shre.su Open in urlscan Pro
2606:4700:20::681a:9f3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eu.topfreeclub.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVko...
Effective URL:
https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA
Submission Tags: https://phish.report @phish_report Search All
Submission: On November 03 via api (November 3rd 2021, 8:29:05 am UTC) from FI — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2606:4700:20::681a:9f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is shre.su.
TLS certificate: Issued by R3 on October 7th 2021. Valid for: 3 months.

This is the only time shre.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	109.206.176.125 109.206.176.125	50245 (SERVEREL-AS) (SERVEREL-AS)
5	2606:4700:20:... 2606:4700:20::681a:9f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3

5 109.206.176.125 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.176.125.serverel.net

eu.topfreeclub.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.rplnd1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.rexpush.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.eu.tpgm2wrld.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:9f3 (United States)

ASN13335 (CLOUDFLARENET, US)

shre.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	shre.su shre.su	20 KB
2	rexpush.info eu.rexpush.info	60 KB
1	tpgm2wrld.xyz 1.eu.tpgm2wrld.xyz	6 KB
1	rplnd1.com eu.rplnd1.com	6 KB
1	topfreeclub.xyz 1 redirects eu.topfreeclub.xyz	190 B
0	googleapis.com Failed fonts.googleapis.com Failed
0	bootstrapcdn.com Failed stackpath.bootstrapcdn.com Failed
11	7

	Domain	Requested by
5	shre.su	eu.rexpush.info shre.su
2	eu.rexpush.info	eu.rplnd1.com 1.eu.tpgm2wrld.xyz
1	1.eu.tpgm2wrld.xyz	eu.rexpush.info
1	eu.rplnd1.com
1	eu.topfreeclub.xyz	1 redirects
0	fonts.googleapis.com Failed	shre.su
0	stackpath.bootstrapcdn.com Failed	shre.su
11	7

This site contains no links.

Subject Issuer	Validity	Valid
tpgm2wrld.xyz R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
eu.rexpush.net R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
*.shre.su R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA
Frame ID: 29C436600E24CF8DC35FFF294588740F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sharem.tech

Page URL History Show full URLs

https://eu.topfreeclub.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C... HTTP 302
https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C... Page URL
https://1.eu.tpgm2wrld.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C... Page URL
https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA Page URL

Page Statistics

11
Requests

82 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

93 kB
Transfer

250 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eu.topfreeclub.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0 HTTP 302
https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0 Page URL
https://1.eu.tpgm2wrld.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0 Page URL
https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://eu.topfreeclub.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0 HTTP 302
https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/
Redirect Chain

https://eu.topfreeclub.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0
https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0

10 KB
6 KB

52ms
16ms

Document
text/html

109.206.176.125
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.176.125 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.176.125.serverel.net
Software: nginx /
Resource Hash: 06a24b8846682125c4e3d070a931d381dd85a287ddd2fef638e8fc57e4257bd2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

server: nginx
date: Wed, 03 Nov 2021 08:28:51 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 03 Nov 2021 08:28:51 GMT
content-type: text/html; charset=UTF-8
location: https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0

GET
H2 200 subscribe.min.js Show response
eu.rexpush.info/js/ 82 KB
30 KB 53ms
17ms Script
text/javascript 109.206.176.125
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.rexpush.info/js/subscribe.min.js?tag=923&attempt=0&rnd=483625430&lnd=loading&v=2&token=56402484bd9b7abb4d7d563708146f53&click_id=%3DJ1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&sub3=&tb=&t_rdr=
Requested by: Host: eu.rplnd1.com
URL: https://eu.rplnd1.com/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.176.125 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.176.125.serverel.net
Software: nginx /
Resource Hash: 86629c6d018f3160f88ac6300da228a506af454455b5e18acd457987fb2d16e1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://eu.rplnd1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:28:51 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
1.eu.tpgm2wrld.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/ 10 KB
6 KB 27ms
19ms Document
text/html 109.206.176.125
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1.eu.tpgm2wrld.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0
Requested by: Host: eu.rexpush.info
URL: https://eu.rexpush.info/js/subscribe.min.js?tag=923&attempt=0&rnd=483625430&lnd=loading&v=2&token=56402484bd9b7abb4d7d563708146f53&click_id=%3DJ1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&sub3=&tb=&t_rdr=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.176.125 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.176.125.serverel.net
Software: nginx /
Resource Hash: 190551d9ebf337e8de2e447b3c6191b2f3fdfd6af2da8e007fa3f11db63e6849

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://eu.rplnd1.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 08:28:51 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip

GET
H2 200 subscribe.min.js Show response
eu.rexpush.info/js/ 82 KB
30 KB 19ms
19ms Script
text/javascript 109.206.176.125
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.rexpush.info/js/subscribe.min.js?tag=923&attempt=1&rnd=311381137&lnd=loading&v=2&token=56402484bd9b7abb4d7d563708146f53&click_id=%3DJ1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&sub3=&tb=&t_rdr=
Requested by: Host: 1.eu.tpgm2wrld.xyz
URL: https://1.eu.tpgm2wrld.xyz/loading/923/56402484bd9b7abb4d7d563708146f53/?&click_id==J1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&fullscreen=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.176.125 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.176.125.serverel.net
Software: nginx /
Resource Hash: 6e2d5fa97acaa8a0698c587b854d4c51f22f373b095160a252c0888650f6e0f0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1.eu.tpgm2wrld.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:28:51 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8

GET
H2 200 Primary Request submit Show response
shre.su/ 5 KB
3 KB 255ms
186ms Document
text/html 2606:4700:20::681a:9f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA

Requested by

Host: eu.rexpush.info
URL: https://eu.rexpush.info/js/subscribe.min.js?tag=923&attempt=1&rnd=311381137&lnd=loading&v=2&token=56402484bd9b7abb4d7d563708146f53&click_id=%3DJ1BlcgL_9L_9&sub1=C6WA&sub2=JlRheE1FVkoiJkhWBgFPBlUDHQYCAUgEX1YaJ2UL_9&sub3=&tb=&t_rdr=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.26

Resource Hash

db75f1a68c078810ead847802f440dc39cb9b2c9fdf00974b3d8afdb470be7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1.eu.tpgm2wrld.xyz/

Response headers

date: Wed, 03 Nov 2021 08:28:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.26
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjFDF1EDzLbVkKzxZ79UgJ%2FOkgFUI8WVrxcz7VvqfXI7DkPgaF6GGjb7LY2PjCCd0ptigmmk0cB2TqrVxiSYaKs2V4VYR5QsqahAQldGlHAyN1Otmi3kys%2Bvdyu7hQL6eSV6stA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a843b4a0bee4dbe-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 0
0

GET css2
fonts.googleapis.com/ 0
0

GET
H2 200 nprogress.css
shre.su/css/ 335 B
484 B 42ms
40ms Stylesheet
text/css 2606:4700:20::681a:9f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shre.su/css/nprogress.css?v=1.1

Requested by

Host: shre.su
URL: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cb53c8b64336eef2a3b4e2cf6631afd579073edabb0c023c35278b26673f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4350
cf-polished: origSize=421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 07 Nov 2020 19:17:20 GMT
server: cloudflare
etag: W/"5fa6f2c0-1a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URIkGfV%2BrxsvhHnACfHcbnrcREMe5QOhOqklREwDnvISqWaDFJ%2FclcPN3y1l2QZoK4dCJteqCdc%2FS2IFeS1fTq%2FEQvcbNMPMRQcHIHLlw6T0Zb1vW9sLcrA5%2BTCGvkmxVhDyysc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6a843b4b4dfa4dbe-FRA
cf-bgj: minify

GET
H2 200 general.css
shre.su/css/ 14 KB
4 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:9f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shre.su/css/general.css?v=1.1

Requested by

Host: shre.su
URL: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bfb6676bf2f32816c2a93f49a476cc023db53391649733214654e3f9f14fc76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 899
cf-polished: origSize=18404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 07 Jan 2021 20:49:26 GMT
server: cloudflare
etag: W/"5ff773d6-47e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ0CgkKHLMjC9L1zgKPD9m7nfA%2FCQHcRylfaZ%2BxMbzXAT6H4wqhn5udSjnrPrJ0l0J2a9JxndbxXtCywsFPk144t3zItJpiy5L8%2FB8rr6ZGtTClXjqqyeLVm6h7KFTu6P15ADR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 6a843b4b4dfd4dbe-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
shre.su/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 25ms
24ms Script
text/javascript 2606:4700:20::681a:9f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shre.su/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: shre.su
URL: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U8v7bwAd%2FwWwrNXYp22Ss2ihfPQkLPOXppnJsRu9PVCaCf2ajRsdi18KWfoUvC8rUpmSUg1Y%2FATKMTJ6jfD9t4j6jhY2tsz%2FfgrR6P2BpqUo%2Fu4DtWCdJy%2FD25jb4AhelPHw00%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 6a843b4b4dfe4dbe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
shre.su/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:9f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shre.su/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: shre.su
URL: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://shre.su/submit?id=wh5FHnp8uWYWWRUjZmtfZGzC8Q3HnCL9&salt=%3DJ1BlcgL_9L_9&traffic=C6WA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"616eb975-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSXnTn2d3uo6Jp53yZhHaOsiBODA0qRH%2B0NA5FeHpO4uvQDpmQEbvP4x5AaXunCzDhTJ0pcLED08QtyyZF0WOlx6Oa7qbe1JltHKSJaImyCmDCadLfwodSXkXJIxxpz5teYsLls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6a843b4b4e024dbe-FRA
expires: Fri, 05 Nov 2021 08:28:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css?v=1.1

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;800&display=swap

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rexpush.info/	1970-01-23 14:01:28	Name: _f_30d9ff6106b5fe28d448dd5186c64932 Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.eu.tpgm2wrld.xyz
eu.rexpush.info
eu.rplnd1.com
eu.topfreeclub.xyz
fonts.googleapis.com
shre.su
stackpath.bootstrapcdn.com
fonts.googleapis.com
stackpath.bootstrapcdn.com
109.206.176.125
2606:4700:20::681a:9f3
06a24b8846682125c4e3d070a931d381dd85a287ddd2fef638e8fc57e4257bd2
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
190551d9ebf337e8de2e447b3c6191b2f3fdfd6af2da8e007fa3f11db63e6849
6e2d5fa97acaa8a0698c587b854d4c51f22f373b095160a252c0888650f6e0f0
86629c6d018f3160f88ac6300da228a506af454455b5e18acd457987fb2d16e1
8bfb6676bf2f32816c2a93f49a476cc023db53391649733214654e3f9f14fc76
c7cb53c8b64336eef2a3b4e2cf6631afd579073edabb0c023c35278b26673f0f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
db75f1a68c078810ead847802f440dc39cb9b2c9fdf00974b3d8afdb470be7e7

shre.su Open in urlscan Pro 2606:4700:20::681a:9f3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

82 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

3 IPs

2 Countries

93 kBTransfer

250 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

shre.su Open in urlscan Pro
2606:4700:20::681a:9f3 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

93 kB
Transfer

250 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions