urlscan.io logo urlscan.io
SecurityTrails logo

desdumoser.tk Open in urlscan Pro
104.21.12.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://desdumoser.tk/
Submission Tags: krdprod
Submission: On October 04 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.21.12.121, located in and belongs to CLOUDFLARENET, US. The main domain is desdumoser.tk.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.
This is the only time desdumoser.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.12.121 13335 (CLOUDFLAR...)
3 31.13.92.36 32934 (FACEBOOK)
5 91.220.207.108 51954 (SIMPALS-AS)
1 31.13.92.14 32934 (FACEBOOK)
15 5
Domain Requested by
5 marathon.md desdumoser.tk
3 www.facebook.com desdumoser.tk
connect.facebook.net
2 desdumoser.tk desdumoser.tk
1 connect.facebook.net desdumoser.tk
15 4

This site contains no links.

Subject Issuer Validity Valid
*.desdumoser.tk
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
marathon.md
R3		 2021-08-14 -
2021-11-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://desdumoser.tk/
Frame ID: BAF7D84514EF8605BF7606213FF49003
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df128ad63e9b19e4%26domain%3Ddesdumoser.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdesdumoser.tk%252Ff2acc4d1eed2b18%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchisinaumarathon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: EB34B8DBDE4E24E7534E72C5F3E5A165
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19c3a4c757d9f8%26domain%3Ddesdumoser.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdesdumoser.tk%252Ff2acc4d1eed2b18%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fdesdumoser.tk%2F&locale=en_US&page_id=&request_time=1633353491747&sdk=joey
Frame ID: FD32B3580D1F398F00968AC97E260A76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Despre maraton

Page Statistics

15
Requests

73 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

151 kB
Transfer

480 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
desdumoser.tk/ 		145 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desdumoser.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a54679721c64a05ae052eb2804789e6d697235039a696184e2d293aee9f13a

