www.aixlesbains.info Open in urlscan Pro
2606:4700:3033::ac43:d871 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aixlesbains.info/
Effective URL:
https://www.aixlesbains.info/
Submission: On February 27 via api (February 27th 2024, 9:54:53 pm UTC) from US — Scanned from US

Summary HTTP 7 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3033::ac43:d871, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.aixlesbains.info.
TLS certificate: Issued by E1 on February 26th 2024. Valid for: 3 months.

This is the only time www.aixlesbains.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3033::ac43:d871	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:432	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

2 2606:4700:3033::ac43:d871 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aixlesbains.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.aixlesbains.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:432 (United States)

ASN13335 (CLOUDFLARENET, US)

cfw.rabbitloader.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	rabbitloader.xyz cfw.rabbitloader.xyz — Cisco Umbrella Rank: 288019	125 KB
2	aixlesbains.info 1 redirects aixlesbains.info www.aixlesbains.info	46 KB
7	2

	Domain	Requested by
5	cfw.rabbitloader.xyz	www.aixlesbains.info
1	www.aixlesbains.info
1	aixlesbains.info	1 redirects
7	3

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.elegantthemes.com
www.wordpress.org

Subject Issuer	Validity	Valid
aixlesbains.info E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
rabbitloader.xyz E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.aixlesbains.info/
Frame ID: 1FA8A1EF123674670F6D7F6D537EA278
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aix les bains

Page URL History Show full URLs

https://aixlesbains.info/ HTTP 301
https://www.aixlesbains.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

7
Requests

86 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

170 kB
Transfer

429 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AixLesBainsInfo
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.elegantthemes.com/
Title: Elegant Themes

