589999.cdn.xgoxrftsakpdpuxf.app

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 172.247.185.18, located in United States and belongs to CNSERVERS, US. The main domain is 589999.cdn.xgoxrftsakpdpuxf.app.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.

This is the only time 589999.cdn.xgoxrftsakpdpuxf.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.94.60.40 13.94.60.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:bdf::65 2620:1ec:bdf::65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.247.185.18 172.247.185.18	40065 (CNSERVERS) (CNSERVERS)
4	3

1 13.94.60.40 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

3a3p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::65 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cgqbbu1mvnevcxzh.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.247.185.18 (United States)

ASN40065 (CNSERVERS, US)

589999.cdn.xgoxrftsakpdpuxf.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	xgoxrftsakpdpuxf.app 589999.cdn.xgoxrftsakpdpuxf.app	1 KB
1	cgqbbu1mvnevcxzh.app cgqbbu1mvnevcxzh.app	1 KB
1	3a3p.com 3a3p.com	338 B
4	3

	Domain	Requested by
2	589999.cdn.xgoxrftsakpdpuxf.app	cgqbbu1mvnevcxzh.app
1	cgqbbu1mvnevcxzh.app	3a3p.com
1	3a3p.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
cgqbbu1mvnevcxzh.app GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-04-12` - `2024-10-12`	6 months	crt.sh
589999.cdn.xgoxrftsakpdpuxf.app R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://589999.cdn.xgoxrftsakpdpuxf.app:35661/search.asp
Frame ID: 0BD53D7F745EC9CCCF50F1891E8D8CB8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page URL History Show full URLs

http://3a3p.com/search.asp HTTP 307
https://3a3p.com/search.asp HTTP 307
http://3a3p.com/search.asp Page URL
https://cgqbbu1mvnevcxzh.app/?p=/search.asp Page URL
https://589999.cdn.xgoxrftsakpdpuxf.app:35661/search.asp Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

4
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3 kB
Transfer

2 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://3a3p.com/search.asp HTTP 307
https://3a3p.com/search.asp HTTP 307
http://3a3p.com/search.asp Page URL
https://cgqbbu1mvnevcxzh.app/?p=/search.asp Page URL
https://589999.cdn.xgoxrftsakpdpuxf.app:35661/search.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://3a3p.com/search.asp HTTP 307
https://3a3p.com/search.asp HTTP 307
http://3a3p.com/search.asp

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	search.asp 3a3p.com/ Redirect Chain http://3a3p.com/search.asp https://3a3p.com/search.asp http://3a3p.com/search.asp	218 B 338 B	402ms 192ms	Document text/html	13.94.60.40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://3a3p.com/search.asp Protocol HTTP/1.1 Server 13.94.60.40 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Cache-Control max-age=60 Connection close Content-Length 218 Content-Type text/html; charset=utf-8 Redirect headers Location http://3a3p.com/search.asp Non-Authoritative-Reason HttpsUpgrades
GET H2	200	/ cgqbbu1mvnevcxzh.app/	937 B 1 KB	746ms 422ms	Document text/html	2620:1ec:bdf::65 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cgqbbu1mvnevcxzh.app/?p=/search.asp Requested by Host: 3a3p.com URL: http://3a3p.com/search.asp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://3a3p.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-length 937 content-type text/html; charset=utf-8 date Fri, 19 Apr 2024 01:37:54 GMT is-cache true vary Origin via 1.1 6c38ff4c7648bbb26bea641498fdefb0.cloudfront.net (CloudFront) x-amz-cf-id DKB9amo_X1_YBNt06aVCBj34XSC3Oqe3pLUnp1VSWwfZGOgY8Klw9w== x-amz-cf-pop VIE50-P1 x-azure-ref 20240419T013753Z-17b6b6476d5qfn2fb3zcaxphs400000001vg00000000163n x-cache CONFIG_NOCACHE
GET H2	404	Primary Request search.asp Show response 589999.cdn.xgoxrftsakpdpuxf.app/	548 B 612 B	888ms 436ms	Document text/html	172.247.185.18 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://589999.cdn.xgoxrftsakpdpuxf.app:35661/search.asp Requested by Host: cgqbbu1mvnevcxzh.app URL: https://cgqbbu1mvnevcxzh.app/?p=/search.asp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.247.185.18 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://cgqbbu1mvnevcxzh.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-length 548 content-type text/html date Fri, 19 Apr 2024 01:37:54 GMT server nginx
GET H2	404	favicon.ico 589999.cdn.xgoxrftsakpdpuxf.app/	548 B 611 B	211ms 211ms	Other text/html	172.247.185.18 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://589999.cdn.xgoxrftsakpdpuxf.app:35661/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.247.185.18 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://589999.cdn.xgoxrftsakpdpuxf.app:35661/search.asp Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 01:37:55 GMT server nginx content-length 548 content-type text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://589999.cdn.xgoxrftsakpdpuxf.app:35661/search.asp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://589999.cdn.xgoxrftsakpdpuxf.app:35661/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a3p.com
589999.cdn.xgoxrftsakpdpuxf.app
cgqbbu1mvnevcxzh.app
13.94.60.40
172.247.185.18
2620:1ec:bdf::65
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

589999.cdn.xgoxrftsakpdpuxf.app Open in urlscan Pro 172.247.185.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

3 kBTransfer

2 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

589999.cdn.xgoxrftsakpdpuxf.app Open in urlscan Pro
172.247.185.18 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3 kB
Transfer

2 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions