pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev Open in urlscan Pro
104.18.2.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sharedifiles.page.link/Tbeh
Effective URL:
https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk
Submission: On March 25 via manual (March 25th 2024, 11:59:00 pm UTC) from SG — Scanned from SG

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 104.18.2.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.125.68.132 74.125.68.132	15169 (GOOGLE) (GOOGLE)
1 1	190.8.176.62 190.8.176.62	52335 (Colombia ...) (Colombia Hosting)
1	104.18.2.35 104.18.2.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.18.3.35 104.18.3.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	3

1 74.125.68.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net

sharedifiles.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.8.176.62 (Colombia) 1 redirects

ASN52335 (Colombia Hosting, CO)
PTR: ruth.colombiahosting.com.co

www.tatagua.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.3.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	r2.dev pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev Failed	10 MB
1	tatagua.org 1 redirects www.tatagua.org	454 B
1	page.link 1 redirects sharedifiles.page.link	1 KB
0	Failed function sub() { [native code] }. Failed
19	4

	Domain	Requested by
14	pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev	pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev
1	pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev
1	www.tatagua.org	1 redirects
1	sharedifiles.page.link	1 redirects
0	pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev Failed
0	invalid Failed	pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev
19	6

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk
Frame ID: EECDC5531CDCC5A3D1009A102327A8D3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LinkedIn - Download files

Page URL History Show full URLs

https://sharedifiles.page.link/Tbeh HTTP 302
https://www.tatagua.org/lok/ HTTP 302
https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRT... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

79 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

3
IPs

3
Countries

10016 kB
Transfer

10012 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sharedifiles.page.link/Tbeh HTTP 302
https://www.tatagua.org/lok/ HTTP 302
https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request viewer.html Show response pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ Redirect Chain https://sharedifiles.page.link/Tbeh https://www.tatagua.org/lok/ https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk	8 KB 8 KB	1469ms 1113ms	Document text/html	104.18.2.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce9a5ed223d813c048d9d945065f3d73afb3d652ba30413d3be68ed9be16b3af` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language zh-SG,zh;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes CF-RAY 86a2d9ed292146f7-SIN Connection keep-alive Content-Length 7761 Content-Type text/html Date Mon, 25 Mar 2024 23:58:51 GMT ETag "b263147437befe5498c4193e6c07cc24" Last-Modified Tue, 12 Mar 2024 15:08:28 GMT Server cloudflare Vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 0 content-type text/html; charset=utf-8 date Mon, 25 Mar 2024 23:58:49 GMT location https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk server nginx
GET H/1.1	200 OK	bootstrap.min.css pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	152 KB 152 KB	1770ms 1425ms	Stylesheet text/css	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/bootstrap.min.css Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:52 GMT Last-Modified Mon, 23 Oct 2023 16:36:43 GMT Server cloudflare ETag "a15c2ac3234aa8f6064ef9c1f7383c37" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9f65d6081b4-SIN Content-Length 155758
GET H/1.1	200 OK	offcanvas.css pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	2 KB 2 KB	1138ms 793ms	Stylesheet text/css	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/offcanvas.css Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6299ee9fa99ad18089d16a296170e919062f676c2719ad9efc7cc4599ddd4726` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:52 GMT Last-Modified Mon, 23 Oct 2023 16:31:58 GMT Server cloudflare ETag "d3da2231e75aafc7cb1aa876294cf613" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9f65f8440b8-SIN Content-Length 2031
GET		/ invalid/	0 0

