baleson.live - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 2 HTTP transactions. The main IP is 104.254.128.219, located in Los Angeles, United States and belongs to HVC-AS, US. The main domain is baleson.live.

This is the only time baleson.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	104.254.128.219 104.254.128.219	29802 (HVC-AS) (HVC-AS)
1 1	69.197.143.251 69.197.143.251	32097 (WII) (WII)
1 1	159.65.98.5 159.65.98.5	() ()
1	167.99.100.230 167.99.100.230	() ()
2	2

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.128.219 (Los Angeles, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: ns26.plumsphere.net

baleson.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.197.143.251 (United States) 1 redirects

ASN32097 (WII, US)

www.antongsand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.98.5 (None, ) 1 redirects

ASN- ()

track.walk-inbathtubshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.99.100.230 (None, )

ASN- ()

walk-inbathtubshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	walk-inbathtubshop.com 1 redirects track.walk-inbathtubshop.com walk-inbathtubshop.com	859 B
2	baleson.live 1 redirects baleson.live	903 B
1	antongsand.com 1 redirects www.antongsand.com	355 B
1	bit.ly 1 redirects bit.ly	251 B
2	4

	Domain	Requested by
2	baleson.live	1 redirects
1	walk-inbathtubshop.com	baleson.live
1	track.walk-inbathtubshop.com	1 redirects
1	www.antongsand.com	1 redirects
1	bit.ly	1 redirects
2	5

This site contains no links.

Subject Issuer	Validity	Valid
24hourbathroomremodel.com R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh

This page contains 1 frames:

Frame: https://walk-inbathtubshop.com/?aid2=5356&cid2=52788693&utm_campaign=5356&oid2=992&s1=822468
Frame ID: BDE559DFB4AEE4D489845EA2D66F9B6B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3nAnsGp HTTP 301
http://baleson.live/shorten/ Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

2
IPs

1
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3nAnsGp HTTP 301
http://baleson.live/shorten/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://baleson.live/r/c/6232/1704/8337/e63b782cd120894bb048d93a5f876e9e HTTP 302
https://www.antongsand.com/vjMcsZmGJP5-a_NvmuO3DO_2CcIuAfRpa6supdbPRVxj03OqlP3NdZCO8CKjVhkKAX5Z37TohQ-oo91qOdkJhg~~/1704_8337/6232/10 HTTP 302
https://track.walk-inbathtubshop.com/?a=5356&c=2734&s1=822468&s2=659971381 HTTP 302
https://walk-inbathtubshop.com/?aid2=5356&cid2=52788693&utm_campaign=5356&oid2=992&s1=822468

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / baleson.live/shorten/ Redirect Chain https://bit.ly/3nAnsGp http://baleson.live/shorten/	235 B 496 B	332ms 158ms	Document text/html	104.254.128.219 HVC-AS
General Check archive.org Show headers Download Go to Full URL http://baleson.live/shorten/ Protocol HTTP/1.1 Server 104.254.128.219 Los Angeles, United States, ASN29802 (HVC-AS, US), Reverse DNS ns26.plumsphere.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16 Resource Hash Request headers Host baleson.live Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 26 Sep 2021 09:52:05 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 Content-Length 235 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers server nginx date Sun, 26 Sep 2021 09:52:05 GMT content-type text/html; charset=utf-8 content-length 115 cache-control private, max-age=90 content-security-policy referrer always; location http://baleson.live/shorten/ referrer-policy unsafe-url set-cookie _bit=l8q9Q5-7f661faab588a4908d-00f; Domain=bit.ly; Expires=Fri, 25 Mar 2022 09:52:05 GMT via 1.1 google alt-svc clear
GET H/1.1	200 OK	/ walk-inbathtubshop.com/ Redirect Chain http://baleson.live/r/c/6232/1704/8337/e63b782cd120894bb048d93a5f876e9e https://www.antongsand.com/vjMcsZmGJP5-a_NvmuO3DO_2CcIuAfRpa6supdbPRVxj03OqlP3NdZCO8CKjVhkKAX5Z37TohQ-oo91qOdkJhg~~/1704_8337/6232/10 https://track.walk-inbathtubshop.com/?a=5356&c=2734&s1=822468&s2=659971381 https://walk-inbathtubshop.com/?aid2=5356&cid2=52788693&utm_campaign=5356&oid2=992&s1=822468	0 0	607ms 165ms	Document text/html	167.99.100.230
General Check archive.org Show headers Download Go to Full URL https://walk-inbathtubshop.com/?aid2=5356&cid2=52788693&utm_campaign=5356&oid2=992&s1=822468 Requested by Host: baleson.live URL: http://baleson.live/shorten/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.99.100.230 -, , ASN (), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash Request headers Host walk-inbathtubshop.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://baleson.live/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://baleson.live/shorten/#r/c/6232/1704/8337/e63b782cd120894bb048d93a5f876e9e Response headers Server nginx/1.10.3 (Ubuntu) Date Sun, 26 Sep 2021 09:52:11 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip Redirect headers Date Sun, 26 Sep 2021 09:52:10 GMT Content-Type text/html; charset=utf-8 Content-Length 224 Cache-Control private Location https://walk-inbathtubshop.com?aid2=5356&cid2=52788693&utm_campaign=5356&oid2=992&s1=822468 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie sq=L93lFokZ2vmdZiQwArhMzU2X2hFBz1+Y8lrpN0ia9oJNEMj9td9wNw==; domain=.track.walk-inbathtubshop.com; path=/; SameSite=None; secure; HttpOnly ti=InYOlAM5BredZiQwArhMzU2X2hFBz1+Y8lrpN0ia9oJNEMj9td9wNw==; domain=.track.walk-inbathtubshop.com; expires=Sat, 26-Sep-2026 02:52:09 GMT; path=/; SameSite=None; secure; HttpOnly c992=L93lFokZ2vmWAl9z671rarY2f3mGnsRriPk0KL/2fqP1+XXx+e2QIA==; domain=.track.walk-inbathtubshop.com; expires=Tue, 26-Oct-2021 09:52:09 GMT; path=/; SameSite=None; secure; HttpOnly

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 01:50:01	Name: _bit Value: l8q9Q5-7f661faab588a4908d-00f
			.antongsand.com/	1969-12-31 23:59:59	Name: uid10970 Value: 659971381-20210926055208-b8809ddaf2f2a7291c2eb3f9b98d94bf-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baleson.live
bit.ly
track.walk-inbathtubshop.com
walk-inbathtubshop.com
www.antongsand.com
104.254.128.219
159.65.98.5
167.99.100.230
67.199.248.10
69.197.143.251

baleson.live Open in urlscan Pro 104.254.128.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

2 IPs

1 Countries

0 kBTransfer

0 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

baleson.live Open in urlscan Pro
104.254.128.219 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

2
IPs

1
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

2 HTTP transactions
0 data transactions