urlscan.io logo urlscan.io
SecurityTrails logo

bms-front.go2tr.work Open in urlscan Pro
172.67.220.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bms-user-front.go2tr.work/
Effective URL: https://bms-front.go2tr.work/account/login
Submission: On July 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 28 HTTP transactions. The main IP is 172.67.220.182, located in United States and belongs to CLOUDFLARENET, US. The main domain is bms-front.go2tr.work.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.
This is the only time bms-front.go2tr.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 172.67.220.182 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 20.122.63.128 8075 (MICROSOFT...)
28 12
15    172.67.220.182 (United States)

ASN13335 (CLOUDFLARENET, US)
bms-user-front.go2tr.work
bms-front.go2tr.work
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.de
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
Apex Domain
Subdomains		 Transfer
15 go2tr.work
bms-user-front.go2tr.work
bms-front.go2tr.work
940 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
p.clarity.ms — Cisco Umbrella Rank: 8701
28 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
191 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
775 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
249 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
19 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
54 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
28 10
Domain Requested by
14 bms-front.go2tr.work bms-front.go2tr.work
2 c.clarity.ms 1 redirects
2 region1.analytics.google.com bms-front.go2tr.work
2 www.clarity.ms bms-front.go2tr.work
www.clarity.ms
2 www.googletagmanager.com bms-front.go2tr.work
www.googletagmanager.com
1 p.clarity.ms bms-front.go2tr.work
1 c.bing.com 1 redirects
1 www.google.de bms-front.go2tr.work
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdnjs.cloudflare.com bms-front.go2tr.work
1 cdn.jsdelivr.net bms-front.go2tr.work
1 fonts.googleapis.com bms-front.go2tr.work
1 bms-user-front.go2tr.work 1 redirects
28 13

This site contains no links.

Subject Issuer Validity Valid
go2tr.work
WE1		 2024-07-11 -
2024-10-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.de
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bms-front.go2tr.work/account/login
Frame ID: 354F00D4DD96DEC616F13855292E12FE
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ورود - GO2TR

Page URL History Show full URLs

  1. https://bms-user-front.go2tr.work/ HTTP 302
    https://bms-front.go2tr.work/account/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

28
Requests

93 %
HTTPS

58 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

1233 kB
Transfer

5237 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bms-user-front.go2tr.work/ HTTP 302
    https://bms-front.go2tr.work/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C5396777D3B549FD8182E76E63545AF7&RedC=c.clarity.ms&MXFR=33A7A675DF4D63861051B2B5DB4D6D8F HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C5396777D3B549FD8182E76E63545AF7&MUID=2DA772BE9B7F65523775667E9AF46470

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bms-front.go2tr.work/account/
Redirect Chain
  • https://bms-user-front.go2tr.work/
  • https://bms-front.go2tr.work/account/login
758 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8566113fb54b9ef7737e591ef18e7bdd66d09cc405c2ae34daf8538c090989ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a562b14dba15c62-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 18 Jul 2024 23:14:29 GMT
expect-ct
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKguD7P2jIRUEeTCnYvpFXlccKk%2FXxmOSIs%2BbFg140OAwLlgZxK0gdhJvcFkQXw1KJ0wM9i9I%2BnmbqORgD%2FSfDmrt%2FQtkh03xUsuk7y8Cv2ItR93pZHz5x4%2Ba0BTWgj3JiSceMvjuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a562b137a6f5c62-FRA
date
Thu, 18 Jul 2024 23:14:29 GMT
location
https://bms-front.go2tr.work/account/login
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNZnrdrzpBB9ifndVughpHCSArcPdpp5lkW6gGuItRr4CZdflTX2G9RjjVnxzN8nUahmP0Wg%2B3y0lSkGjL51Vi5UPwRsDxs26kGGbXLgtcO2yT9eVUdiQu3BrDSoO0NeibuOTW6eQ4bb2Vtv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Jul 2024 22:56:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jul 2024 23:14:29 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33274
x-jsd-version
7.4.47
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54634
x-served-by
cache-fra-etou8220025-FRA, cache-lga21929-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sM4dUn2X1rRJ1hlx8GlRLZ5%2F9xqKfL1eqUNmlRAlp8m%2F9m%2BEnsh7iaRL7qjODbbumwmUtTyizx1NtFyGJ5juFb0wRlnWgVQzPxi3kZdeUjv9okJQZ1UZ6%2FrFu5%2Bgpj8SNq8b2I9Aeq6eVj1lYII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a562b179e10bb9d-FRA
jspdf.min.js
cdnjs.cloudflare.com/ajax/libs/jspdf/0.9.0rc1/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jspdf/0.9.0rc1/jspdf.min.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69b0edbedc65d630aede9fe116c5b642294e7db96374bf7432f6e7977c65323
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bms-front.go2tr.work/
Origin
https://bms-front.go2tr.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
28253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19104
last-modified
Mon, 04 May 2020 16:11:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecd-107c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjXuIT56zQlj0QLuMv%2FBIrxkRh%2BijqMlhnI426yGvcnDOfMqsCj2tXYev6IHk1PiSlTgt19FUTNCNuzVVSlPNojJlaP5aiRIVBbPtgeYtm2URGS5KF0KSt%2FXwfsETUyqhYSWKifv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a562b174a073a88-FRA
expires
Tue, 08 Jul 2025 23:14:29 GMT
cbf4c77.js
bms-front.go2tr.work/_nuxt/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/cbf4c77.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26587f8ea3e0594d5e36cfaaf54a3d76089a326c1fe604b37bd0b28e6a4abc49

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d0e-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLovcUgFK0rtdg7EbjV0zm6ZBPAYbjjeJMJRPStZY2ekfqYcHJVlGkaTacL8V1pZAaKruHGoXNcSWhas7Bmp8P8GYIe84h8kFm6m27kWEX%2FOo6SliCBaSukNIBr6KQk7qcqJWjATTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b16fd3c5c62-FRA
alt-svc
h3=":443"; ma=86400
0a7609d.js
bms-front.go2tr.work/_nuxt/ 		242 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/0a7609d.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a793b82a721fdd0e94bc4fb9d45c3b07938a899e7fd14eca53163db242804fd2

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3c808-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bn2teguuuH2ZT3P%2BbDqs6oV1Bb1BqhWOqP6d%2FA18LnnIpqGVQE9fnfEUaYuZY%2FCEJIDJiwpYlmgx%2BDx62eTih8RE5RUsZsgga0Y8YWENRbfLU6kikh5ARctDM0s%2B0eo4ihj9R6zr%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b16fd3d5c62-FRA
alt-svc
h3=":443"; ma=86400
38b2259.js
bms-front.go2tr.work/_nuxt/ 		1 MB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/38b2259.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc1734a8ba180fba3828e323854f7ad8116a991be261c6aa92f9806b606b11b

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"13d157-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tL9aN7qa7WO9hNB84DlDG0ekaNWSUwnJsKMX8WG8FESSK5PcSFPvUpUaK5rsUeY0yBDI7mtK3qxrfbU3iNEv7yzhpfnFrqpdA7pxzRo9%2FApYtqcHZyzkDtEq%2BgKqutXHWzlxi8Dyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b16fd3e5c62-FRA
alt-svc
h3=":443"; ma=86400
acf5225.js
bms-front.go2tr.work/_nuxt/ 		1 MB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/acf5225.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c4bd6af6bdd2d7503496aade3fbd12a4269e0b8359d157915ad6966634c8b5

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"17e739-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0qMLCqU1BqtGoknsWlBBcel4OFVdpkXsJ0xcy3AY5ZxvjFP%2FdD5AdK9od0GWBFeep4bAu6aAxYZrkMzrzXAR5dGgLBAksZIIEIvYm6hBXGAKbqA6pF%2FrP8nMNMEkdtaLU%2BVRKu6Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b16fd3f5c62-FRA
alt-svc
h3=":443"; ma=86400
dde47a6.js
bms-front.go2tr.work/_nuxt/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/dde47a6.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674f5490b2c37668014085089deb6303e78f0f7e6b5214d12b9c934499e3553d

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"996c-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfOfxPLu97SS0esTBchDab3ailRJICpA8HFEAVWHimLKXxGUjDg%2BTbBZPONyAToCDlywlIJrga0Y1xLxei6d1SAXXOzBmIuD%2FfwTHGoBmz7AJxgOgcUuldW%2FtV8Y89n17rIipgRqig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b16fd405c62-FRA
alt-svc
h3=":443"; ma=86400
logo-login-horizontal.f7fc433.png
bms-front.go2tr.work/_nuxt/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bms-front.go2tr.work/_nuxt/img/logo-login-horizontal.f7fc433.png
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728fab319db671ffedc9ac8fc369a6bf9a2fd8fcdec8cd74eb9dd3832f79552d

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"12c5-190c58827a8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwV5ySG%2BYDiyl%2BsD4hwpfMiBDKCjXod0RUaGk59sm4uW15lEsLy2lgAidYWhDY9Q3eW%2BAWINQpm5Acv8QMoLTse4qUIr82uDTh2PZUULGFXr2VEsHuVPcQmXdIRdd%2Bh2k%2FW33KgOyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b178da15c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
4805
gtm.js
www.googletagmanager.com/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M674JR5
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cd69d5bdf13efce634038904327d6c1e0e34b777c5088f006a72a9dd4cebfd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91526
x-xss-protection
0
last-modified
Thu, 18 Jul 2024 22:19:28 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jul 2024 23:14:29 GMT
loginBg.jpg
bms-front.go2tr.work/images/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bms-front.go2tr.work/images/loginBg.jpg
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3530f2a023863286a1b9b1d4ebba4a32b454950413c61999432bb8219612c49e

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jul 2024 12:46:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1e392-190a1d4a4d0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcz5xcbpAXxKoQsFaB7jBfX%2BfpifYucxCA2vc55f3JIK%2FHjh9PXhKTh7e5%2FNphMNpq8MEBMylIlnpN7MJVhNudI8nOxiAhkT6MDpFUVptFJZvCxxgwR1zK6OURtg92RJYdXn9MmYTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8a562b183e865c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
123794
IRANYekanFaNum-Bold.957eb0c.ttf
bms-front.go2tr.work/_nuxt/fonts/ 		92 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/fonts/IRANYekanFaNum-Bold.957eb0c.ttf
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa573b535df39f09f96df7152545c9e8af8580206f30694e3fc13d32ee4657be

Request headers

Referer
https://bms-front.go2tr.work/account/login
Origin
https://bms-front.go2tr.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16ee4-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1qoQ6QbGOWWhIKGw2w7pqb3OsTxnlfF9lswxXRnK6xDv813dWNRJXDPC7kZClwE8t%2BftALtsHniVST2G3bnOqV7lXmO96boESkA9C%2BkT12Drh%2FT%2BiDTPohe%2Fe1nA7ebeNlK5yMlNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b184e965c62-FRA
alt-svc
h3=":443"; ma=86400
IRANYekanFaNum-Regular.ff6b9df.ttf
bms-front.go2tr.work/_nuxt/fonts/ 		92 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/fonts/IRANYekanFaNum-Regular.ff6b9df.ttf
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf8929adae09184886eb3aca6c564018d714eccf99dc2b37543dcefdfcf84f6

Request headers

Referer
https://bms-front.go2tr.work/account/login
Origin
https://bms-front.go2tr.work
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16ea0-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezYKNrnEc8iRjh7mP8vsDwxlG8IprUPJo4wmoDXUfse1gU3KGGJas1VVuOMJwP1Z2JyihAMapN%2BbqwMwby92xxmYzT1Zi7ozumZ5TtH13HFYcSmzSRhz7aR%2Fdgl2lA1UaYVCKvPzxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b184e975c62-FRA
alt-svc
h3=":443"; ma=86400
81ecd41.js
bms-front.go2tr.work/_nuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/81ecd41.js
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/_nuxt/cbf4c77.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730c2cfbc8d0159abc039fa84256df1f51f4df9af7759e9be329ebfff3133511

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1486-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqcqGn2JL%2FT35ae6I2fgi6r6FiNwWMearKiEUe8nmmqrWfMkmHWiwR92J%2BUJ4RVI0W1rV5FMXuOVOYG%2BrktN0lr8UmkqLrWiDsUd%2Fow7%2B3yaLalUsI4rO6ePlW47cEMY%2FHaaAJu73A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b196f3f5c62-FRA
alt-svc
h3=":443"; ma=86400
logo-login-vertical.6428c29.svg
bms-front.go2tr.work/_nuxt/img/ 		24 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bms-front.go2tr.work/_nuxt/img/logo-login-vertical.6428c29.svg
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7127087f1436720a82fa7915447b9074443d1f8f73cbcf9960e75f2854cf6d56