GET H/1.1	200 OK	white-onedrive.svg pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	96 KB 96 KB	2058ms 1501ms	Image image/svg+xml	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/white-onedrive.svg Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e496bf3769e7bda12ce6f10e04ee924ec2a0ff319cc9d290da378accf73b0b38` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:55 GMT Last-Modified Mon, 23 Oct 2023 16:32:00 GMT Server cloudflare ETag "6a87bd6e06c3d4cacc7b454da71c33d5" Vary Accept-Encoding Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da031b748211-SIN Content-Length 98089
GET H/1.1	200 OK	word-icon.png pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	19 KB 19 KB	2186ms 670ms	Image image/png	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/word-icon.png Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2f0d3c21be1a061320c393d23960a3761dd8a4b48f56a81e2486ac8dc5f12a5` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:55 GMT Last-Modified Mon, 23 Oct 2023 16:32:00 GMT Server cloudflare ETag "8a70ceac90c011f292722ef72a8b06d3" Vary Accept-Encoding Content-Type image/png Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da091f4981b4-SIN Content-Length 19279
GET H/1.1	200 OK	ppt-icon.png pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	9 KB 9 KB	1519ms 635ms	Image image/png	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/ppt-icon.png Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b876ae3b812b675c5acfdc89163eb1a1c7ec47f642f1eac7fc2b5b8b7c3edc76` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:54 GMT Last-Modified Mon, 23 Oct 2023 16:31:59 GMT Server cloudflare ETag "48fe67a74afcf39e6abe1dcdfa125827" Vary Accept-Encoding Content-Type image/png Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da051ffb40b8-SIN Content-Length 8752
GET H/1.1	200 OK	pdf-icon.png pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	21 KB 21 KB	1636ms 641ms	Image image/png	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/pdf-icon.png Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `782cf4e0cf954d886522df6bf331de93979f7e4136bd7a6df5baa9a1af5478db` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:54 GMT Last-Modified Mon, 23 Oct 2023 16:31:58 GMT Server cloudflare ETag "f80227f91ec4a88d38cef59173c6824a" Vary Accept-Encoding Content-Type image/png Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da05cbac40f5-SIN Content-Length 21431
GET H/1.1	200 OK	lpa001.gif pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	3 MB 3 MB	1138ms 784ms	Image image/gif	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/lpa001.gif Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9a2652b5e9c79f0629ddac6efc382357a9c2f6166a4bd38b60f8418a1a8dd2c9` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:52 GMT Last-Modified Mon, 23 Oct 2023 16:32:06 GMT Server cloudflare ETag "0e90bacde79d574be6c137c0675e3923" Vary Accept-Encoding Content-Type image/gif Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9f66b9344a3-SIN Content-Length 3232562
GET H/1.1	200 OK	lpa003.gif pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	6 MB 6 MB	1767ms 1422ms	Image image/gif	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/lpa003.gif Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc9c216f00e06276166d55dc5615c7e06a2c2f26c121d6ea0e37281d37357943` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:52 GMT Last-Modified Mon, 23 Oct 2023 16:32:08 GMT Server cloudflare ETag "134e9c59ff218666efe2f3141d20c9c7" Vary Accept-Encoding Content-Type image/gif Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9f6594d5ffa-SIN Content-Length 6160972
GET H/1.1	200 OK	lshare.png pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	7 KB 7 KB	994ms 562ms	Image image/png	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/lshare.png Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c22bb933512e29b80f0645c2dac92a957f7da92800aa2dc3498d2344e7aee7c7` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:54 GMT Last-Modified Mon, 23 Oct 2023 16:31:58 GMT Server cloudflare ETag "315be2604c96707cdb2f8fefce155c8c" Vary Accept-Encoding Content-Type image/png Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da0249d140f5-SIN Content-Length 6717
GET H/1.1	200 OK	lpa002.gif pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	343 KB 344 KB	452ms 450ms	Image image/gif	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/lpa002.gif Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `73e8b3e6a6c78fbbf231744dc93252e8bea9f834671b391d76ce244cad4d68ef` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:53 GMT Last-Modified Mon, 23 Oct 2023 16:31:59 GMT Server cloudflare ETag "50a981e33102bee45f193936957e2c6e" Vary Accept-Encoding Content-Type image/gif Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9ff8bc781b4-SIN Content-Length 351536
GET H/1.1	200 OK	jquery.min.js.download Show response pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	85 KB 85 KB	465ms 463ms	Script text/plain	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/jquery.min.js.download Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:53 GMT Last-Modified Mon, 23 Oct 2023 16:32:01 GMT Server cloudflare ETag "27a8f25e65bfe1872ebd62e021a0c6ca" Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9ff8d0040b8-SIN Content-Length 86661
GET H/1.1	200 OK	bootstrap.min.js.download Show response pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	48 KB 48 KB	320ms 319ms	Script text/plain	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/bootstrap.min.js.download Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8eff328e9a1aa761f9f046dd4827766b2bb5f17bbdb5e80f6e1e413e2b4a9e13` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:53 GMT Last-Modified Mon, 23 Oct 2023 16:32:01 GMT Server cloudflare ETag "c4cbb294b6b3681d6594710b54a2ad0d" Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes CF-RAY 86a2d9ff884540f5-SIN Content-Length 48952
GET H/1.1	200 OK	popper.min.js.download Show response pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	19 KB 19 KB	2085ms 434ms	Script text/plain	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/popper.min.js.download Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:55 GMT Last-Modified Mon, 23 Oct 2023 16:31:59 GMT Server cloudflare ETag "b1dbc64f8b1dfe0c089dd55b09bbbc72" Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da09da3f40b8-SIN Content-Length 19193
GET H/1.1	200 OK	holder.min.js.download Show response pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/	32 KB 32 KB	631ms 630ms	Script text/plain	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev/holder.min.js.download Requested by Host: pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev URL: https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/viewer.html?rBTvuPHLhaw2WCt1j3ZcIRdbuovzuUfB0sdRjES9wWGGCFgH7rwrFmghZhj4RBRTF9am7oAxdD1UnGXk Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a803e6cf3e0d3b35f38686c22a7897bb68c170af15fe782812500aa51f7dd5b1` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev/ accept-language zh-SG,zh;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 25 Mar 2024 23:58:55 GMT Last-Modified Mon, 23 Oct 2023 16:32:01 GMT Server cloudflare ETag "5574342cec4db8937e771e1b9d0a74f3" Vary Accept-Encoding Connection keep-alive Accept-Ranges bytes CF-RAY 86a2da0c8b9f40b8-SIN Content-Length 32295
GET		/ invalid/	0 0