Request headers

:method
GET
:authority
desdumoser.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 04 Oct 2021 13:18:11 GMT
content-type
text/html
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Mon, 04 Oct 2021 13:18:10 GMT
pragma
no-cache
set-cookie
_subid=1aedqea2d63l;Expires=Thursday, 04-Nov-2021 13:18:11 GMT;Max-Age=2678400;Path=/ f137e=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwNjc4XCI6MTYzMzM1MzQ5MX0sXCJjYW1wYWlnbnNcIjp7XCI5NDMyXCI6MTYzMzM1MzQ5MX0sXCJ0aW1lXCI6MTYzMzM1MzQ5MX0ifQ.iewYmeYu3joDJZnWR8yf9ONZc4EQU3E3XCeCQSCWr_U;Expires=Sunday, 09-Jul-2073 02:36:22 GMT;Max-Age=1633439891;Path=/
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7scbUAvFn%2BwTthNwqp%2FyLrCnqExWvnXWLDeIfhhLG9v1nyNNqcTbL5RNTxSHZpfoR2gDzwJlZMaNwk1TFWwzeVxCKcWUiPbQqvWGm%2F%2Fs5WxiPpjKFwYr0LveBl8kTQ%2Br"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
698eb1d638ae4eeb-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tr
www.facebook.com/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=&ev=PageView&noscript=1
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 13:18:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 04 Oct 2021 13:18:11 GMT
marathon-logo-2021.png
marathon.md/public/new.marathon/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marathon.md/public/new.marathon/marathon-logo-2021.png
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.220.207.108 Chisinau, Moldova, ASN51954 (SIMPALS-AS, MD),
Reverse DNS
91-220-207-108.simpals.md
Software
nginx /
Resource Hash
d51c53cc5a04c3222c6bda904c14965d0b7d2b5d405a8ed5e1515a9f833caa87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Oct 2021 13:18:11 GMT
last-modified
Wed, 30 Sep 2020 12:36:32 GMT
server
nginx
etag
"5f747bd0-8e09"
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
36361
expires
Mon, 04 Oct 2021 14:18:11 GMT
fn18e3p5eHd2dXRzcnFwb25tbGtqaWhnZmVkY2JhYF9eXVxbWllYV1ZVVFNSUVBPTk1MS0pJSEdGRURDQkFAPz49PDs6OTg3NjU0MzIxMC8uLSwrKikoJyYlJCMiISAfHh0cGxoZGBcWFRQTEhEQDw4NDAsKCQgHBgUEAwIBAAAh+QQAAAAAACwAAAAAAgABAAACA...
marathon.md/"data:image/gif;base64,R0lGODlhAgABAIAAAFBWYTk+RyH/C1hNUCBEYXRhWE1QPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZ... 		9 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marathon.md/"data:image/gif;base64,R0lGODlhAgABAIAAAFBWYTk+RyH/C1hNUCBEYXRhWE1QPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iQWRvYmUgWE1QIENvcmUgNS4wLWMwNjAgNjEuMTM0Nzc3LCAyMDEwLzAyLzEyLTE3OjMyOjAwICAgICAgICAiPiA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPiA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ4bXAuZGlkOjAxODAxMTc0MDcyMDY4MTE4QTZERUE1RDM4MDBFODNCIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOkFBRUU2NUJFMERDRTExRTFBOEI0RDI5N0M4NTc5QzJGIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOkFBRUU2NUJEMERDRTExRTFBOEI0RDI5N0M4NTc5QzJGIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDUzUgTWFjaW50b3NoIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6Rjc3RjExNzQwNzIwNjgxMTkzNzVBMDZEN0I5OTREM0EiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6MDE4MDExNzQwNzIwNjgxMThBNkRFQTVEMzgwMEU4M0IiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz4B//79/Pv6+fj39vX08/Lx8O/u7ezr6uno5+bl5OPi4eDf3t3c29rZ2NfW1dTT0tHQz87NzMvKycjHxsXEw8LBwL++vby7urm4t7a1tLOysbCvrq2sq6qpqKempaSjoqGgn56dnJuamZiXlpWUk5KRkI+OjYyLiomIh4aFhIOCgYB/fn18e3p5eHd2dXRzcnFwb25tbGtqaWhnZmVkY2JhYF9eXVxbWllYV1ZVVFNSUVBPTk1MS0pJSEdGRURDQkFAPz49PDs6OTg3NjU0MzIxMC8uLSwrKikoJyYlJCMiISAfHh0cGxoZGBcWFRQTEhEQDw4NDAsKCQgHBgUEAwIBAAAh+QQAAAAAACwAAAAAAgABAAACAgwKADs="
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.220.207.108 Chisinau, Moldova, ASN51954 (SIMPALS-AS, MD),
Reverse DNS
91-220-207-108.simpals.md
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 13:18:11 GMT
server
nginx
content-length
9
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
d7d5d4588a9f50c99264bc12e4892a7c.ttf
marathon.md/ 		0
0
e6c912f36e0c9807de5d282b75322c6a.ttf
marathon.md/ 		0
0
simpals-logo.png
marathon.md/public/common/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marathon.md/public/common/images/simpals-logo.png
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.220.207.108 Chisinau, Moldova, ASN51954 (SIMPALS-AS, MD),
Reverse DNS
91-220-207-108.simpals.md
Software
nginx /
Resource Hash
4a00bb2e30c3194b60017836741976ba3a04ce7578379ad0e807e726108a410c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Oct 2021 13:18:11 GMT
last-modified
Thu, 03 Oct 2019 09:32:08 GMT
server
nginx
etag
"5d95c018-769"
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
1897
expires
Mon, 04 Oct 2021 14:18:11 GMT
sporter-logo.png
marathon.md/public/common/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marathon.md/public/common/images/sporter-logo.png
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.220.207.108 Chisinau, Moldova, ASN51954 (SIMPALS-AS, MD),
Reverse DNS
91-220-207-108.simpals.md
Software
nginx /
Resource Hash
b36176c4ce899136679b7cac8c29d009f0bade014d19b4396c0f8cf4680555c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Oct 2021 13:18:11 GMT
last-modified
Thu, 03 Oct 2019 09:32:08 GMT
server
nginx
etag
"5d95c018-7b5"
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
1973
expires
Mon, 04 Oct 2021 14:18:11 GMT
999-logo.png
marathon.md/public/common/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marathon.md/public/common/images/999-logo.png
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.220.207.108 Chisinau, Moldova, ASN51954 (SIMPALS-AS, MD),
Reverse DNS
91-220-207-108.simpals.md
Software
nginx /
Resource Hash
d247f6243ba58c4203a7ce254abc9b0241532f16c99beda09c3442159c8a1ff8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Oct 2021 13:18:11 GMT
last-modified
Thu, 03 Oct 2019 09:32:08 GMT
server
nginx
etag
"5d95c018-431"
content-type
image/png
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
1073
expires
Mon, 04 Oct 2021 14:18:11 GMT
email-decode.min.js
desdumoser.tk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desdumoser.tk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
_subid=1aedqea2d63l; f137e=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwNjc4XCI6MTYzMzM1MzQ5MX0sXCJjYW1wYWlnbnNcIjp7XCI5NDMyXCI6MTYzMzM1MzQ5MX0sXCJ0aW1lXCI6MTYzMzM1MzQ5MX0ifQ.iewYmeYu3joDJZnWR8yf9ONZc4EQU3E3XCeCQSCWr_U
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
desdumoser.tk
referer
https://desdumoser.tk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 13:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 11:33:04 GMT
server
cloudflare
etag
W/"61544ef0-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEo2Q57IH3kFTtau2Z6Di4D6abZP4V4SGPEAxvN63DQ0cwMj5I5Y4STL%2FmkDi3UW0VhV71P9M%2F7WP%2BUYN%2BWJIObj1cF2z2Zo5FFlEHIBOB8pspyKar7haF8aO6X%2FK3Ti"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
698eb1d95edd4eeb-FRA
vary
Accept-Encoding
expires
Wed, 06 Oct 2021 13:18:11 GMT
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: desdumoser.tk
URL: https://desdumoser.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
2c53d11bc0aa4b369cd900ccb47f6ccd7f27c712d9fe04c7b1c10ec702b41063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fVMIIktlvXWevmFl642+IQ==
cross-origin-resource-policy
cross-origin
expires
Mon, 04 Oct 2021 13:32:01 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
85282
x-fb-rlafr
0
x-fb-debug
DEs4sV8DzzPY1Wxl9M8zhmn9XxQcIPq6nZRHm7o0QCTpMfzanIgwB477/emDfGidKHAtSWcbXdm5TzMdjOODJw==
x-fb-trip-id
686109401
x-fb-content-md5
1c2fc7b4c2256fec0077f6979d68e27e
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 04 Oct 2021 13:18:11 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"aa99e5c720d78c9fe68a90dce15ac3b1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
f5331cb6372b6c0d8baf2dd7e200498c.ttf
marathon.md/ 		0
0
like.php
www.facebook.com/v12.0/plugins/ Frame EB34 		0
24 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v12.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df128ad63e9b19e4%26domain%3Ddesdumoser.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdesdumoser.tk%252Ff2acc4d1eed2b18%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchisinaumarathon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v12.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df128ad63e9b19e4%26domain%3Ddesdumoser.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdesdumoser.tk%252Ff2acc4d1eed2b18%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchisinaumarathon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://desdumoser.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
w/Q/L1JzW3iJtHx2BPU3tfvASyWinuoikXc2rzmqRhtc6zKKInwJcHuQRvMWwsvTdujeHlzqDWQmZMBuLMikvw==
content-length
0
date
Mon, 04 Oct 2021 13:18:11 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
/
www.facebook.com/plugins/customer_chat/facade_gating/ 		0
0
customerchat.php
www.facebook.com/v12.0/plugins/ Frame FD32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19c3a4c757d9f8%26domain%3Ddesdumoser.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdesdumoser.tk%252Ff2acc4d1eed2b18%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fdesdumoser.tk%2F&locale=en_US&page_id=&request_time=1633353491747&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v12.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df19c3a4c757d9f8%26domain%3Ddesdumoser.tk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdesdumoser.tk%252Ff2acc4d1eed2b18%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Fdesdumoser.tk%2F&locale=en_US&page_id=&request_time=1633353491747&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://desdumoser.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://desdumoser.tk/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
facebook-api-version
v12.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
xY/aXlIZHn9S3E0q/CQ0YaI0ufna9DjPUofUAjce8a7W8jgw24kPsPH+3HcLEQViBJ/GGyKs/zs/m3wB7jr30w==
date
Mon, 04 Oct 2021 13:18:11 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
marathon.md
URL
https://marathon.md/d7d5d4588a9f50c99264bc12e4892a7c.ttf
Domain
marathon.md
URL
https://marathon.md/e6c912f36e0c9807de5d282b75322c6a.ttf
Domain
marathon.md
URL
https://marathon.md/f5331cb6372b6c0d8baf2dd7e200498c.ttf
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/facade_gating/?page_id=&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| chatbox function| fbAsyncInit object| FB

2 Cookies

Domain/Path Name / Value
desdumoser.tk/ Name: _subid
Value: 1aedqea2d63l
desdumoser.tk/ Name: f137e
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwNjc4XCI6MTYzMzM1MzQ5MX0sXCJjYW1wYWlnbnNcIjp7XCI5NDMyXCI6MTYzMzM1MzQ5MX0sXCJ0aW1lXCI6MTYzMzM1MzQ5MX0ifQ.iewYmeYu3joDJZnWR8yf9ONZc4EQU3E3XCeCQSCWr_U

11 Console Messages

Source Level URL
Text
javascript error URL: https://desdumoser.tk/
Message:
Access to font at 'https://marathon.md/e6c912f36e0c9807de5d282b75322c6a.ttf' from origin 'https://desdumoser.tk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://marathon.md/e6c912f36e0c9807de5d282b75322c6a.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://desdumoser.tk/
Message:
Access to font at 'https://marathon.md/d7d5d4588a9f50c99264bc12e4892a7c.ttf' from origin 'https://desdumoser.tk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://marathon.md/d7d5d4588a9f50c99264bc12e4892a7c.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://desdumoser.tk/
Message:
Access to font at 'https://marathon.md/f5331cb6372b6c0d8baf2dd7e200498c.ttf' from origin 'https://desdumoser.tk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://marathon.md/f5331cb6372b6c0d8baf2dd7e200498c.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://marathon.md/"data:image/gif;base64,R0lGODlhAgABAIAAAFBWYTk+RyH/C1hNUCBEYXRhWE1QPD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iQWRvYmUgWE1QIENvcmUgNS4wLWMwNjAgNjEuMTM0Nzc3LCAyMDEwLzAyLzEyLTE3OjMyOjAwICAgICAgICAiPiA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPiA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ4bXAuZGlkOjAxODAxMTc0MDcyMDY4MTE4QTZERUE1RDM4MDBFODNCIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOkFBRUU2NUJFMERDRTExRTFBOEI0RDI5N0M4NTc5QzJGIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOkFBRUU2NUJEMERDRTExRTFBOEI0RDI5N0M4NTc5QzJGIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDUzUgTWFjaW50b3NoIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6Rjc3RjExNzQwNzIwNjgxMTkzNzVBMDZEN0I5OTREM0EiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6MDE4MDExNzQwNzIwNjgxMThBNkRFQTVEMzgwMEU4M0IiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz4B//79/Pv6+fj39vX08/Lx8O/u7ezr6uno5+bl5OPi4eDf3t3c29rZ2NfW1dTT0tHQz87NzMvKycjHxsXEw8LBwL++vby7urm4t7a1tLOysbCvrq2sq6qpqKempaSjoqGgn56dnJuamZiXlpWUk5KRkI+OjYyLiomIh4aFhIOCgYB/fn18e3p5eHd2dXRzcnFwb25tbGtqaWhnZmVkY2JhYF9eXVxbWllYV1ZVVFNSUVBPTk1MS0pJSEdGRURDQkFAPz49PDs6OTg3NjU0MzIxMC8uLSwrKikoJyYlJCMiISAfHh0cGxoZGBcWFRQTEhEQDw4NDAsKCQgHBgUEAwIBAAAh+QQAAAAAACwAAAAAAgABAAACAgwKADs="
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://desdumoser.tk/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/facade_gating/?page_id=&suppress_http_code=1' from origin 'https://desdumoser.tk' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/facade_gating/?page_id=&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.