	47 KB 0	1458ms 1018ms	Document text/html	162.241.225.204
General Check archive.org Show headers Download Go to Full URL https://testing.mybolster.com/.well-known/-/-/tax/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.225.204 -, , ASN (), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers Referer https://xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo/-/recovery.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language jp-jp,jp;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 27 Jun 2023 22:27:32 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6 vary Accept-Encoding x-server-cache false Redirect headers cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 content-encoding br content-type text/html; charset=UTF-8 date Tue, 27 Jun 2023 22:27:14 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Tue, 27 Jun 2023 22:27:14 GMT location https://testing.mybolster.com/.well-known/-/-/tax/ pragma no-cache server ddos-guard vary Accept-Encoding x-powered-by PHP/5.3.3
GET		m3d.css testing.mybolster.com/.well-known/-/-/tax/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: testing.mybolster.com
URL: https://testing.mybolster.com/.well-known/-/-/tax/m3d.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jii.li/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0v1q1oivg21lt332fe4rltlocn
jii.li/	1970-01-20 12:51:45	Name: short_73893 Value: 1
.gg.gg/	1970-01-20 21:37:20	Name: __ddg1_ Value: hmSwKrfiDkrypOAlCsYP
gg.gg/	1970-01-20 12:51:52	Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22b6d7e88342fb5e4b3c2c7aeb78b18fea%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%22186.2.160.6%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1687904834%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dc4bc81b5d25ee6d56138b2564888d9f6
.gg.gg/	1970-01-20 15:01:20	Name: gg_token Value: 0f07b4b20651de628507c1d1a92707e3649b624258a701.89740374

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gg.gg
jii.li
testing.mybolster.com
xn--labo-453cui7prc5fty007wna4725bca419xda.tokyo
testing.mybolster.com
104.21.63.14
157.7.44.168
162.241.225.204
91.215.42.31
eebd05dbdd6b39a71dcbf25c7f94eaf6088dd603d42e43653b9ceab9b92a3182

testing.mybolster.com Open in urlscan Pro 162.241.225.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

0 kBTransfer

47 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

5 Cookies

Indicators

testing.mybolster.com Open in urlscan Pro
162.241.225.204 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

0 kB
Transfer

47 kB
Size

5
Cookies

3 HTTP transactions
0 data transactions