GET		/ invalid/	0 0

GET		viewer.html pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev
URL: https://pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev/viewer.html?myshared-documents/cloudfiles/cnt4b4d334bdbc88756cd842aa5a39e896da28da35523f87934502e6rfd7u2sm19

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

invalid
pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev
pub-bd190bc84ddd4ceaa8babedabdd575d1.r2.dev
pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev
sharedifiles.page.link
www.tatagua.org
invalid
pub-80523fc936d84e94bd02b7908ebc82b9.r2.dev
104.18.2.35
104.18.3.35
190.8.176.62
74.125.68.132
193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6299ee9fa99ad18089d16a296170e919062f676c2719ad9efc7cc4599ddd4726
73e8b3e6a6c78fbbf231744dc93252e8bea9f834671b391d76ce244cad4d68ef
782cf4e0cf954d886522df6bf331de93979f7e4136bd7a6df5baa9a1af5478db
8eff328e9a1aa761f9f046dd4827766b2bb5f17bbdb5e80f6e1e413e2b4a9e13
9a2652b5e9c79f0629ddac6efc382357a9c2f6166a4bd38b60f8418a1a8dd2c9
a803e6cf3e0d3b35f38686c22a7897bb68c170af15fe782812500aa51f7dd5b1
b2f0d3c21be1a061320c393d23960a3761dd8a4b48f56a81e2486ac8dc5f12a5
b876ae3b812b675c5acfdc89163eb1a1c7ec47f642f1eac7fc2b5b8b7c3edc76
c22bb933512e29b80f0645c2dac92a957f7da92800aa2dc3498d2344e7aee7c7
cc9c216f00e06276166d55dc5615c7e06a2c2f26c121d6ea0e37281d37357943
ce9a5ed223d813c048d9d945065f3d73afb3d652ba30413d3be68ed9be16b3af
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
e496bf3769e7bda12ce6f10e04ee924ec2a0ff319cc9d290da378accf73b0b38

pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev Open in urlscan Pro 104.18.2.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

79 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

3 IPs

3 Countries

10016 kBTransfer

10012 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

pub-c7f7e6934eb244899aa8d88981d10c94.r2.dev Open in urlscan Pro
104.18.2.35 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

79 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

3
IPs

3
Countries

10016 kB
Transfer

10012 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions