ctt-express.net Open in urlscan Pro
104.21.89.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ctt-express.net/
Effective URL:
https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
Submission: On November 07 via api (November 7th 2023, 9:37:45 am UTC) from US — Scanned from PT

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 104.21.89.68, located in and belongs to CLOUDFLARENET, US. The main domain is ctt-express.net.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.

This is the only time ctt-express.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 13	104.21.89.68 104.21.89.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.87.236.72 34.87.236.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
5	149.154.167.220 149.154.167.220	62041 (TELEGRAM) (TELEGRAM)
21	6

13 104.21.89.68 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ctt-express.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.87.236.72 (Sydney, Australia)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.236.87.34.bc.googleusercontent.com

dancinggorillas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 149.154.167.220 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ctt-express.net 4 redirects ctt-express.net	22 KB
5	telegram.org api.telegram.org — Cisco Umbrella Rank: 43213	2 KB
2	dancinggorillas.com dancinggorillas.com	10 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	358 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	47 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
21	6

	Domain	Requested by
13	ctt-express.net	4 redirects ctt-express.net
5	api.telegram.org	dancinggorillas.com
2	dancinggorillas.com	ctt-express.net dancinggorillas.com
2	cdnjs.cloudflare.com	ctt-express.net
2	cdn.jsdelivr.net	ctt-express.net
1	code.jquery.com	ctt-express.net
21	6

This site contains no links.

Subject Issuer	Validity	Valid
ctt-express.net GTS CA 1P5	`2023-11-07` - `2024-02-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
dancinggorillas.com R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
Frame ID: 1F4498F7DC9C0F94E285A69B3C215572
Requests: 17 HTTP requests in this frame

Frame: https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js
Frame ID: 5966946D5446869892E18C7FC0E910AE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Seguir objeto

Page URL History Show full URLs

http://ctt-express.net/ HTTP 301
https://ctt-express.net/ HTTP 302
https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

468 kB
Transfer

1583 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ctt-express.net/ HTTP 301
https://ctt-express.net/ HTTP 302
https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://ctt-express.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

Request Chain 15

https://ctt-express.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
ctt-express.net/CTTPOSDKSJSDHJH/
Redirect Chain

http://ctt-express.net/
https://ctt-express.net/
https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1

3 KB
1 KB

90ms
89ms

Document
text/html

104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 979fa9004d35481237fa8db606cbd66b6ef6d1c724882a4fdef9f2972cfc7cf2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82249954eab16669-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 09:37:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uegu6GS8Gpg1XrRluLNOdjx4ALr44utWkPIbsqCdBzUp9%2Fs4IHUTF7txvGgjAqdzYsxlxKteQDFvdRX64UC5pBYz49qiL1LKOfpkMSTsc5UTZDQ%2BcGgPD0%2FeFBxTOIk6nbw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82249953a8b06669-MAD
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 09:37:40 GMT
location: ./CTTPOSDKSJSDHJH/index.php?FGDD=1#HDHKJDJDSSJDSJKJDSJDSDJJDSHYKJHGFG
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixkWWgvyo3n%2FBBTbTzyPZs7sAllw9pa54OCakGMEg02EDamTstU7jolWJrxhY%2BqehJTHSEAPgEnrxDi%2BOltNNfHDkY9rZQgaM2j%2BZgsvWUNoYTCkXwtWKGOH3FyFwJVcV8A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
25 KB 153ms
60ms Stylesheet
text/css 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ctt-express.net
URL: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1835774
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220099-FRA, cache-yyz4553-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NENOTrWD%2BdHeVCw89cePoecmag45yGHoLwSO20DgihLoKTRqYTTBhTI%2FBUy3U6P9MnABCPQDP9GQZ0ha%2BSl5ZN9ZoAYLkci5hEPffsS8Q3UWZKoOGWlXZZgguYcnOeMTe88%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822499561b3a03be-LIS

GET
H2 200 helpers.css
ctt-express.net/CTTPOSDKSJSDHJH/X911/ 40 KB
4 KB 75ms
70ms Stylesheet
text/css 104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctt-express.net/CTTPOSDKSJSDHJH/X911/helpers.css
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599da0253caddca287bc3c378536ec5d924f78cde4e0960e2ca26951cc568f36

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4291
cf-polished: origSize=41899
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 05:56:18 GMT
server: cloudflare
etag: W/"a3ab-6093929bbb30f-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYpGasn8oPeRPTaa3HJ66np6D8zPmt2RE6znzmKIP4b35l8kWMfX7ezcW%2FcEvpeDX7GIZkwc5MhRKtYCR%2BVgioSZM8SiPCokCFl%2FebZM9Jc9gHSoQ%2B9jKNnnR3CdhQ3U%2BJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 822499559c016669-MAD

GET
H2 200 a.css
ctt-express.net/CTTPOSDKSJSDHJH/X911/ 275 B
512 B 65ms
61ms Stylesheet
text/css 104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctt-express.net/CTTPOSDKSJSDHJH/X911/a.css
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e5729febbbca18d2d8fefcf20a6b77e653d64e4fe47bfbd7a238565a5c430

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4291
cf-polished: origSize=385
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 05:56:17 GMT
server: cloudflare
etag: W/"181-6093929b08f72-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cySW0bYgGIaimGbglgt2LeW6BZloyAJGeEbbCEHKjFWuY8ffkFzDYtfvoMjGmEwwL3AN2AC2%2BU%2FCWFgwdQl2FjJGL4lK19ZdsTscw%2FutfQEPQzJYI60qRf%2BYrA3Abo0Y1ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 822499559c046669-MAD

GET
H2 200 logo.svg
ctt-express.net/CTTPOSDKSJSDHJH/X911/ 2 KB
1 KB 63ms
59ms Image
image/svg+xml 104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctt-express.net/CTTPOSDKSJSDHJH/X911/logo.svg
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ec4ea68ba0cc7cb0f26d847e96bccc2676724650e72b25c3874a0c40cf6b53

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 05:56:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4291
etag: W/"9a7-6093929c1c1df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etZC15BJTuNgGFkZOASbI9X8FCFLrOq%2FPQxfZhULwkopnBLZt76MhIhqk%2FZnNJ8J0tQUzw8W1q7BppGhWxQur%2BaQWmZx%2BvhEmwjLTG%2BRIQ7nTDR8k0XTH0zSwo3dgcOR%2FwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 822499559c086669-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 55ms
53ms Script
application/javascript 104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ctt-express.net
URL: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/CTTPOSDKSJSDHJH/index.php?FGDD=1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653bc982-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifnoxP0a8DNsyPBK5g4Wzqzp9DxUNg0yXRMpuPCz9LddG%2BZm3nxXkaRdZGiOCpLFFcMi0JojO5CDdpIKU4CNyQ8qWV12zHVtCUtUmo8mt0Vv%2BUGn3wRS8j9IUpDBhfY4pLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 822499559c096669-MAD
expires: Thu, 09 Nov 2023 09:37:40 GMT

GET
H2 200 jquery.payment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ 8 KB
3 KB 339ms
249ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js

Requested by

Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2170088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2420
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-210b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ9x%2B9YiXhR4envGyyZ%2FFEinGHD3LtZgNbuoFjLJuwLjm1Dq7pYb9I1TkhLAy2O%2FrH436yfZc7Pd0pKgKLZ1y4lfuZEsRbuqAOG3rbvUb4WqgCY%2B0IfODZX4sBtE1YyuMAZzMSqn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822499579b9694ee-LIS
expires: Sun, 27 Oct 2024 09:37:41 GMT

GET
H/1.1 200
OK stylee.js Show response
dancinggorillas.com/style/ 5 KB
5 KB 1022ms
326ms Script
application/javascript 34.87.236.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dancinggorillas.com/style/stylee.js
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.236.72 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.236.87.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9cb8d14a969f4a6cf8813f895480becc6b802df39c3cdf3be80338fb7d6dfee5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 07 Nov 2023 09:37:41 GMT
Last-Modified: Sun, 05 Nov 2023 17:55:37 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4988

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 1 MB
355 KB 140ms
50ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js

Requested by

Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1838878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 362308
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-123bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQIVcfzm5QD3EkdqEHPfCzQSiQhY9gd%2FEAfK9fsLRycxvmQvbS6n8mM329bcQIo95ZF0HssSZe%2Fl7kNrfx5DqWesPTtyEpYU%2BQ9w424px%2FgqN91myk0lVFJ9Nt1KniJ0gN7D1X8Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822499579b9994ee-LIS
expires: Sun, 27 Oct 2024 09:37:41 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
22 KB 53ms
52ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1923478
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4EEHQQaoC809JzzZ8VoqTleZTXNGMcCgvYkRan%2FR1quWzIn8bdGTHe3NPWLquw2KzS%2B1908BnCIB7vmeQbYV003dD1QtYN9gVHSsL%2FP79bowmXRdAAJ95j59qEbGu09hZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822499570bba03be-LIS

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 131ms
42ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 895173
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-lis1490022-LIS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699349861.057761,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10, 126311

GET
H3

200

main.js Show response
ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/ Frame 5966
Redirect Chain

https://ctt-express.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

7 KB
4 KB

57ms
56ms

Script
application/javascript

104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

Protocol

Server

104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40effb7685e3ba51f77be2d300458a2780e1dd7dcb66088c28737388bc1a5d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DHfS1AA%2BiXtzckQO5RanQonYz03ChXQdV7O2bWUppUDRNNrsaXf43CbPudXJcbFct87GwxHgrv6MUH2uO4LYUljouRqXR%2BW3kgGVvqeE5a3JZmxX2%2BVyMOfqe2bCnUKYx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 822499578d66215f-MAD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 07 Nov 2023 09:37:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSXLlGcynRUsgnjycpatCoK4wA2gaMaUpPBX0iY4ZGTIq%2BPUTGDnAOYYC5or5rr9CiFG3pch7MEsAGbn3guk8AefeqHm%2Fw3dOjMlzRbx1pKIL16%2BSxBPj25XVTZJkP%2Bg6o8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js
cache-control: max-age=300, public
cf-ray: 822499572cd1215f-MAD
alt-svc: h3=":443"; ma=86400

POST
H3 200 82249954eab16669 Show response
ctt-express.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5966 0
544 B 79ms
77ms XHR
text/plain 104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctt-express.net/cdn-cgi/challenge-platform/h/b/jsd/r/82249954eab16669
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 09:37:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w3a0o7N%2BgLT8Cy0FjQNdB3%2FpbT7D9xtZicdB3UdpJufBWIRuN9COATKK1mkmQ0qee56qbOsx7P43zo5bexOz1ZlTIdaxWbb7Wp6Xb82LCT0Ryh9JwCw6Pep%2B7Xfz6qnaA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 822499587f91215f-MAD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 10.js Show response
dancinggorillas.com/style/ 5 KB
5 KB 328ms
328ms Script
application/javascript 34.87.236.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dancinggorillas.com/style/10.js
Requested by: Host: dancinggorillas.com
URL: https://dancinggorillas.com/style/stylee.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.87.236.72 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.236.87.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bef9861ee09b26b42e8e2f138709ca1c972fef3369efb5c83dac07156ad9a0ac

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 07 Nov 2023 09:37:42 GMT
Last-Modified: Sun, 05 Nov 2023 17:56:41 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5026

GET
H2 401 sendMessage Show response
api.telegram.org/bot69272958987:AAFFDSiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/ 58 B
268 B 243ms
81ms XHR
application/json 149.154.167.220
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot69272958987:AAFFDSiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/sendMessage?chat_id=-40519456006&text=http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php

Requested by

Host: dancinggorillas.com
URL: https://dancinggorillas.com/style/stylee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.220 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 09:37:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
server: nginx/1.18.0
content-length: 58
content-type: application/json

GET
H2 401 sendMessage Show response
api.telegram.org/bot608367094314:AAGSbz4P642cuuaj_d54rlDQEtxWui_xUOgw/ 58 B
269 B 239ms
77ms XHR
application/json 149.154.167.220
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot608367094314:AAGSbz4P642cuuaj_d54rlDQEtxWui_xUOgw/sendMessage?chat_id=63308924057&text=New_Link%3A%20http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php%2FX911%2Fstyle.php

Requested by

Host: dancinggorillas.com
URL: https://dancinggorillas.com/style/stylee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.220 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 09:37:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
server: nginx/1.18.0
content-length: 58
content-type: application/json

GET
H3

200

main.js Show response
ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/ Frame 5966
Redirect Chain

https://ctt-express.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

7 KB
4 KB

58ms
58ms

Script
application/javascript

104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ctt-express.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js

Protocol

Server

104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f975d3c685d57cbcbb6175b0f87631aa7f5f5b24176a32266ca703089ba5095

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6E%2FFR6m4Xl6W0TWL%2BDkiXztV6Bf932F5YQA7McN5XtS9l%2F7QWjZDlCJ0a8LEmrhy9eN3j4yvhYHEgijVygWaK4fUX4BMo2V%2F5KcazbbmO8nY45PsF8rGC3LGMu57kybydp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8224995ddaba215f-MAD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 07 Nov 2023 09:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYCSZ6N5SF2yK%2FqUxK5lvpvQH8hk76Mo4IAijrGdoczjsB1o0eUx0s6trt%2BtjGugdhrIqBpMHb4b6nvvXRFkBruI1x%2FiQcO6bPS1BJ8FtjpzoyNuX70Btpi5893aWQA3TyQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/61b90d1d/main.js
cache-control: max-age=300, public
cf-ray: 8224995d7a16215f-MAD
alt-svc: h3=":443"; ma=86400

POST
H3 200 82249954eab16669 Show response
ctt-express.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5966 0
545 B 76ms
73ms XHR
text/plain 104.21.89.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ctt-express.net/cdn-cgi/challenge-platform/h/b/jsd/r/82249954eab16669
Requested by: Host: ctt-express.net
URL: https://ctt-express.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.89.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 09:37:42 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5twNV2OcgUVTr%2F1q6lEyCjCohRNEi1FC8R7H54k7qlcuHMA7aCBH%2FKkXXLHd1x3cZCsMXShcrTgREgL1qR6siZuSw%2FfjqfF0YBi47juRdyVbm0eE1F8O6iUra6Y0okB1J1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8224995efd1e215f-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 sendMessage Show response
api.telegram.org/bot6927298987:AAFiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/ 353 B
599 B 132ms
132ms XHR
application/json 149.154.167.220
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot6927298987:AAFiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/sendMessage?chat_id=-4051956006&text=http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php

Requested by

Host: dancinggorillas.com
URL: https://dancinggorillas.com/style/10.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.220 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

68d694c4617fab322f8f30a457c56e55695a2f1ff0e6df7ac3646e0def1ba697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 07 Nov 2023 09:37:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
content-length: 353

GET
H2 401 sendMessage Show response
api.telegram.org/bot69272958987:AAFFDSiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/ 58 B
268 B 79ms
79ms XHR
application/json 149.154.167.220
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot69272958987:AAFFDSiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/sendMessage?chat_id=-40519456006&text=http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php

Requested by

Host: dancinggorillas.com
URL: https://dancinggorillas.com/style/10.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.220 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 09:37:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
server: nginx/1.18.0
content-length: 58
content-type: application/json

GET
H2 401 sendMessage Show response
api.telegram.org/bot608367094314:AAGSbz4P642cuuaj_d54rlDQEtxWui_xUOgw/ 58 B
268 B 78ms
78ms XHR
application/json 149.154.167.220
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dancinggorillas.com
URL: https://dancinggorillas.com/style/10.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.167.220 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ctt-express.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 09:37:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
server: nginx/1.18.0
content-length: 58
content-type: application/json

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ctt-express.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: ai0oot1egpcnlvh84cc4jejlt1
			.ctt-express.net/	1970-01-21 00:48:05	Name: cf_clearance Value: PeOtHKYDTmuIO0piEb2JqPBVCljfyzvo5B.8zhm_i.8-1699349862-0-1-52844d04.1c318f5f.35315f5c-0.2.1699349862

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.telegram.org/bot608367094314:AAGSbz4P642cuuaj_d54rlDQEtxWui_xUOgw/sendMessage?chat_id=63308924057&text=New_Link%3A%20http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php%2FX911%2Fstyle.php Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.telegram.org/bot69272958987:AAFFDSiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/sendMessage?chat_id=-40519456006&text=http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.telegram.org/bot608367094314:AAGSbz4P642cuuaj_d54rlDQEtxWui_xUOgw/sendMessage?chat_id=63308924057&text=New_Link%3A%20http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php%2FX911%2Fstyle.php Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.telegram.org/bot69272958987:AAFFDSiV1sre7Hfr4o84UfSX2g3XwVHFbZPfzU/sendMessage?chat_id=-40519456006&text=http%3A%2F%2Fctt-express.net%2FCTTPOSDKSJSDHJH%2Findex.php Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
ctt-express.net
dancinggorillas.com
104.16.85.20
104.17.24.14
104.21.89.68
149.154.167.220
151.101.2.137
34.87.236.72
029e5729febbbca18d2d8fefcf20a6b77e653d64e4fe47bfbd7a238565a5c430
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
40effb7685e3ba51f77be2d300458a2780e1dd7dcb66088c28737388bc1a5d92
599da0253caddca287bc3c378536ec5d924f78cde4e0960e2ca26951cc568f36
5b8cd38cfdf83e8d0a46af7c34ecb2962621aa69f6eb8458e7c86ac7a66a2948
5f975d3c685d57cbcbb6175b0f87631aa7f5f5b24176a32266ca703089ba5095
67ec4ea68ba0cc7cb0f26d847e96bccc2676724650e72b25c3874a0c40cf6b53
68d694c4617fab322f8f30a457c56e55695a2f1ff0e6df7ac3646e0def1ba697
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
979fa9004d35481237fa8db606cbd66b6ef6d1c724882a4fdef9f2972cfc7cf2
9cb8d14a969f4a6cf8813f895480becc6b802df39c3cdf3be80338fb7d6dfee5
bef9861ee09b26b42e8e2f138709ca1c972fef3369efb5c83dac07156ad9a0ac
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

ctt-express.net Open in urlscan Pro 104.21.89.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

6 IPs

4 Countries

468 kBTransfer

1583 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

2 Cookies

4 Console Messages

Indicators

ctt-express.net Open in urlscan Pro
104.21.89.68 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

468 kB
Transfer

1583 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions