urlscan.io logo urlscan.io
SecurityTrails logo

pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev Open in urlscan Pro
2606:4700::6812:223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Ftradermatic.net%2Fwp-content%2Fupdate.html%23ZFdkMWNpNW...
Effective URL: https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/referrer.html
Submission Tags: falconsandbox
Submission: On September 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 11 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.
This is the only time pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.33.24.26 16509 (AMAZON-02)
1 162.0.221.5 22612 (NAMECHEAP...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.128.42.148 14061 (DIGITALOC...)
1 144.126.225.117 14061 (DIGITALOC...)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.117.59.81 396982 (GOOGLE-CL...)
11 9
1    52.33.24.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-24-26.us-west-2.compute.amazonaws.com
ddei5-0-ctp.trendmicro.com
1    162.0.221.5 (Lebanon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.emmanueladegbola.com
tradermatic.net
2    2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)
pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    178.128.42.148 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1318067.cloudwaysapps.com
phpstack-1318067-4814394.cloudwaysapps.com
1    144.126.225.117 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1073385.cloudwaysapps.com
phpstack-1073385-3755625.cloudwaysapps.com
1    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t2.gstatic.com
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
Apex Domain
Subdomains		 Transfer
3 cloudwaysapps.com
phpstack-1318067-4814394.cloudwaysapps.com
phpstack-1073385-3755625.cloudwaysapps.com
4 KB
2 r2.dev
pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev
pub-856679b09e5a4159949802cd4cd7d09e.r2.dev Failed
41 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 5710
488 B
1 gstatic.com
t2.gstatic.com
966 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
19 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2512
155 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
30 KB
1 tradermatic.net
tradermatic.net
1 KB
1 trendmicro.com
ddei5-0-ctp.trendmicro.com
258 B
11 9
Domain Requested by
2 phpstack-1318067-4814394.cloudwaysapps.com tradermatic.net
phpstack-1318067-4814394.cloudwaysapps.com
2 pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev tradermatic.net
1 ipinfo.io ajax.googleapis.com
1 t2.gstatic.com
1 www.google.com 1 redirects
1 api.ipify.org ajax.googleapis.com
1 phpstack-1073385-3755625.cloudwaysapps.com ajax.googleapis.com
1 ajax.googleapis.com pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev
1 tradermatic.net
1 ddei5-0-ctp.trendmicro.com 1 redirects
0 pub-856679b09e5a4159949802cd4cd7d09e.r2.dev Failed pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev
11 11

This site contains no links.

Subject Issuer Validity Valid
tradermatic.net
cPanel, Inc. Certification Authority		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.r2.dev
E6		 2024-08-01 -
2024-10-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.cloudwaysapps.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-05 -
2025-05-06		 a year crt.sh
ipify.org
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh
ipinfo.io
R11		 2024-08-17 -
2024-11-15		 3 months crt.sh

This page contains 1 frames:

Frame: https://pub-856679b09e5a4159949802cd4cd7d09e.r2.dev/genPg.html
Frame ID: E4100340B1EB73F6FEB85BA99F1A5992
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account settings

Page URL History Show full URLs

  1. https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Ftradermatic.net%2Fwp-content%2Fupda... HTTP 302
    https://tradermatic.net/wp-content/update.html Page URL
  2. https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/referrer.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

82 %
HTTPS

40 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

77 kB
Transfer

134 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Ftradermatic.net%2Fwp-content%2Fupdate.html%23ZFdkMWNpNW5aVzVqUUhscGJHUnBjbWx0WjNKdmRYQXVZMjl0&umid=EF2A8337-21A9-BC06-9C6A-3C24DC42BE31&auth=dd31930d61064e673c596300b96ee73f52f67596-53e26f73122d0b1fb9fa3a9409456c6d6238e65a HTTP 302
    https://tradermatic.net/wp-content/update.html Page URL
  2. https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/referrer.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Ftradermatic.net%2Fwp-content%2Fupdate.html%23ZFdkMWNpNW5aVzVqUUhscGJHUnBjbWx0WjNKdmRYQXVZMjl0&umid=EF2A8337-21A9-BC06-9C6A-3C24DC42BE31&auth=dd31930d61064e673c596300b96ee73f52f67596-53e26f73122d0b1fb9fa3a9409456c6d6238e65a HTTP 302
  • https://tradermatic.net/wp-content/update.html
Request Chain 7
  • https://www.google.com/s2/favicons?domain=google.com HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
update.html
tradermatic.net/wp-content/
Redirect Chain
  • https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3A%2F%2Ftradermatic.net%2Fwp-content%2Fupdate.html%23ZFdkMWNpNW5aVzVqUUhscGJHUnBjbWx0WjNKdmRYQXVZMjl0&umid=EF2A8337-21A9-BC06-9C6...
  • https://tradermatic.net/wp-content/update.html
963 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tradermatic.net/wp-content/update.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.221.5 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server1.emmanueladegbola.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
638
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html
Date
Mon, 09 Sep 2024 07:01:45 GMT
ETag
"3c3-620af84e5d131-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 27 Aug 2024 19:48:01 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 09 Sep 2024 07:01:43 GMT
location
https://tradermatic.net/wp-content/update.html#ZFdkMWNpNW5aVzVqUUhscGJHUnBjbWx0WjNKdmRYQXVZMjl0
server
istio-envoy
x-envoy-decorator-operation
ctp-web-service.ctp.svc.cluster.local:8080/*
x-envoy-upstream-service-time
551
Primary Request referrer.html
pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/referrer.html
Requested by
Host: tradermatic.net
URL: https://tradermatic.net/wp-content/update.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e38273f1e303655fcebb099d4394a4c5570735117f57049aa5c746d3ca78e8

Request headers

Referer
https://tradermatic.net/wp-content/update.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
CF-RAY
8c054f0e8ace3618-FRA
Connection
keep-alive
Content-Length
13939
Content-Type
text/html
Date
Mon, 09 Sep 2024 07:01:45 GMT
ETag
"3853b5efd0c6650660051ea2853ee7d0"
Last-Modified
Wed, 04 Sep 2024 23:42:28 GMT
Server
cloudflare
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev
URL: https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/referrer.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 03:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Sep 2025 03:07:56 GMT
geo.js
phpstack-1318067-4814394.cloudwaysapps.com/enterprises/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phpstack-1318067-4814394.cloudwaysapps.com/enterprises/geo.js
Requested by
Host: tradermatic.net
URL: https://tradermatic.net/wp-content/update.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.42.148 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1318067.cloudwaysapps.com
Software
nginx /
Resource Hash
91925f3e29025c0bcbcef2151194a143e47545922b5fedb4b98cbdac3202b9a7

Request headers

Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 07:01:46 GMT
content-encoding
gzip
last-modified
Fri, 23 Aug 2024 04:14:14 GMT
server
nginx
etag
W/"66c80c96-1847"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noindex, nofollow
favicon.ico
pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

Request headers

Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/referrer.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 09 Sep 2024 07:01:46 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
8c054f12bff83618-FRA
Content-Length
27150
Vary
Accept-Encoding
Content-Type
text/html
valid.php
phpstack-1073385-3755625.cloudwaysapps.com/dns/ 		73 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://phpstack-1073385-3755625.cloudwaysapps.com/dns/valid.php?callback=jQuery33108584137339998672_1725865306021&domain=ugur.genc%40yildirimgroup.com&loc=&_=1725865306022
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.225.117 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1073385.cloudwaysapps.com
Software
nginx /
Resource Hash
bed6b69605e03af344d0ff12b619e2448e5f1dec7743fd1c9d98787428b86f51

Request headers

Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Sep 2024 07:01:46 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
93
expires
Thu, 19 Nov 1981 08:52:00 GMT
styleloader.css
phpstack-1318067-4814394.cloudwaysapps.com/enterprises/ 		818 B
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://phpstack-1318067-4814394.cloudwaysapps.com/enterprises/styleloader.css
Requested by
Host: phpstack-1318067-4814394.cloudwaysapps.com
URL: https://phpstack-1318067-4814394.cloudwaysapps.com/enterprises/geo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.42.148 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1318067.cloudwaysapps.com
Software
nginx /
Resource Hash
cf22b2887d9149316c18b42248535bcf32c1c3a3bb31a59b7c6d414c54e9503f

Request headers

Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 07:01:49 GMT
content-encoding
gzip
last-modified
Fri, 23 Aug 2024 04:15:35 GMT
server
nginx
etag
W/"66c80ce7-332"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noindex, nofollow
/
api.ipify.org/ 		22 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0976ab1e4064ab2f67b70c83e539857c82878677f1afba565b183a907753f770

Request headers

Accept
*/*
Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 07:01:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8c054f26af4b3a5a-FRA
content-length
22
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain=google.com
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
400 B
966 B 		Other
General
Check archive.org
Download Go to
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
Protocol
H2
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 19:16:14 GMT
x-content-type-options
nosniff
age
128735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Tue, 17 Mar 2020 17:44:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
expires
Sat, 14 Sep 2024 19:16:14 GMT

Redirect headers

date
Mon, 09 Sep 2024 06:51:47 GMT
x-content-type-options
nosniff
server
sffe
age
602
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Mon, 09 Sep 2024 07:21:47 GMT
45.141.152.76
ipinfo.io/ 		302 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/45.141.152.76
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
6c2043224c6ad14e2fe6191bfac8881f97952cafaf5837cd6543db57f1835cb9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 07:01:49 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
via
1.1 google
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
1; mode=block
genPg.html
pub-856679b09e5a4159949802cd4cd7d09e.r2.dev/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pub-856679b09e5a4159949802cd4cd7d09e.r2.dev
URL
https://pub-856679b09e5a4159949802cd4cd7d09e.r2.dev/genPg.html

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| d9f76c function| lI1 function| dawqpk58mTob6Jog9EHOg function| displayPage string| l_ll string| l11 number| lII string| zLP object| g4r8EW1 object| e8KH65U string| pujg16L string| hr27524b string| dUARbort8y function| feR7s0Ra5Y string| jdolXrOHDEi string| f31mI7 function| ob6Jog9EHOgdawqpk58mT string| xpevfv string| c0IxtjG6N8BODi string| k042QNdmJSXrNo number| ii object| l5 string| l6 number| ll number| _l function| nem function| ge string| tN function| getCountry function| myIP function| onBodyLoad function| loadCSS function| isBase64 function| getUrlVars function| getDNS function| delaySuccess number| j

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://pub-43ad7296d7dd4cd2a2afbd2639d63913.r2.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests