urlscan.io logo urlscan.io
SecurityTrails logo

www.pandalive.co.kr Open in urlscan Pro
222.239.176.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reurl.cc/xL71Ke
Effective URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Submission: On January 15 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 7 domains to perform 26 HTTP transactions. The main IP is 222.239.176.240, located in Korea, Republic Of and belongs to BROADBANDIDC-AS-KR BROADBANDIDC, KR. The main domain is www.pandalive.co.kr.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 4th 2023. Valid for: a year.
This is the only time www.pandalive.co.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
4 34.149.98.30 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 34.102.218.41 396982 (GOOGLE-CL...)
1 34.107.150.21 396982 (GOOGLE-CL...)
2 34.96.83.10 396982 (GOOGLE-CL...)
1 1 222.239.176.253 45370 (BROADBAND...)
1 3 222.239.176.240 45370 (BROADBAND...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2600:1901:0:f... 396982 (GOOGLE-CL...)
8 2600:9000:223... 16509 (AMAZON-02)
26 12
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
4    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com
ecs.tagtoo.co
1    34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com
uec.tagtoo.co
2    34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com
event.tagtoo.co
1    222.239.176.253 (Korea, Republic Of)

ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR)
intro.pandalive.co.kr
3    222.239.176.240 (Korea, Republic Of)

ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR)
www.pandalive.co.kr
api.pandalive.co.kr
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:1901:0:ff9d:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
ttd-cm.tagtoo.com.tw
8    2600:9000:223c:4200:1e:c991:9380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pandalive.co.kr
Apex Domain
Subdomains		 Transfer
12 pandalive.co.kr
intro.pandalive.co.kr
www.pandalive.co.kr
cdn.pandalive.co.kr
api.pandalive.co.kr Failed
923 KB
5 tagtoo.co
ecs.tagtoo.co — Cisco Umbrella Rank: 102311
uec.tagtoo.co — Cisco Umbrella Rank: 110126
event.tagtoo.co — Cisco Umbrella Rank: 99290
26 KB
5 reurl.cc
reurl.cc — Cisco Umbrella Rank: 113735
storage.reurl.cc — Cisco Umbrella Rank: 413422
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
91 KB
1 tagtoo.com.tw
ttd-cm.tagtoo.com.tw — Cisco Umbrella Rank: 142707
161 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
26 7
Domain Requested by
8 cdn.pandalive.co.kr www.pandalive.co.kr
cdn.pandalive.co.kr
4 storage.reurl.cc reurl.cc
2 www.pandalive.co.kr 1 redirects storage.reurl.cc
2 event.tagtoo.co uec.tagtoo.co
2 ecs.tagtoo.co storage.reurl.cc
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
1 api.pandalive.co.kr cdn.pandalive.co.kr
1 ttd-cm.tagtoo.com.tw uec.tagtoo.co
1 www.facebook.com
1 intro.pandalive.co.kr 1 redirects
1 uec.tagtoo.co storage.reurl.cc
1 www.google-analytics.com storage.reurl.cc
1 reurl.cc
26 13

This site contains no links.

Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-01-22		 3 months crt.sh
ecs.tagtoo.co
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
uec.tagtoo.co
GTS CA 1D4		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.tagtoo.co
Go Daddy Secure Certificate Authority - G2		 2023-04-14 -
2024-05-15		 a year crt.sh
*.pandalive.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2023-10-04 -
2024-11-02		 a year crt.sh
*.tagtoo.com.tw
Go Daddy Secure Certificate Authority - G2		 2023-04-14 -
2024-05-15		 a year crt.sh
cdn.pandalive.co.kr
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Frame ID: 2C34CDB620DE7EC5866040069B5B5658
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://reurl.cc/xL71Ke Page URL
  2. http://intro.pandalive.co.kr/?pac=2642433afae783704771883ecd6a0659 HTTP 302
    http://www.pandalive.co.kr/evt/yorans&5&ltn HTTP 302
    https://www.pandalive.co.kr/evt/yorans%265%26ltn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