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5eda-190c58827a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4p12tzmJewWZyPr5x6nqJ4z7PPHYRiNOlJea2xmlvbKdkZTKk%2BHf7C5GCr3qwHF799v7X1hnezXW%2B40Vm93EMyHqcW%2FmfB%2BS8QOgDShKY00mJYkMpXUogWTRcV5jLXjbqI5lQ41myw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b19cf6b5c62-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		299 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D6JXX03J42&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M674JR5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
282d06d6029531fd6b53d473b9ad13aaa61c57506e37e81edf666b13e548977c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103004
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Jul 2024 23:14:30 GMT
c2euzib0do
www.clarity.ms/tag/ 		638 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/c2euzib0do?ref=gtm2
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2171185c8b57caad6b612738ad822f5a228a97462a7f51ab8e2dd173d8011e40

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Thu, 18 Jul 2024 23:14:30 GMT
x-azure-ref
20240718T231430Z-17c86fbf54dvpbfc67rq2p2cfw0000000dkg000000001qpc
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D6JXX03J42&gtm=45je47h0v869484647z8866898892za200zb866898892&_p=1721344469750&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1904792494.1721344470&ecid=959366715&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721344470&sct=1&seg=0&dl=https%3A%2F%2Fbms-front.go2tr.work%2Faccount%2Flogin&dt=%D9%88%D8%B1%D9%88%D8%AF%20-%20GO2TR&en=gtm.js&_et=1&tfd=1263&_z=fetch
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/_nuxt/38b2259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 23:14:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bms-front.go2tr.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D6JXX03J42&gtm=45je47h0v869484647z8866898892za200zb866898892&_p=1721344469750&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1904792494.1721344470&ecid=959366715&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1721344470&sct=1&seg=0&dl=https%3A%2F%2Fbms-front.go2tr.work%2Faccount%2Flogin&dt=%D9%88%D8%B1%D9%88%D8%AF%20-%20GO2TR&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1264&_z=fetch
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/_nuxt/38b2259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 23:14:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bms-front.go2tr.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D6JXX03J42&cid=1904792494.1721344470&gtm=45je47h0v869484647z8866898892za200zb866898892&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6JXX03J42&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 23:14:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bms-front.go2tr.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D6JXX03J42&cid=1904792494.1721344470&gtm=45je47h0v869484647z8866898892za200zb866898892&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=233626762
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/account/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 23:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/c2euzib0do?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:30 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240718T231430Z-17c86fbf54dvpbfc67rq2p2cfw0000000dkg000000001qps
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b74267ae-501e-0064-69b3-d6df43000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C5396777D3B549FD8182E76E63545AF7&RedC=c.clarity.ms&MXFR=33A7A675DF4D63861051B2B5DB4D6D8F
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C5396777D3B549FD8182E76E63545AF7&MUID=2DA772BE9B7F65523775667E9AF46470
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C5396777D3B549FD8182E76E63545AF7&MUID=2DA772BE9B7F65523775667E9AF46470
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 23:14:30 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Jul 2024 23:14:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C3C0E324DCE4568B6B4DFE9D073EF5B Ref B: FRA31EDGE0615 Ref C: 2024-07-18T23:14:30Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C5396777D3B549FD8182E76E63545AF7&MUID=2DA772BE9B7F65523775667E9AF46470
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
icon_64x64.bb1ef9.png
bms-front.go2tr.work/_nuxt/icons/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/_nuxt/icons/icon_64x64.bb1ef9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cb73fc164d65289a1683e708af03843d9954b7db543d569ddab62ba49f58fc

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:30 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Jul 2024 11:11:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b7d-190c589c9a0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDA6qgRMRPMT%2Bx1Po5aOYjPGGr1gHdr5hdyyZ5f33G9VJ2Mlfdbg6Ju2gAYr8RtLZYoCErYP6woE%2FlwziQMuDKIIhRqZyHapNQTTtLr%2FEEFtIJHbMxaysJr9CluOzA56EzhBENRarQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a562b1dba7a5c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
2941
collect
p.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: bms-front.go2tr.work
URL: https://bms-front.go2tr.work/_nuxt/38b2259.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://bms-front.go2tr.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bms-front.go2tr.work
Date
Thu, 18 Jul 2024 23:14:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
favicon.ico
bms-front.go2tr.work/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bms-front.go2tr.work/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d103c83b6ddcbafe0056858fec17584aa213b250bf2efc42ef7880e07231e1c1

Request headers

Referer
https://bms-front.go2tr.work/account/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 23:14:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jul 2024 12:46:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"21bc-190a1d4a4d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50Du2TLKVRlzwpEOFu1Ag8ChF2DYtegIYu%2Fhkp2Npi%2FfrKD1CtRlFtPRcjfdToR%2B7wIJkWx5EICM5b7Q4xmCXl16unLhWamJtFAk87b7HMdA1rqEqRNimgMxxkHxvLOLiBbpADWN1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8a562b1e2ab95c62-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D6JXX03J42&gtm=45je47h0v869484647za200zb866898892&_p=1721344469750&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1904792494.1721344470&ecid=959366715&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1721344470&sct=1&seg=0&dl=https%3A%2F%2Fbms-front.go2tr.work%2Faccount%2Flogin&dt=%D9%88%D8%B1%D9%88%D8%AF%20-%20GO2TR&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6271&_z=fetch

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| _gtm_init object| _gtm_ids function| _gtm_inject object| dataLayer object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __SENTRY__ function| Hammer object| $workbox object| $nuxt object| google_tag_manager object| google_tag_data function| clarity function| onYouTubeIframeAPIReady object| gaGlobal

11 Cookies

Domain/Path Name / Value
.go2tr.work/ Name: _gcl_au
Value: 1.1.218060114.1721344470
.go2tr.work/ Name: _ga
Value: GA1.1.1904792494.1721344470
.go2tr.work/ Name: _ga_D6JXX03J42
Value: GS1.1.1721344470.1.0.1721344470.60.0.959366715
www.clarity.ms/ Name: CLID
Value: cdfa11d2465a43de93aefb2b2caa67fe.20240718.20250718
.bing.com/ Name: MUID
Value: 2DA772BE9B7F65523775667E9AF46470
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2DA772BE9B7F65523775667E9AF46470
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2DA772BE9B7F65523775667E9AF46470
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bms-front.go2tr.work
bms-user-front.go2tr.work
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
p.clarity.ms
region1.analytics.google.com
stats.g.doubleclick.net
www.clarity.ms
www.google.de
www.googletagmanager.com
region1.analytics.google.com
104.17.24.14
13.74.129.1
142.250.186.99
172.67.220.182
20.122.63.128
2001:4860:4802:32::36
2606:4700::6812:bb1f
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2008
2a00:1450:400c:c09::9b
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
09cb73fc164d65289a1683e708af03843d9954b7db543d569ddab62ba49f58fc
1fc1734a8ba180fba3828e323854f7ad8116a991be261c6aa92f9806b606b11b
2171185c8b57caad6b612738ad822f5a228a97462a7f51ab8e2dd173d8011e40
26587f8ea3e0594d5e36cfaaf54a3d76089a326c1fe604b37bd0b28e6a4abc49
282d06d6029531fd6b53d473b9ad13aaa61c57506e37e81edf666b13e548977c
3530f2a023863286a1b9b1d4ebba4a32b454950413c61999432bb8219612c49e
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
674f5490b2c37668014085089deb6303e78f0f7e6b5214d12b9c934499e3553d
7127087f1436720a82fa7915447b9074443d1f8f73cbcf9960e75f2854cf6d56
728fab319db671ffedc9ac8fc369a6bf9a2fd8fcdec8cd74eb9dd3832f79552d
730c2cfbc8d0159abc039fa84256df1f51f4df9af7759e9be329ebfff3133511
8566113fb54b9ef7737e591ef18e7bdd66d09cc405c2ae34daf8538c090989ab
8cd69d5bdf13efce634038904327d6c1e0e34b777c5088f006a72a9dd4cebfd8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a793b82a721fdd0e94bc4fb9d45c3b07938a899e7fd14eca53163db242804fd2
c69b0edbedc65d630aede9fe116c5b642294e7db96374bf7432f6e7977c65323
ccf8929adae09184886eb3aca6c564018d714eccf99dc2b37543dcefdfcf84f6
d103c83b6ddcbafe0056858fec17584aa213b250bf2efc42ef7880e07231e1c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4bd6af6bdd2d7503496aade3fbd12a4269e0b8359d157915ad6966634c8b5
fa573b535df39f09f96df7152545c9e8af8580206f30694e3fc13d32ee4657be
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988