urlscan.io logo urlscan.io
SecurityTrails logo

opt.samograd.ru Open in urlscan Pro
2a03:6f00:1::5c35:6086  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reurl.cc/1X4njQ
Effective URL: https://opt.samograd.ru/sefrioui/12/infospage.php
Submission: On November 24 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2a03:6f00:1::5c35:6086, located in Russian Federation and belongs to TimeWeb-AS TimeWeb Ltd., RU. The main domain is opt.samograd.ru.
TLS certificate: Issued by R11 on November 5th 2024. Valid for: 3 months.
This is the only time opt.samograd.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 396982 (GOOGLE-CL...)
4 34.149.98.30 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
2 34.102.218.41 396982 (GOOGLE-CL...)
1 34.107.150.21 396982 (GOOGLE-CL...)
2 157.240.253.35 32934 (FACEBOOK)
2 34.96.83.10 396982 (GOOGLE-CL...)
1 172.67.187.200 13335 (CLOUDFLAR...)
2 2a03:6f00:1::... 9123 (TimeWeb-A...)
19 11
1    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
4    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com
ecs.tagtoo.co
1    34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com
uec.tagtoo.co
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
2    34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com
event.tagtoo.co
1    172.67.187.200 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dashifyexpress.com
2    2a03:6f00:1::5c35:6086 (Russian Federation)

ASN9123 (TimeWeb-AS TimeWeb Ltd., RU)
opt.samograd.ru
Apex Domain
Subdomains		 Transfer
5 tagtoo.co
ecs.tagtoo.co — Cisco Umbrella Rank: 118565
uec.tagtoo.co — Cisco Umbrella Rank: 128914
event.tagtoo.co — Cisco Umbrella Rank: 116262
26 KB
5 reurl.cc
reurl.cc — Cisco Umbrella Rank: 241764
storage.reurl.cc — Cisco Umbrella Rank: 356618
3 KB
2 samograd.ru
opt.samograd.ru
11 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
1 dashifyexpress.com
www.dashifyexpress.com
841 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
0 tagtoo.com.tw Failed
ttd-cm.tagtoo.com.tw Failed
19 8
Domain Requested by
4 storage.reurl.cc reurl.cc
2 opt.samograd.ru www.dashifyexpress.com
2 event.tagtoo.co uec.tagtoo.co
2 www.facebook.com reurl.cc
2 ecs.tagtoo.co storage.reurl.cc
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
1 www.dashifyexpress.com storage.reurl.cc
1 uec.tagtoo.co storage.reurl.cc
1 www.google-analytics.com storage.reurl.cc
1 reurl.cc
0 ttd-cm.tagtoo.com.tw Failed uec.tagtoo.co
19 11

This site contains no links.

Subject Issuer Validity Valid
reurl.cc
R11		 2024-11-14 -
2025-02-12		 3 months crt.sh
storage.reurl.cc
WR3		 2024-11-19 -
2025-02-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-02 -
2024-12-01		 3 months crt.sh
ecs.tagtoo.co
WR3		 2024-09-26 -
2024-12-25		 3 months crt.sh
uec.tagtoo.co
WR3		 2024-10-30 -
2025-01-28		 3 months crt.sh
*.tagtoo.co
Go Daddy Secure Certificate Authority - G2		 2024-04-29 -
2025-05-31		 a year crt.sh
dashifyexpress.com
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
opt.samograd.ru
R11		 2024-11-05 -
2025-02-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://opt.samograd.ru/sefrioui/12/infospage.php
Frame ID: DCEF09D63B0C5B70D246DC9082F84B26
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://reurl.cc/1X4njQ Page URL
  2. https://www.dashifyexpress.com/admin/view/stylesheet/amendes/redred.html Page URL
  3. https://opt.samograd.ru/sefrioui/12/infospage.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

19
Requests

95 %
HTTPS

20 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

141 kB
Transfer

483 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/1X4njQ Page URL
  2. https://www.dashifyexpress.com/admin/view/stylesheet/amendes/redred.html Page URL
  3. https://opt.samograd.ru/sefrioui/12/infospage.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1X4njQ
reurl.cc/ 		762 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/1X4njQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ff040729f0fd57a3fea458beff8da82712dd353c55aaa2b70ed7f74e029cf658

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Nov 2024 16:49:48 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://www.dashifyexpress.com/admin/view/stylesheet/amendes/redred.html
vary
Accept-Encoding Origin
x-request-id
cab64a61-2d38-46ce-a2f7-81f8af54f931
ga2.js
storage.reurl.cc/javascripts/ 		536 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/1X4njQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-request-id
71d4518c-1209-4924-83d5-9a5012c9c170
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
20530
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
date
Sun, 24 Nov 2024 11:07:39 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
pixel.js
storage.reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/1X4njQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-request-id
88f76a1c-b267-4157-b04c-1f5d0601bf50
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
26498
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
date
Sun, 24 Nov 2024 09:28:11 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
tagtoo.js
storage.reurl.cc/javascripts/ 		615 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Requested by
Host: reurl.cc
URL: https://reurl.cc/1X4njQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a1c2d36d3bc7059c195714b9b3c4fa4361cf97d7b015a06d6cf572798df786b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-request-id
3eab7438-0989-4b59-bc53-8085f51f0237
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
8120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 14:34:29 GMT
last-modified
Tue, 19 Dec 2023 13:17:58 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
297
redirect.js
storage.reurl.cc/javascripts/ 		112 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/redirect.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/1X4njQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-request-id
25759c73-7f54-4616-acdf-5f18096c36bc
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
22361
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
date
Sun, 24 Nov 2024 10:37:08 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

content-encoding
gzip
age
504
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 18:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 16:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ESV1clPA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 24 Nov 2024 16:49:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ESV1clPA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
VZ1SDm/lkfp866xGmGCQx3l7fVMjWltnXSHlIXzLuqUGwogRWeB7LixG+cyDfBKLSAoNJSZL+AbnTl8OekBd3A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
unitrack.js
ecs.tagtoo.co/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/unitrack.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-goog-metageneration
4
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
etag
"ccd513edbe3eb66c17d73c94d6462526"
age
7153
x-goog-stored-content-encoding
gzip
expires
Sun, 24 Nov 2024 20:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
8725
date
Sun, 24 Nov 2024 14:50:36 GMT
last-modified
Wed, 17 May 2023 07:38:52 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6Tq4pE1GMrmXLwanfzxTMJ1Ag2kYC98dvWeRbwaU_8LNs2Q02XPKLiotWJvydA00Xnk2Zk7TdcAw
cache-control
public,max-age=21600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1684309132134575
content-length
8725
server
UploadServer
fp.min.js
ecs.tagtoo.co/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/fp.min.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
etag
"5d9159073c44e4858b07d4445a1adceb"
age
9740
x-goog-stored-content-encoding
gzip
expires
Sun, 24 Nov 2024 20:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
12950
date
Sun, 24 Nov 2024 14:07:29 GMT
last-modified
Thu, 16 Sep 2021 09:25:47 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4mu2IffYIDr1IsMGu4OEGowPZddRG28X5C5H2cnvzjH3vnfi0Z0n9lAUt_RFC3MNOh7dCsX4mNJQ
cache-control
public, max-age=21600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1631784347603860
content-length
12950
server
UploadServer
tuec.js
uec.tagtoo.co/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uec.tagtoo.co/tuec.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.150.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
etag
"2fa133db50cd81d87b8ffb8729a6ab35"
age
3586
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3770
date
Sun, 24 Nov 2024 15:50:03 GMT
last-modified
Tue, 12 Dec 2023 09:08:46 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6DgKskCOkEZzIlXaT4LRUFKo05o5M2wVBjpNO2hxtzZHC8ovs3XcAW96-JeB1iVDna-BM
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1702372126688115
content-length
3770
server
UploadServer
1675200226052423
connect.facebook.net/signals/config/ 		84 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.176&r=stable&domain=reurl.cc&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
431faaa9f43c06f6e77149f089b7ab3a71d6b167ae8e49f74764763d5f4b238e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-EjHQIyYq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/1X4njQ

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 24 Nov 2024 16:49:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-EjHQIyYq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=76, mss=1232, tbw=70306, tp=65, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
pgYx3z/ABy69G24qqRjLN6oyoG/j2ubm8BEjuWJrN0Z2/KD5WEuhwKcMB+bfcq6lYZKXtgWNFuEaVj5q/xmBVg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
17851
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1732466989394&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1732466989392.85129108336897362&cs_est=true&pm=1&hrl=a69bee&ler=empty&cdl=API_unavailable&it=1732466989336&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/1X4njQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4599, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 24 Nov 2024 16:49:49 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1732466989394&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.1.1732466989392.85129108336897362&cs_est=true&pm=1&hrl=a69bee&ler=empty&cdl=API_unavailable&it=1732466989336&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: reurl.cc
URL: https://reurl.cc/1X4njQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://reurl.cc/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440889059918322575"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 24 Nov 2024 16:49:49 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
iW+QIUl+AZh4PvimSDMknBA/bDy1PaS2iuVp3rm/gJkzyWA/aTx/MWTRVfSMFQjnPa/RlLl+/EUqQWLDrviazg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440889059918322575", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4967, tp=15, tpl=0, uplat=122, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
permanent
event.tagtoo.co/ 		48 B
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=8f757d730a1c2604d4b1d41461d2ed24
Requested by
Host: uec.tagtoo.co
URL: https://uec.tagtoo.co/tuec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-TOKEN
4947f23b246ec00bfe183b09cb702d9e3593dddb6fcd42c2718236a4919a
Referer
https://reurl.cc/1X4njQ

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
date
Sun, 24 Nov 2024 16:49:32 GMT
content-type
application/json
server
uvicorn
permanent
event.tagtoo.co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=8f757d730a1c2604d4b1d41461d2ed24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-token
Access-Control-Request-Method
GET
Origin
https://reurl.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 24 Nov 2024 16:49:48 GMT
server
uvicorn
via
1.1 google
redred.html
www.dashifyexpress.com/admin/view/stylesheet/amendes/ 		208 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dashifyexpress.com/admin/view/stylesheet/amendes/redred.html
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/redirect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reurl.cc/1X4njQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e7ae4fe8af33642-FRA
content-encoding
zstd
content-type
text/html
date
Sun, 24 Nov 2024 16:49:50 GMT
last-modified
Sat, 23 Nov 2024 15:57:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oH16w27AhvdVQUGWrIXYMpsT%2B5CwKhJU7KApEvCQ0OTAkVEB%2ByqjzZMuf6pel4lTM5kukMr0HMDZSLa8b%2FjonEWvu7Ywu5ESKgWkRRjaIVG4rb6FmD%2BXlaEIJL7Iklc%2Fl7v1cFnIFJ0o"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=37369&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4531&delivery_rate=446&cwnd=12000&unsent_bytes=0&cid=31994843d228c87d&ts=573&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000
/
ttd-cm.tagtoo.com.tw/prn/uidm/ 		0
0
Primary Request infospage.php
opt.samograd.ru/sefrioui/12/ 		1 B
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://opt.samograd.ru/sefrioui/12/infospage.php
Requested by
Host: www.dashifyexpress.com
URL: https://www.dashifyexpress.com/admin/view/stylesheet/amendes/redred.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:1::5c35:6086 , Russian Federation, ASN9123 (TimeWeb-AS TimeWeb Ltd., RU),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://www.dashifyexpress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
1
content-type
text/html; charset=UTF-8
date
Sun, 24 Nov 2024 16:49:51 GMT
server
nginx/1.26.1
favicon.ico
opt.samograd.ru/ 		40 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://opt.samograd.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:1::5c35:6086 , Russian Federation, ASN9123 (TimeWeb-AS TimeWeb Ltd., RU),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
a3a9a12dc096d0c786be2134f5cbbfd68d9be2a9604e2955e0bc0dab6e8eb5c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://opt.samograd.ru/sefrioui/12/infospage.php

Response headers

content-encoding
gzip
date
Sun, 24 Nov 2024 16:49:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.26.1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ttd-cm.tagtoo.com.tw
URL
https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=8632c2bafd0ef4266a28bb5435f287bc&pid=1009&puid=test_user_id&link=https%3A%2F%2Fwww.dashifyexpress.com%2Fadmin%2Fview%2Fstylesheet%2Famendes%2Fredred.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1732466989392.85129108336897362
reurl.cc/ Name: _tg_GEN
Value: 1