26
Requests

96 %
HTTPS

42 %
IPv6

7
Domains

13
Subdomains

12
IPs

4
Countries

1063 kB
Transfer

3454 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/xL71Ke Page URL
  2. http://intro.pandalive.co.kr/?pac=2642433afae783704771883ecd6a0659 HTTP 302
    http://www.pandalive.co.kr/evt/yorans&5&ltn HTTP 302
    https://www.pandalive.co.kr/evt/yorans%265%26ltn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xL71Ke
reurl.cc/ 		851 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/xL71Ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bbb4fb5401a36ffc08c0a120006ba5a64c8a29cdb531920654cc4c04b9580d88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 12:56:55 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
http://intro.pandalive.co.kr/?pac=2642433afae783704771883ecd6a0659
vary
Accept-Encoding Origin
x-request-id
b1fccdf9-4b2a-4b3f-9727-a527d9a9e604
ga2.js
storage.reurl.cc/javascripts/ 		536 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xL71Ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:09:25 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
20851
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
0e2b4045-afb6-40ab-8651-37c076952f1e
pixel.js
storage.reurl.cc/javascripts/ 		429 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xL71Ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 06:24:48 GMT
content-encoding
gzip
via
1.1 google
age
23528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-request-id
d0b834ac-a53e-4b3d-bf7f-3a32b54d4360
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
redirect.js
storage.reurl.cc/javascripts/ 		112 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/redirect.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/xL71Ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:50:29 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
387
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-request-id
f91e1500-976b-4922-adc0-41be8b676ab4
tagtoo.js
storage.reurl.cc/javascripts/ 		615 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Requested by
Host: reurl.cc
URL: https://reurl.cc/xL71Ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a1c2d36d3bc7059c195714b9b3c4fa4361cf97d7b015a06d6cf572798df786b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 05:07:08 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Dec 2023 13:17:58 GMT
age
28188
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
615
x-request-id
a7860ae2-b0e8-4faf-bd74-1925d036bd27
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 Jan 2024 11:48:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4123
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 15 Jan 2024 13:48:13 GMT
fbevents.js
connect.facebook.net/en_US/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Jan 2024 12:56:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
eN/SBV2JGtpda4CafJhH9I8P0CC0F3dBG6joE0y+D4w/Byrr5s77O6j6fUlrMIiSDPvDEXZpxiFR0SeYDfPHtQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
unitrack.js
ecs.tagtoo.co/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/unitrack.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:40:06 GMT
content-encoding
gzip
age
1010
x-guploader-uploadid
ABPtcPrpQfOQltx5f7f7YG0MzBHajBlUbHetHSJrWeO-GTJdHRRuvf1x5Feg5lok3QBBEAtCzA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8725
last-modified
Wed, 17 May 2023 07:38:52 GMT
server
UploadServer
etag
"ccd513edbe3eb66c17d73c94d6462526"
vary
Accept-Encoding
x-goog-generation
1684309132134575
x-goog-hash
crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public,max-age=5400
x-goog-stored-content-length
8725
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Mon, 15 Jan 2024 14:10:06 GMT
fp.min.js
ecs.tagtoo.co/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/fp.min.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:52:36 GMT
content-encoding
gzip
age
260
x-guploader-uploadid
ABPtcPrY0ZlIDGeLk0OkoqJ3X9VoQk2JAOCOHNOC8mawruVR2174Grpb2LJkEmFS9d7M5c1vVMOYZwDYe5HaKH0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12950
last-modified
Thu, 16 Sep 2021 09:25:47 GMT
server
UploadServer
etag
"5d9159073c44e4858b07d4445a1adceb"
vary
Accept-Encoding
x-goog-generation
1631784347603860
x-goog-hash
crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=300
x-goog-stored-content-length
12950
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Mon, 15 Jan 2024 12:57:36 GMT
tuec.js
uec.tagtoo.co/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uec.tagtoo.co/tuec.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/tagtoo.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.150.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:01:37 GMT
content-encoding
gzip
age
3319
x-guploader-uploadid
ABPtcPoMSBb7WeE4Qm7LpEm26eDeYbT6TdhyKQxRqq4uI87mLteYqDpWO0cLQLg2DxGPGVBHvgVK82q9qg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3770
last-modified
Tue, 12 Dec 2023 09:08:46 GMT
server
UploadServer
etag
"2fa133db50cd81d87b8ffb8729a6ab35"
vary
Accept-Encoding
x-goog-generation
1702372126688115
x-goog-hash
crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
3770
accept-ranges
bytes
1675200226052423
connect.facebook.net/signals/config/ 		129 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.140&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
813e7559215c82a9e8ede42368c323d02905154e4d75d4d6dadaa6c8c9eed774
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Jan 2024 12:56:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34360
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
bQlBuN+GACF3WEZspaTRDgfsgywj2rXE4DpvtvKLaQVYESIwm+0EWeb9Agm3X6T7RhFXDIcRePn2deak+P772Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
permanent
event.tagtoo.co/ 		48 B
113 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=4ea47adb469605fbd3a0aed7042b912b
Requested by
Host: uec.tagtoo.co
URL: https://uec.tagtoo.co/tuec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

Referer
https://reurl.cc/xL71Ke
X-TOKEN
4947f23b246ec00bfe183b09cb702d9e3593dddb6fcd42c2718236a4919a
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 15 Jan 2024 12:56:56 GMT
via
1.1 google
server
uvicorn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
content-type
application/json
permanent
event.tagtoo.co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=4ea47adb469605fbd3a0aed7042b912b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-token
Access-Control-Request-Method
GET
Origin
https://reurl.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 15 Jan 2024 12:56:56 GMT
server
uvicorn
via
1.1 google
Primary Request yorans%265%26ltn
www.pandalive.co.kr/evt/
Redirect Chain
  • http://intro.pandalive.co.kr/?pac=2642433afae783704771883ecd6a0659
  • http://www.pandalive.co.kr/evt/yorans&5&ltn
  • https://www.pandalive.co.kr/evt/yorans%265%26ltn
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pandalive.co.kr/evt/yorans%265%26ltn
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
222.239.176.240 , Korea, Republic Of, ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR),
Reverse DNS
Software
nginx /
Resource Hash
0429579c5d88ba09ce2b1cdac975d0e7e6cffe745a98ad61fffa825564f862f3

Request headers

Referer
https://reurl.cc/xL71Ke
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 12:56:58 GMT
etag
"2222-siuf6a6ycpTZf0t5nMfeU/6FiNg"
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Date
Mon, 15 Jan 2024 12:56:57 GMT
Location
https://www.pandalive.co.kr/evt/yorans%265%26ltn
Server
nginx
Transfer-Encoding
chunked
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1705323416746&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4124&fbp=fb.1.1705323416547.453088757&cs_est=true&pm=1&hrl=9bc336&ler=empty&it=1705323416482&coo=false&cs_cc=1&cs_cc=1&cdl=&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Jan 2024 12:56:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
ttd-cm.tagtoo.com.tw/prn/uidm/ 		21 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=0438a9ecf9b9a6ad8153276d4cf0d8ca&pid=1009&puid=test_user_id&link=http%3A%2F%2Fintro.pandalive.co.kr%2F%3Fpac%3D2642433afae783704771883ecd6a0659
Requested by
Host: uec.tagtoo.co
URL: https://uec.tagtoo.co/tuec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:ff9d:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
gunicorn/19.9.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/xL71Ke
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 12:56:57 GMT
via
1.1 google
server
gunicorn/19.9.0
vary
Origin
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
1b00e12.js
cdn.pandalive.co.kr/_nuxt/wm/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/1b00e12.js
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55113736c0938d489e20a902b6bd5211f67efce00caa88e4c67a1805b52fa205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 01:42:04 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
40495
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Jan 2024 01:39:06 GMT
server
AmazonS3
etag
W/"b3916c38c73fc25c5289eacaa798c3f3"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-amz-cf-id
WnLl89k4eu3jFgMEZCUCRJSRWKz95S69WXoZyT8mIO-skGQdS-THdg==
bedd08f.js
cdn.pandalive.co.kr/_nuxt/wm/ 		324 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/bedd08f.js
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
507c12c217564e2c8bc82c3d18062810183b0ae1d51510062d746580764fc845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 03:28:13 GMT
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
34161
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Jan 2024 00:22:48 GMT
server
AmazonS3
etag
W/"2c0bf32bbb7bd550e158543c2b14914a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-amz-cf-id
aHhZWJg9Egi2b-EBeSwyhFD9LRRXzGOyjol1z3oNbaO_-4JC4bFM4w==
55b20bd.css
cdn.pandalive.co.kr/_nuxt/wm/css/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/css/55b20bd.css
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0183223e510222181bbc6444c33c70f77a76369b460b5b1345d6186f2a725357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:31:39 GMT
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
19668
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 Nov 2023 07:08:30 GMT
server
AmazonS3
etag
W/"c14e0fbcc162a9bfffbf7ac2b176231e"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-amz-cf-id
lqbc8iC16MJTwmaAsRWCxXZ-gkS_evRZTQ1uhk4uZf-9ttZNtoVf6A==
cb9fe52.js
cdn.pandalive.co.kr/_nuxt/wm/ 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/cb9fe52.js
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cd6e13335f7ffc7a4f8da0dba479980664181a70bfd758c6a9bf2a68e37c05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 02:52:31 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
36407
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Jan 2024 00:22:49 GMT
server
AmazonS3
etag
W/"273d4252496089b0a54e92f38ac57ead"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Uka9S6XT7FZKWYFdMDWhUI2VMepc72KAP0B6NMdcgeEbjLpZxClILQ==
228af85.css
cdn.pandalive.co.kr/_nuxt/wm/css/ 		439 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/css/228af85.css
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e6546db0c1a95d357ccb533d393ff33b16c0b47fe6d1fd009306c53c3891870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 08:31:49 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
15910
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Jan 2024 08:27:48 GMT
server
AmazonS3
etag
W/"a6f7e04d864182a027ed7c741040a342"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-amz-cf-id
8IlnyiblqtEs48JgbasBZNeF1gy9TocmU2hIlWAcM7BwS10BJ6G8DA==
33d5a7b.js
cdn.pandalive.co.kr/_nuxt/wm/ 		707 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/33d5a7b.js
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a71b61586e0d2c6405781890c6a8e4506308a994a12b0f936d8e2b00f6aa104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 01:42:04 GMT
content-encoding
br
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
40496
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Jan 2024 01:39:06 GMT
server
AmazonS3
etag
W/"a0659976aaf1eb745ba1199574f98352"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-amz-cf-id
axYd_TaT57HX-modYxPUho9RzbnuHUH4rGOB-uN8RQtJrQdAG4Ow4g==
c2bf1eb.js
cdn.pandalive.co.kr/_nuxt/wm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/c2bf1eb.js
Requested by
Host: www.pandalive.co.kr
URL: https://www.pandalive.co.kr/evt/yorans%265%26ltn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
626a4b7de5173ee39f9fec54e05f9d95199cf66884c809a70e0202414bce6068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pandalive.co.kr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 08:26:35 GMT
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
16410
x-amz-server-side-encryption
AES256
x-amz-meta-compress-types
gzip,brotli
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Jan 2024 05:20:57 GMT
server
AmazonS3
etag
W/"90f2f2560871103d9e4ad208107eab7d"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-amz-cf-id
HIDEnklhOHLzUly6WwgxX9iN_R_KUkrjyQHpQe5iVKdnsXBtoU_MEg==
event
api.pandalive.co.kr/v1/intro/ 		0
0
event
api.pandalive.co.kr/v1/intro/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.pandalive.co.kr/v1/intro/event
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
222.239.176.240 , Korea, Republic Of, ASN45370 (BROADBANDIDC-AS-KR BROADBANDIDC, KR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-info
Access-Control-Request-Method
POST
Origin
https://www.pandalive.co.kr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Device-Info
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.pandalive.co.kr
access-control-expose-headers
Content-Length,Content-Range
access-control-max-age
86400
content-length
0
date
Mon, 15 Jan 2024 12:57:00 GMT
server
nginx
noto-sans-kr-v27-latin_korean-regular.7e374ff.woff2
cdn.pandalive.co.kr/_nuxt/wm/fonts/ 		238 KB
238 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.pandalive.co.kr/_nuxt/wm/fonts/noto-sans-kr-v27-latin_korean-regular.7e374ff.woff2
Requested by
Host: cdn.pandalive.co.kr
URL: https://cdn.pandalive.co.kr/_nuxt/wm/css/228af85.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:4200:1e:c991:9380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4d1e008ce109de6a97294db444ccdd382b7b80d0624f4b78e48a822e3922fe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.pandalive.co.kr/_nuxt/wm/css/228af85.css
Origin
https://www.pandalive.co.kr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 06:24:03 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P2
age
24000
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
243820
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 29 Jun 2022 08:47:08 GMT
server
AmazonS3
etag
"dbf45b6cd3e78a77a1a725ebab40adc1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
ueGuN44FcfupnnlT2VLHIS88K324RyQyubY1G7VdKo8b84f1R3gosw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.pandalive.co.kr
URL
https://api.pandalive.co.kr/v1/intro/event