Search URL Search Domain Scan URL

URL: https://www.wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aixlesbains.info/ HTTP 301
https://www.aixlesbains.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.aixlesbains.info/ Redirect Chain https://aixlesbains.info/ https://www.aixlesbains.info/	298 KB 45 KB	857ms 715ms	Document text/html	2606:4700:3033::ac43:d871 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aixlesbains.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d871 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e48c6f007b281d35e6a55b3fb1fc410f22cf75afd02070df4bb6e1b217e487e7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85c3ab091abe7441-MIA content-encoding br content-type text/html; charset=UTF-8 date Tue, 27 Feb 2024 21:54:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSukbCw2viyGdDf8MD6XeVji8BS6l5CuZbsiCsXyYMOXr5TD5ZQ%2FuTwBtCGCPNc%2Flo7e141Qof69k954L8gXd0ehCOs7aFpwo4Ih%2B00bu4mNwXQnzCfJ8O86dXHrLwiHnggnPzwyTv9xdXdI76Bm16UnsA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-rl-cache hit x-rl-mode ac x-tuned-by N0C x-turbo-charged-by LiteSpeed Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85c3ab05ccda7441-MIA content-type text/html; charset=iso-8859-1 date Tue, 27 Feb 2024 21:54:45 GMT location https://www.aixlesbains.info/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti4Qp6Zmub6HJ2ckC5bwe1drC5S9XKUxiJhsclRLSQF8WNfhx2FXQVDdhVbfUGPj2EcCp6R4KLzmsv9vHyrsUGtUkIMj24EA9ifaqDrn9eBAkhofCkvjsS%2F1soRYgf%2BL6bpwRC7KGWmxBhNULu7N"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	404	rl.bs.critical.css cfw.rabbitloader.xyz/lgrhxlkq/v8.e5f1e5ec9b161dfead95c957ef888621.1.1.a28/	0 0	445ms 341ms	Stylesheet text/html	2606:4700:20::681a:432 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cfw.rabbitloader.xyz/lgrhxlkq/v8.e5f1e5ec9b161dfead95c957ef888621.1.1.a28/rl.bs.critical.css?v=rq9y9z Requested by Host: www.aixlesbains.info URL: https://www.aixlesbains.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:432 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://www.aixlesbains.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers
GET H2	200	rl_p1_2a_min.js Show response cfw.rabbitloader.xyz/	14 KB 7 KB	56ms 55ms	Script application/javascript	2606:4700:20::681a:432 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cfw.rabbitloader.xyz/rl_p1_2a_min.js?v=rvt1c0 Requested by Host: www.aixlesbains.info URL: https://www.aixlesbains.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:432 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12b92521b9b4d7503d6210dfd47b17901e0bf1446440e17acce2d7b490b1621b` Request headers accept-language en-US,en;q=0.9 Referer https://www.aixlesbains.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 21:54:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2095 etag W/"515b3a3731fcf56367d59fb8e67305c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4KcV1B%2F%2B16iZ31xV1%2BPQBztoqLLtJb1XHbIB3gw3EG5snYa2fSkBo8ia0Ix0ovNV1u84Za%2FzoRNI5MvIirDHxdKQT9VpV55l8zNS8I%2FuBLML0Z7%2FN3b2yOK0eqoKOt1IYikxanlAJbc790PjjJ4nF1i"}],"group":"cf-nel","max_age":604800} content-type application/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 85c3ab0e78838759-MIA timing-allow-origin * alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	536 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `922a5d643f1a8ff8a7f2fa33de4214faf11a68adfaf1acc7675780d1737b8a46` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	26 B 26 B		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	8f147c78-0b52-4df5-9681-90532248a0eb https://www.aixlesbains.info/	678 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.aixlesbains.info/8f147c78-0b52-4df5-9681-90532248a0eb Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `6917bfbc469ce8a6151e451704704b84acaa3c2fcb278b880578b57d62fe487e` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Length 678 Content-Type text/javascript
GET H2	200	create_thumb-e1577040215372.png cfw.rabbitloader.xyz/eyJjIjowLCJoIjoid3d3LmFpeGxlc2JhaW5zLmluZm8iLCJ2Ijo0NDUwMjkwNzl9/wp-content/uploads/2019/12/	6 KB 7 KB	537ms 534ms	Image image/webp	2606:4700:20::681a:432 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cfw.rabbitloader.xyz/eyJjIjowLCJoIjoid3d3LmFpeGxlc2JhaW5zLmluZm8iLCJ2Ijo0NDUwMjkwNzl9/wp-content/uploads/2019/12/create_thumb-e1577040215372.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:432 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34b5e9c4296bc5fdd716d2e416b5a7e5a942dda0e8e835803fc70da5fca92bc0` Request headers accept-language en-US,en;q=0.9 Referer https://www.aixlesbains.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 21:54:47 GMT cf-cache-status MISS last-modified Sun, 20 Aug 2023 15:35:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept,Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oidx8A0R%2Bfp0hqQ7r01LOA9Rl4zRVHR%2FHWB%2BmXUw4FRu8k4fK01ZJZe7TYNVThmzdCgW8d8blHLp%2BnqNV49q50HPg%2FmImVCZwilGtpmIm9ekCYxqPk%2FBjl9LFH994vwXmsy%2BZTDkM4ahIkGfUGEtW9s1"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200 x-webp-express Redirected directly to existing webp cf-ray 85c3ab10cc038759-MIA link <https://www.aixlesbains.info/wp-content/uploads/2019/12/create_thumb-e1577040215372.png>; rel='canonical' alt-svc h3=":443"; ma=86400 timing-allow-origin *
GET H2	200	france-4349352_960_720-e1579786739567.jpg cfw.rabbitloader.xyz/eyJjIjowLCJoIjoid3d3LmFpeGxlc2JhaW5zLmluZm8iLCJ2Ijo0NDUwMjkwNzl9/wp-content/uploads/2020/01/	52 KB 53 KB	740ms 738ms	Image image/webp	2606:4700:20::681a:432 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cfw.rabbitloader.xyz/eyJjIjowLCJoIjoid3d3LmFpeGxlc2JhaW5zLmluZm8iLCJ2Ijo0NDUwMjkwNzl9/wp-content/uploads/2020/01/france-4349352_960_720-e1579786739567.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:432 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e8ac419c266c0199f0a1da555cf322b48ad4c257c3b4b72b77952b85a1f2928e` Request headers accept-language en-US,en;q=0.9 Referer https://www.aixlesbains.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 21:54:47 GMT cf-cache-status MISS last-modified Sun, 20 Aug 2023 15:37:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept,Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bC6qp%2FrLrvrX4dhUyW83OJ6rnwSLu07lr%2BzjHDw0pcpbKmO8lT20Di%2BnmN6Oa7Kr24IkSJmeS3k77SgdAFBZ1O32KbLnPGlEUr0rMqohk2xJZdJUj63I2ES4YQ0qrLUcfTAoKVQ8En6w2JQJ9OQgC%2Fb%2B"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200 x-webp-express Redirected directly to existing webp cf-ray 85c3ab10cc068759-MIA link <https://www.aixlesbains.info/wp-content/uploads/2020/01/france-4349352_960_720-e1579786739567.jpg>; rel='canonical' alt-svc h3=":443"; ma=86400 timing-allow-origin *
GET H2	200	8a5db864-348e-471d-b768-5074310e4b03-1080x675.jpg cfw.rabbitloader.xyz/eyJjIjowLCJoIjoid3d3LmFpeGxlc2JhaW5zLmluZm8iLCJ2Ijo0NDUwMjkwNzl9/wp-content/uploads/2023/06/	58 KB 58 KB	754ms 752ms	Image image/webp	2606:4700:20::681a:432 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cfw.rabbitloader.xyz/eyJjIjowLCJoIjoid3d3LmFpeGxlc2JhaW5zLmluZm8iLCJ2Ijo0NDUwMjkwNzl9/wp-content/uploads/2023/06/8a5db864-348e-471d-b768-5074310e4b03-1080x675.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:432 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c13521b1f5ff9f244bb0c64b653c525d960b8a800b04897561fa488e4bf0fdde` Request headers accept-language en-US,en;q=0.9 Referer https://www.aixlesbains.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 21:54:47 GMT cf-cache-status MISS last-modified Sun, 20 Aug 2023 15:45:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept,Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDhbusRZPPc6lwXK20DPfvaL7FAWGadfqKR21GnxpiDdSDd%2Bzpsvtg18tgwGL%2FjQ76cPqO%2Bbraj339r3lvJYP%2BP%2B7stJdLxSBJXNC%2BqaMyEy76s3tBtbs3KdtzIUxq3ohkuKlMT52q2kGqW80av0qBJ5"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200 x-webp-express Redirected directly to existing webp cf-ray 85c3ab10cc098759-MIA link <https://www.aixlesbains.info/wp-content/uploads/2023/06/8a5db864-348e-471d-b768-5074310e4b03-1080x675.jpg>; rel='canonical' alt-svc h3=":443"; ma=86400 timing-allow-origin *

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| rlPageData object| lazySizesConfig_rl object| lazySizes boolean| RlInitCalled

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.aixlesbains.info/	1969-12-31 23:59:59	Name: rlCached Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cfw.rabbitloader.xyz/lgrhxlkq/v8.e5f1e5ec9b161dfead95c957ef888621.1.1.a28/rl.bs.critical.css?v=rq9y9z Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aixlesbains.info
cfw.rabbitloader.xyz
www.aixlesbains.info
2606:4700:20::681a:432
2606:4700:3033::ac43:d871
12b92521b9b4d7503d6210dfd47b17901e0bf1446440e17acce2d7b490b1621b
34b5e9c4296bc5fdd716d2e416b5a7e5a942dda0e8e835803fc70da5fca92bc0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
6917bfbc469ce8a6151e451704704b84acaa3c2fcb278b880578b57d62fe487e
922a5d643f1a8ff8a7f2fa33de4214faf11a68adfaf1acc7675780d1737b8a46
c13521b1f5ff9f244bb0c64b653c525d960b8a800b04897561fa488e4bf0fdde
e48c6f007b281d35e6a55b3fb1fc410f22cf75afd02070df4bb6e1b217e487e7
e8ac419c266c0199f0a1da555cf322b48ad4c257c3b4b72b77952b85a1f2928e

www.aixlesbains.info Open in urlscan Pro 2606:4700:3033::ac43:d871 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

170 kBTransfer

429 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.aixlesbains.info Open in urlscan Pro
2606:4700:3033::ac43:d871 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

170 kB
Transfer

429 kB
Size

1
Cookies

7 HTTP transactions
2 data transactions