salyq.rekassa.dev Open in urlscan Pro
194.110.55.151  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response salyq.rekassa.dev/	5 KB 2 KB	566ms 142ms	Document text/html	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 6d2e464e852609caf3ce5e5ebe4014056f525f64cd9ad8378be3b3b0ab26c4a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-type text/html; charset=utf-8 date Wed, 21 Aug 2024 06:12:32 GMT etag W/"1446-fxrPDYdiaj9kdhkaRuEYePgAN/8" server nginx/1.23.2 vary Accept-Encoding x-powered-by Express x-server-name DEV
GET H2	200	css2 fonts.googleapis.com/	1 KB 536 B	248ms 28ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Golos+Text:wght@400..700&display=swap Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 25cfe0ae15a82a741999556d2849d9152ff9efa9780ed995123130699b78f45e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 21 Aug 2024 06:12:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 21 Aug 2024 06:12:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 21 Aug 2024 06:12:32 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	248ms 29ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100|Material+Icons Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 282a603cb29c3904da0e24e4025601fd87116cdea85ccb279d2730c3ef1b5cd7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 21 Aug 2024 06:12:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 21 Aug 2024 06:12:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 21 Aug 2024 06:12:32 GMT
GET H2	200	qrcode.min.js Show response salyq.rekassa.dev/js/	19 KB 8 KB	375ms 358ms	Script application/javascript	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/js/qrcode.min.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:32 GMT content-encoding gzip last-modified Wed, 13 Sep 2023 05:46:15 GMT server nginx/1.23.2 x-powered-by Express etag W/"4dd7-18a8d136d38" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0
GET H2	200	vendor.js Show response salyq.rekassa.dev/	7 MB 1 MB	372ms 363ms	Script application/javascript	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/vendor.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 2d1a83ba416de9bc45d67b0a464ee1515f1a568da242015a08eb4490b0b6b5f9 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:32 GMT content-encoding gzip server nginx/1.23.2 x-server-name DEV x-powered-by Express etag W/"6c6e4c-6a1wVHBAvl73td4yO7TNUK+qJbI" vary Accept-Encoding content-type application/javascript; charset=utf-8 accept-ranges bytes
GET H2	200	app.js Show response salyq.rekassa.dev/	2 MB 268 KB	215ms 206ms	Script application/javascript	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/app.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 28333c0a0cd77bd5f625fa8a1cc842b995544552cc7dcb27256a6acb065dc89a Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:32 GMT content-encoding gzip server nginx/1.23.2 x-server-name DEV x-powered-by Express etag W/"1adb14-LfABS2hasDDVAVMZ+JK2y7NVvCk" vary Accept-Encoding content-type application/javascript; charset=utf-8 accept-ranges bytes
GET H2	200	datadog-logs.js Show response www.datadoghq-browser-agent.com/us1/v4/	51 KB 18 KB	293ms 21ms	Script application/javascript	13.33.219.205 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.datadoghq-browser-agent.com/us1/v4/datadog-logs.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.219.205 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-219-205.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 11f5637cd1e69c5416520a3f0cb75816b0207728752deb02f7f164fc8e584499 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:11:50 GMT content-encoding br via 1.1 ebf31a208b1563522327c20ddd946a5c.cloudfront.net (CloudFront) last-modified Mon, 09 Oct 2023 09:24:56 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 43 x-amz-server-side-encryption AES256 etag W/"44c5d2c58c3f065730a026e0868767da" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=14400, s-maxage=60 timing-allow-origin * x-amz-cf-id Kw59FGC66m_pM7lrPtZFSIqGmfBfsuyqpkgbqDTbgPktm1yoleF9ng==
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/10.10.0/	99 KB 23 KB	350ms 44ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.10.0/firebase-app.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 82696f47d01f2695a90ef1e1f764970d6bb924da67c96865e693768f152a22ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://salyq.rekassa.dev/ Origin https://salyq.rekassa.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 13:57:15 GMT content-encoding gzip x-content-type-options nosniff age 58519 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22490 x-xss-protection 0 last-modified Thu, 28 Mar 2024 20:44:39 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 20 Aug 2025 13:57:15 GMT
GET H2	200	firebase-auth.js Show response www.gstatic.com/firebasejs/10.10.0/	147 KB 39 KB	386ms 81ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/10.10.0/firebase-auth.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91a1a8403ab1027ff8972e9d185a3da7b7b8b7c66285261cd32aacaf711539b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://salyq.rekassa.dev/ Origin https://salyq.rekassa.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:01:49 GMT content-encoding gzip x-content-type-options nosniff age 58245 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40023 x-xss-protection 0 last-modified Thu, 28 Mar 2024 20:45:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 20 Aug 2025 14:01:49 GMT
GET H2	200	MabryPro-Regular.338b22e5.woff salyq.rekassa.dev/brand/fonts/	80 KB 81 KB	148ms 146ms	Font font/woff	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/brand/fonts/MabryPro-Regular.338b22e5.woff Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 339ddf04e2b5f5bfd94f6ddc39f8886b86888539fcd7bfa720fa50be374d0fc8 Request headers Referer https://salyq.rekassa.dev/ Origin https://salyq.rekassa.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:35 GMT last-modified Fri, 24 May 2024 03:11:42 GMT server nginx/1.23.2 x-powered-by Express etag W/"1418c-18fa89538c7" content-type font/woff cache-control public, max-age=0 accept-ranges bytes content-length 82316
GET H2	200	chunk-common.js Show response salyq.rekassa.dev/	276 KB 46 KB	151ms 151ms	Script application/javascript	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/chunk-common.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 047e8a566a1d392c068294b96f1873b72c11ce70cc077da77ae2f35c6e065ee1 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:35 GMT content-encoding gzip server nginx/1.23.2 x-server-name DEV x-powered-by Express etag W/"450ad-bkxLGtPQYsEZIuZcRU6wGNIPAmc" vary Accept-Encoding content-type application/javascript; charset=utf-8 accept-ranges bytes
GET H2	200	src_apps_salyq_Form910_vue.js Show response salyq.rekassa.dev/	476 KB 71 KB	154ms 153ms	Script application/javascript	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/src_apps_salyq_Form910_vue.js Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 2df08179a11628f3ce5b3ebf56e595a0aa2c6d1ea144f0bca635bc1d2ac60963 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:35 GMT content-encoding gzip server nginx/1.23.2 x-server-name DEV x-powered-by Express etag W/"76e31-VKZyXQ3UtfC1zjr1vv63VQpUfxk" vary Accept-Encoding content-type application/javascript; charset=utf-8 accept-ranges bytes
GET H2	200	reshaper.svg ofd.rekassa.dev/brand/img/	1 KB 1 KB	142ms 138ms	Image image/svg+xml	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Show image Full URL https://ofd.rekassa.dev/brand/img/reshaper.svg Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 8bcc3b98d73252cf560f25366d08957783ebbac1e8ec9d0aade4834dc6925d9a Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:35 GMT last-modified Fri, 24 May 2024 09:52:33 GMT server nginx/1.23.2 x-powered-by Express etag W/"4bd-18faa0434b8" content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes content-length 1213
GET H2	200	reshapel.svg ofd.rekassa.dev/brand/img/	1 KB 1 KB	136ms 135ms	Image image/svg+xml	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Show image Full URL https://ofd.rekassa.dev/brand/img/reshapel.svg Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash adee490e3055d01780923a448ddaa385b435d2d6437e86a4b3b00154fcffa041 Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:35 GMT last-modified Fri, 24 May 2024 09:52:15 GMT server nginx/1.23.2 x-powered-by Express etag W/"4c0-18faa03efd4" content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes content-length 1216
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v142/	125 KB 126 KB	362ms 30ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100|Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://salyq.rekassa.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:28:03 GMT x-content-type-options nosniff age 56673 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Mon, 08 Apr 2024 19:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 14:28:03 GMT
GET H2	200	MabryPro-Bold.1f2f41ad.woff salyq.rekassa.dev/brand/fonts/	80 KB 81 KB	140ms 137ms	Font font/woff	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/brand/fonts/MabryPro-Bold.1f2f41ad.woff Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 2287e1aaf9c5c5660fa5f5e26095358f4dee7170cee04b633266008684535ebe Request headers Referer https://salyq.rekassa.dev/ Origin https://salyq.rekassa.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:36 GMT last-modified Fri, 24 May 2024 03:11:42 GMT server nginx/1.23.2 x-powered-by Express etag W/"14104-18fa89538c7" content-type font/woff cache-control public, max-age=0 accept-ranges bytes content-length 82180
GET H2	200	MabryPro-Medium.16d0d49b.woff salyq.rekassa.dev/brand/fonts/	78 KB 78 KB	141ms 140ms	Font font/woff	194.110.55.151 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://salyq.rekassa.dev/brand/fonts/MabryPro-Medium.16d0d49b.woff Requested by Host: salyq.rekassa.dev URL: https://salyq.rekassa.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.110.55.151 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx/1.23.2 / Express Resource Hash 4889947c175b5bcb26eef4fa7d8d1a23604b4934ee14ddcf436b2df9b4c3eda9 Request headers Referer https://salyq.rekassa.dev/ Origin https://salyq.rekassa.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:36 GMT last-modified Fri, 24 May 2024 03:11:42 GMT server nginx/1.23.2 x-powered-by Express etag W/"137e8-18fa89538ab" content-type font/woff cache-control public, max-age=0 accept-ranges bytes content-length 79848
GET H2	200	task Show response app-test.rekassa.kz/bpm/engine-rest/	4 KB 1 KB	165ms 160ms	XHR application/json	149.154.188.62 FFIN
General Check archive.org Show headers Download Go to Full URL https://app-test.rekassa.kz/bpm/engine-rest/task?processDefinitionKey=TAX-FORM-910&assignee=demo Requested by Host: www.datadoghq-browser-agent.com URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-logs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.154.188.62 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx/1.17.8 / Resource Hash 09b574cca4aa982ef614cb82732141a954c23e6f287aee847cd0f5401bcda5ca Request headers Accept application/json, text/plain, */* Referer https://salyq.rekassa.dev/ Authorization Basic ZGVtbzpkZW1v User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:36 GMT content-encoding gzip server nginx/1.17.8 vary Accept-Encoding, Accept access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://salyq.rekassa.dev access-control-expose-headers Content-Length,Content-Range cache-control no-cache access-control-allow-credentials true access-control-allow-headers Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, cash-register-password, timezone, x-request-id, x-user-uid
OPTIONS H2	204	task app-test.rekassa.kz/bpm/engine-rest/	0 0	536ms 135ms	Preflight text/plain	149.154.188.62 FFIN
General Check archive.org Show headers Download Go to Full URL https://app-test.rekassa.kz/bpm/engine-rest/task?processDefinitionKey=TAX-FORM-910&assignee=demo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.154.188.62 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx/1.17.8 / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://salyq.rekassa.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, cash-register-password, timezone, x-request-id, x-user-uid access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin https://salyq.rekassa.dev access-control-max-age 1728000 content-length 0 content-type text/plain; charset=utf-8 date Wed, 21 Aug 2024 06:12:36 GMT server nginx/1.17.8
GET H2	200	form-variables Show response app-test.rekassa.kz/bpm/engine-rest/process-definition/key/TAX-FORM-910/	2 B 406 B	154ms 153ms	XHR application/json	149.154.188.62 FFIN
General Check archive.org Show headers Download Go to Full URL https://app-test.rekassa.kz/bpm/engine-rest/process-definition/key/TAX-FORM-910/form-variables?deserializeValues=false Requested by Host: www.datadoghq-browser-agent.com URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-logs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.154.188.62 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx/1.17.8 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept application/json, text/plain, */* Referer https://salyq.rekassa.dev/ Authorization Basic ZGVtbzpkZW1v User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:37 GMT server nginx/1.17.8 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://salyq.rekassa.dev access-control-expose-headers Content-Length,Content-Range cache-control no-cache access-control-allow-credentials true access-control-allow-headers Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, cash-register-password, timezone, x-request-id, x-user-uid content-length 2
OPTIONS H2	204	form-variables app-test.rekassa.kz/bpm/engine-rest/process-definition/key/TAX-FORM-910/	0 0	130ms 130ms	Preflight text/plain	149.154.188.62 FFIN
General Check archive.org Show headers Download Go to Full URL https://app-test.rekassa.kz/bpm/engine-rest/process-definition/key/TAX-FORM-910/form-variables?deserializeValues=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.154.188.62 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx/1.17.8 / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://salyq.rekassa.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, cash-register-password, timezone, x-request-id, x-user-uid access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin https://salyq.rekassa.dev access-control-max-age 1728000 content-length 0 content-type text/plain; charset=utf-8 date Wed, 21 Aug 2024 06:12:37 GMT server nginx/1.17.8
GET H2	200	favicon.ico app.rekassa.kz/	15 KB 4 KB	470ms 132ms	Other image/x-icon	149.154.188.94 FFIN
General Check archive.org Show headers Download Go to Full URL https://app.rekassa.kz/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.154.188.94 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx/1.17.8 / Resource Hash a2fa34b88630c793658383db4275bb2c87d9fc07ed936ec2d6c94f96188886b6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://moyuchet.kz; X-Frame-Options ALLOW-FROM https://moyuchet.kz; Request headers Referer https://salyq.rekassa.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 06:12:37 GMT content-security-policy frame-ancestors 'self' https://moyuchet.kz; content-encoding gzip last-modified Wed, 14 Aug 2024 19:55:52 GMT server nginx/1.17.8 etag W/"66bd0bc8-3aee" vary Accept-Encoding x-frame-options ALLOW-FROM https://moyuchet.kz; content-type image/x-icon access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, cash-register-password, timezone, x-request-id, x-user-uid

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| emeg_close object| DD_LOGS function| QRCode object| webpackChunkofd function| webpackHotUpdateofd object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters boolean| __INTLIFY__ boolean| __VUE__ object| RE function| onPostMessage object| __VUE_DEVTOOLS_PLUGINS__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			salyq.rekassa.dev/	1970-01-20 22:57:01	Name: _dd_s Value: logs=1&id=fdb86b5e-ae1b-40e6-b78d-fd9942392402&created=1724220752953&expire=1724221652953

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-test.rekassa.kz
app.rekassa.kz
fonts.googleapis.com
fonts.gstatic.com
ofd.rekassa.dev
salyq.rekassa.dev
www.datadoghq-browser-agent.com
www.gstatic.com
13.33.219.205
149.154.188.62
149.154.188.94
194.110.55.151
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
047e8a566a1d392c068294b96f1873b72c11ce70cc077da77ae2f35c6e065ee1
09b574cca4aa982ef614cb82732141a954c23e6f287aee847cd0f5401bcda5ca
11f5637cd1e69c5416520a3f0cb75816b0207728752deb02f7f164fc8e584499
2287e1aaf9c5c5660fa5f5e26095358f4dee7170cee04b633266008684535ebe
25cfe0ae15a82a741999556d2849d9152ff9efa9780ed995123130699b78f45e
282a603cb29c3904da0e24e4025601fd87116cdea85ccb279d2730c3ef1b5cd7
28333c0a0cd77bd5f625fa8a1cc842b995544552cc7dcb27256a6acb065dc89a
2d1a83ba416de9bc45d67b0a464ee1515f1a568da242015a08eb4490b0b6b5f9
2df08179a11628f3ce5b3ebf56e595a0aa2c6d1ea144f0bca635bc1d2ac60963
339ddf04e2b5f5bfd94f6ddc39f8886b86888539fcd7bfa720fa50be374d0fc8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4889947c175b5bcb26eef4fa7d8d1a23604b4934ee14ddcf436b2df9b4c3eda9
6d2e464e852609caf3ce5e5ebe4014056f525f64cd9ad8378be3b3b0ab26c4a5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82696f47d01f2695a90ef1e1f764970d6bb924da67c96865e693768f152a22ef
8bcc3b98d73252cf560f25366d08957783ebbac1e8ec9d0aade4834dc6925d9a
91a1a8403ab1027ff8972e9d185a3da7b7b8b7c66285261cd32aacaf711539b1
a2fa34b88630c793658383db4275bb2c87d9fc07ed936ec2d6c94f96188886b6
adee490e3055d01780923a448ddaa385b435d2d6437e86a4b3b00154fcffa041
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36