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| _ object| $nuxt

4 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1705323416547.453088757
.pandalive.co.kr/ Name: sessKey
Value: d66000ab485689fd5ef77181fe9dbb7ff55fc4ca5399085893704ff32e0192a4
.pandalive.co.kr/ Name: 3be3f8e358abbf54cec643229de77fc9e4f3f0bbc9b171580d45d13aaa374c16
Value: x9a5Sb6hDfezNYlgbQJb3EE%2BOoFj1psxrNUe5EbGq4n5k9PVoaPlggsM0HUc5LUn69PJVJtYV5dTDfPiFuEYYp3wZ%2FlQY9NQwiLG7MgkxdDT2vFQzVgDOue9FQ50Hy%2BpIR6L1LWSvsptUZpZpz8u%2BMoxH9gE8mNniD2vmqqEs2QrW1nAYzJG0AZmJ2UhVGRN
reurl.cc/ Name: _tg_GEN
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pandalive.co.kr
cdn.pandalive.co.kr
connect.facebook.net
ecs.tagtoo.co
event.tagtoo.co
intro.pandalive.co.kr
reurl.cc
storage.reurl.cc
ttd-cm.tagtoo.com.tw
uec.tagtoo.co
www.facebook.com
www.google-analytics.com
www.pandalive.co.kr
api.pandalive.co.kr
222.239.176.240
222.239.176.253
2600:1901:0:ff9d::
2600:9000:223c:4200:1e:c991:9380:93a1
2a00:1450:4001:82b::200e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.102.218.41
34.107.150.21
34.149.98.30
34.96.83.10
35.185.130.121
0183223e510222181bbc6444c33c70f77a76369b460b5b1345d6186f2a725357
0429579c5d88ba09ce2b1cdac975d0e7e6cffe745a98ad61fffa825564f862f3
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0e6546db0c1a95d357ccb533d393ff33b16c0b47fe6d1fd009306c53c3891870
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
507c12c217564e2c8bc82c3d18062810183b0ae1d51510062d746580764fc845
55113736c0938d489e20a902b6bd5211f67efce00caa88e4c67a1805b52fa205
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
626a4b7de5173ee39f9fec54e05f9d95199cf66884c809a70e0202414bce6068
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
7a71b61586e0d2c6405781890c6a8e4506308a994a12b0f936d8e2b00f6aa104
813e7559215c82a9e8ede42368c323d02905154e4d75d4d6dadaa6c8c9eed774
8cd6e13335f7ffc7a4f8da0dba479980664181a70bfd758c6a9bf2a68e37c05c
a1c2d36d3bc7059c195714b9b3c4fa4361cf97d7b015a06d6cf572798df786b8
bbb4fb5401a36ffc08c0a120006ba5a64c8a29cdb531920654cc4c04b9580d88
c4d1e008ce109de6a97294db444ccdd382b7b80d0624f4b78e48a822e3922fe8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd