urlscan.io logo urlscan.io
SecurityTrails logo

27.tegronews.com Open in urlscan Pro
45.133.44.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2.dating-roo2.site/
Effective URL: https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=192...
Submission: On August 08 via api from TW — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 12 HTTP transactions. The main IP is 45.133.44.20, located in Philadelphia, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 27.tegronews.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 5th 2022. Valid for: a year.
This is the only time 27.tegronews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.162.10.217 59729 (ITL-BG)
2 139.45.197.251 9002 (RETN-AS)
1 1 95.216.226.187 24940 (HETZNER-AS)
1 45.133.44.20 39572 (ADVANCEDH...)
2 45.133.44.21 7018 (ATT-INTER...)
12 5
1    185.162.10.217 (Sofia, Bulgaria)

ASN59729 (ITL-BG, UA)
PTR: vps10770.hosted-by.eurohoster.online
2.dating-roo2.site
2    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
redrotou.net
1    95.216.226.187 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.226.216.95.clients.your-server.de
tracker-tds.info
1    45.133.44.20 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
27.tegronews.com
2    45.133.44.21 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
123.selornews.com
Apex Domain
Subdomains		 Transfer
2 selornews.com
123.selornews.com — Cisco Umbrella Rank: 331185
15 KB
2 redrotou.net
redrotou.net — Cisco Umbrella Rank: 117515
37 KB
1 tegronews.com
27.tegronews.com
7 KB
1 tracker-tds.info
tracker-tds.info — Cisco Umbrella Rank: 797643
691 B
1 dating-roo2.site
2.dating-roo2.site
13 KB
12 5
Domain Requested by
2 123.selornews.com 27.tegronews.com
2 redrotou.net 2.dating-roo2.site
redrotou.net
1 27.tegronews.com 2.dating-roo2.site
1 tracker-tds.info 1 redirects
1 2.dating-roo2.site
12 5

This site contains no links.

Subject Issuer Validity Valid
redrotou.net
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh
*.tegronews.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-04-05		 a year crt.sh
*.selornews.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-14 -
2023-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki
Frame ID: 5333DD730A3F075802E361D4CDD16F3F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://2.dating-roo2.site/ Page URL
  2. https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1 HTTP 302
    https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&r... Page URL

Page Statistics

12
Requests

42 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

71 kB
Transfer

164 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2.dating-roo2.site/ Page URL
  2. https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1 HTTP 302
    https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
2.dating-roo2.site/ 		36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://2.dating-roo2.site/
Protocol
HTTP/1.1
Server
185.162.10.217 Sofia, Bulgaria, ASN59729 (ITL-BG, UA),
Reverse DNS
vps10770.hosted-by.eurohoster.online
Software
nginx /
Resource Hash
120dd5682c86066244b086c85f72f12acf27fd49b9b7fcb073581325b8d98f4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 08 Aug 2022 02:50:17 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
micro.tag.min.js
redrotou.net/pfe/current/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redrotou.net/pfe/current/micro.tag.min.js?z=5150464&sw=/sw-check-permissions-2e6d6.js&ymid=null&var=null
Requested by
Host: 2.dating-roo2.site
URL: http://2.dating-roo2.site/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fb1c34f43a5134b2278211896fd56f63f9d4637a4859540fd72ad994c549928e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2.dating-roo2.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 02:50:17 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 11:03:46 GMT
server
nginx
etag
W/"62d93292-19e8b"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		97 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d00641ee14b2eddb6a47a61021bd2b664ab13bd761fee4b2e8bca7f132fdd2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2.dating-roo2.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6d7a3c4abc9aeaa895a16fc1aa55b0acc107a183e815fac4d9415631e8349e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2.dating-roo2.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/jpeg
zone
redrotou.net/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://redrotou.net/zone?&pub=0&zone_id=5150464&is_mobile=false&domain=2.dating-roo2.site&var=null&ymid=null&var_3=&dsig=&action=prerequest
Requested by
Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=5150464&sw=/sw-check-permissions-2e6d6.js&ymid=null&var=null
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2.dating-roo2.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-trace-id
9d7a253f5127f91f0a9cded6df7fbab1
date
Mon, 08 Aug 2022 02:50:17 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-origin
http://2.dating-roo2.site
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
Primary Request index.html
27.tegronews.com/dannig/common-player/
Redirect Chain
  • https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1
  • https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki
Requested by
Host: 2.dating-roo2.site
URL: http://2.dating-roo2.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
887508b4625112e0edeba18ef3da53e5bf28922ea059e100b0c22a8f328e194a

Request headers

Referer
http://2.dating-roo2.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
6604
content-type
text/html; charset=utf-8
date
Mon, 08 Aug 2022 02:50:17 GMT
etag
a2a3308172a9036912891a909172e625
expires
Wed, 10 Aug 2022 02:50:17 GMT
last-modified
Wed, 22 Dec 2021 16:47:12 GMT
server
nginx/1.16.1
vary
Accept-Encoding
x-openstack-request-id
tx9ebe72d2cebe4739a3248-0061c43777
x-proxy-cache
HIT
x-timestamp
1640191631.97886
x-trans-id
tx9ebe72d2cebe4739a3248-0061c43777

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Aug 2022 02:50:17 GMT
Location
https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki
Server
nginx/1.20.2
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
script.js
123.selornews.com/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/script.js?slug=common-player-arrow
Requested by
Host: 27.tegronews.com
URL: https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
808c9a6b91e4ee90a02147d0103af8148ed2dac8932ef766274b5c2b43cbe34c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27.tegronews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 02:50:17 GMT
x-openstack-request-id
tx4895d4d89d9c49979dfc5-0062ac9591
x-trans-id
tx4895d4d89d9c49979dfc5-0062ac9591
accept-ranges
bytes
expires
Wed, 10 Aug 2022 02:50:17 GMT
last-modified
Fri, 17 Jun 2022 14:53:17 GMT
server
nginx/1.16.1
etag
87ed65e4f6ca32b7320cfd6ef7134079
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1655477596.31301
cache-control
max-age=172800
access-control-allow-credentials
true
content-length
6400
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 27.tegronews.com
URL: https://27.tegronews.com/dannig/common-player/index.html?var={source_subid}&ymid=0ec50pmghe2lpblf9f&rc=0&mrc=1&zoneid=1923279&tburl=https://tracker-tds.info/index.php?key=ctxhj1ubkccojtcec5ki
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27.tegronews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 02:50:17 GMT
x-openstack-request-id
txefc825b0ed8b472cb9d85-0061c43774
x-trans-id
txefc825b0ed8b472cb9d85-0061c43774
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Wed, 10 Aug 2022 02:50:17 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.16.1
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

2 Cookies

Domain/Path Name / Value
tracker-tds.info/ Name: uclick
Value: pmghe2lpbl
tracker-tds.info/ Name: uclickhash
Value: pmghe2lpbl-pmghe2lpbl-wj-0-wj-4kuq-dz-0a0890