urlscan.io logo urlscan.io
SecurityTrails logo

bad.catttripbolgxo.cf Open in urlscan Pro
2606:4700:3031::ac43:af8d  Public Scan

Go To Rescan Add Verdict Report
URL: http://bad.catttripbolgxo.cf/
Submission: On February 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3031::ac43:af8d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bad.catttripbolgxo.cf.
This is the only time bad.catttripbolgxo.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 27.254.63.92 9891 (CSLOX-IDC...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 114.119.173.151 136907 (HWCLOUDS-...)
5 5
1    2606:4700:3031::ac43:af8d (United States)

ASN13335 (CLOUDFLARENET, US)
bad.catttripbolgxo.cf
1    2607:f8b0:400d:c0d::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    27.254.63.92 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: chillpainai.com
www.chillpainai.com
1    2607:f8b0:400d:c00::77 (Morganton, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    114.119.173.151 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: cln-cluster001.thaidata.cloud
www.taksez.com
Apex Domain
Subdomains		 Transfer
2 taksez.com
www.taksez.com
194 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
161 KB
1 chillpainai.com
www.chillpainai.com — Cisco Umbrella Rank: 398524
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 catttripbolgxo.cf
bad.catttripbolgxo.cf
21 KB
5 5
Domain Requested by
2 www.taksez.com 1 redirects bad.catttripbolgxo.cf
1 i.ytimg.com bad.catttripbolgxo.cf
1 www.chillpainai.com bad.catttripbolgxo.cf
1 fonts.googleapis.com bad.catttripbolgxo.cf
1 bad.catttripbolgxo.cf
5 5

This site contains no links.

Subject Issuer Validity Valid
*.chillpainai.com
Go Daddy Secure Certificate Authority - G2		 2022-12-21 -
2024-01-22		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://bad.catttripbolgxo.cf/
Frame ID: 535487F084E53DE8F1A85CDCC3947A09
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

20 ที่เที่ยวนนทบุรี เที่ยว กิน ชิล ใกล้กรุง

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

5
Requests

40 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

377 kB
Transfer

547 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.taksez.com/images/photo_news/I0000187.jpg HTTP 301
  • https://www.taksez.com/images/photo_news/I0000187.jpg

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bad.catttripbolgxo.cf/ 		85 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bad.catttripbolgxo.cf/
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:af8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b64f41547c25d33359990a2a5c30bc6460165205ba7e8b433ac0a2bcfa1f054

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a017fc32ff419aa-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Feb 2023 14:09:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44CI9inm1DoB701bfFsumcLUnKQCB9tF0FGeb%2BQltL%2Bm33RgI6VdqUtEBS5hHGxeLW%2BDijR%2Bv2%2BYd7lnt5Lhfp2%2FLhq0NVt%2F%2BVqiVXyF71HZxrXr8VttzLySz%2BHfcxICNt252n%2BJXfwwFtmrGd14FSdTYWY%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Poppins%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&subset=latin%2Clatin-ext
Requested by
Host: bad.catttripbolgxo.cf
URL: http://bad.catttripbolgxo.cf/
Protocol
HTTP/1.1
Server
2607:f8b0:400d:c0d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07c975e952939c40265df65d8c0fade070412c453fde3fe97d4164ef213fbb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://bad.catttripbolgxo.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 14:09:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Mon, 27 Feb 2023 14:09:35 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Mon, 27 Feb 2023 14:09:35 GMT
IMG_4843.jpg
www.chillpainai.com/src/wewakeup/scoop/img_scoop/scoop/AMM/2017/July/Koh%20Kred/ 		94 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chillpainai.com/src/wewakeup/scoop/img_scoop/scoop/AMM/2017/July/Koh%20Kred/IMG_4843.jpg
Requested by
Host: bad.catttripbolgxo.cf
URL: http://bad.catttripbolgxo.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.63.92 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
chillpainai.com
Software
Apache/2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://bad.catttripbolgxo.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 14:09:40 GMT
Last-Modified
Wed, 05 Jul 2017 05:42:55 GMT
Server
Apache/2
ETag
"1e56c-5538b78c53b50"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
124268
Expires
Tue, 27 Feb 2024 14:09:40 GMT
maxresdefault.jpg
i.ytimg.com/vi/taa64eLHWPA/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/taa64eLHWPA/maxresdefault.jpg
Requested by
Host: bad.catttripbolgxo.cf
URL: http://bad.catttripbolgxo.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::77 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
460b95c101850afa18cf0a8fa90eb0a6bc5268db071a47ec7130d88f50d12b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://bad.catttripbolgxo.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:09:35 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164441
x-xss-protection
0
server
sffe
etag
"1606808431"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Feb 2023 16:09:35 GMT
I0000187.jpg
www.taksez.com/images/photo_news/
Redirect Chain
  • http://www.taksez.com/images/photo_news/I0000187.jpg
  • https://www.taksez.com/images/photo_news/I0000187.jpg
194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.taksez.com/images/photo_news/I0000187.jpg
Requested by
Host: bad.catttripbolgxo.cf
URL: http://bad.catttripbolgxo.cf/
Protocol
H2
Server
114.119.173.151 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
cln-cluster001.thaidata.cloud
Software
LiteSpeed / PleskLin
Resource Hash
9ea4b6366b69a254c2002e60908db49571e1f9629eb56a2627c05e340c9b5554

Request headers

accept-language
en-US,en;q=0.9
Referer
http://bad.catttripbolgxo.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 14:09:37 GMT
last-modified
Sun, 11 Jul 2021 03:21:38 GMT
server
LiteSpeed
etag
"30657-60ea63c2-960c95f475cb7ae4;;;"
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
198231
expires
Mon, 06 Mar 2023 14:09:37 GMT

Redirect headers

date
Mon, 27 Feb 2023 14:09:36 GMT
server
LiteSpeed
x-powered-by
PleskLin
content-type
text/html
location
https://www.taksez.com/images/photo_news/I0000187.jpg
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Domain/Path Name / Value
bad.catttripbolgxo.cf/ Name: ch1c
Value: b