urlscan.io logo urlscan.io
SecurityTrails logo

handadt.com Open in urlscan Pro
49.51.188.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlzs.com/8pm2P
Effective URL: https://handadt.com/?token=6oTzisshM9f80rJC
Submission: On September 18 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 13 HTTP transactions. The main IP is 49.51.188.133, located in United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is handadt.com.
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.
This is the only time handadt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.70.232 13335 (CLOUDFLAR...)
4 35.185.130.121 15169 (GOOGLE)
2 172.217.24.46 15169 (GOOGLE)
2 157.240.8.23 32934 (FACEBOOK)
1 157.240.8.35 32934 (FACEBOOK)
1 49.51.188.133 132203 (TENCENT-N...)
1 172.253.118.155 15169 (GOOGLE)
13 7
1    104.21.70.232 (None, )

ASN13335 (CLOUDFLARENET, US)
urlzs.com
4    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f14.1e100.net
www.google-analytics.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    49.51.188.133 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
handadt.com
1    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
4 reurl.cc
reurl.cc — Cisco Umbrella Rank: 302454
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
105 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
348 B
1 handadt.com
handadt.com
620 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 117
185 B
1 urlzs.com
urlzs.com
1 KB
0 google.com.au Failed
www.google.com.au Failed
0 google.com Failed
www.google.com Failed
13 9
Domain Requested by
4 reurl.cc reurl.cc
2 connect.facebook.net reurl.cc
connect.facebook.net
2 www.google-analytics.com reurl.cc
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 handadt.com reurl.cc
1 www.facebook.com reurl.cc
1 urlzs.com 1 redirects
0 www.google.com.au Failed
0 www.google.com Failed
13 9

This site contains no links.

Subject Issuer Validity Valid
reurl.cc
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-28 -
2023-11-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-27 -
2023-09-25		 3 months crt.sh
waytocars.com
R3		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://handadt.com/?token=6oTzisshM9f80rJC
Frame ID: 6EFAD50F8430DB7F4D1936CFA82A24E0
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

502 Bad Gateway

Page URL History Show full URLs

  1. https://urlzs.com/8pm2P HTTP 302
    https://reurl.cc/Y0O1kO Page URL
  2. https://handadt.com/?token=6oTzisshM9f80rJC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

129 kB
Transfer

443 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlzs.com/8pm2P HTTP 302
    https://reurl.cc/Y0O1kO Page URL
  2. https://handadt.com/?token=6oTzisshM9f80rJC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlzs.com/8pm2P HTTP 302
  • https://reurl.cc/Y0O1kO

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Y0O1kO
reurl.cc/
Redirect Chain
  • https://urlzs.com/8pm2P
  • https://reurl.cc/Y0O1kO
880 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/Y0O1kO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
154b2aad30ef399d53b7840c398292dc98ab847693b416addc4e6d8e789932ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 01:57:26 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://handadt.com?token=6oTzisshM9f80rJC
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8085fa658801a89a-SYD
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-ildeYHLiIYrg7B4_uhOomQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Mon, 18 Sep 2023 01:57:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://reurl.cc/Y0O1kO
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzraARrDL4kBupKttjLH3v4okU%2BhPV90YXpjU4NNpaOsMxocCWcLVMkg%2BsogNXaJ5sVX6fI6lVYo8c67lbSxHkriSjgFUy1EwsCGDFSa4jkvuBCXrXoPiU1NQRU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10134-SYD
x-timer
S1695002246.020895,VS0,VE356
ga.js
reurl.cc/javascripts/ 		368 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Y0O1kO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe7f57fde36dcc853aa6efe2b520aedf611b6f1fe3617d2f184d1b2470255185

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Y0O1kO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 01:57:26 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-170"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 17 Sep 2024 01:57:26 GMT
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Y0O1kO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Y0O1kO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 01:57:26 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 17 Sep 2024 01:57:26 GMT
redirect.js
reurl.cc/javascripts/ 		112 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/redirect.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Y0O1kO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a01cd2c51200f878b658e08c0f37b095cb3ed34e61133f377632b29df9abdaa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Y0O1kO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 01:57:26 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-70"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Tue, 17 Sep 2024 01:57:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:11:20 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6367
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 18 Sep 2023 02:11:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Sep 2023 01:57:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53155
x-xss-protection
0
pragma
public
x-fb-debug
g6wHvy4AalW9CPZ62JUnkAVwXuaRQtkCNge9tpGpXG3qP/olXGdpdsBFvwLoN4L8ceibwvlURXpxNgKFn48vRA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		192 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.127&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
b6e62aeac3b1c712421bdfc8595404b8933466f62e6328defcf1206a85adc6ed
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Sep 2023 01:57:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52684
x-xss-protection
0
pragma
public
x-fb-debug
imX58sw07inSE3b75SAib2nw9QFRAoIVwGLn7CvSVsdRfL/adZU00DRjA47z5F5MRsmvnrIO0I+HQMHiIOC8Ug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1695002247158&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=28&fbp=fb.1.1695002247155.1965736441&cs_est=true&pm=1&hrl=f29968&it=1695002247138&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/Y0O1kO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 18 Sep 2023 01:57:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1390339923&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FY0O1kO&ul=en-us&de=UTF-8&dt=Welcome%20to%20Medicare%20%7C%20MedicareMedicare.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1730980860&gjid=382389318&cid=985865174.1695002247&tid=UA-102456694-1&_gid=1102543495.1695002247&_r=1&_slc=1&z=1035753115
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 01:57:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
handadt.com/ 		552 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://handadt.com/?token=6oTzisshM9f80rJC
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/redirect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.51.188.133 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
552
content-type
text/html
date
Mon, 18 Sep 2023 01:57:28 GMT
server
nginx
collect
stats.g.doubleclick.net/j/ 		8 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=985865174.1695002247&jid=1730980860&gjid=382389318&_gid=1102543495.1695002247&_u=IEBAAEAAAAAAACAAI~&z=312363207
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 18 Sep 2023 01:57:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		0
0
ga-audiences
www.google.com.au/ads/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=985865174.1695002247&jid=1730980860&_u=IEBAAEAAAAAAACAAI~&z=1381927339
Domain
www.google.com.au
URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=985865174.1695002247&jid=1730980860&_u=IEBAAEAAAAAAACAAI~&z=1381927339

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1695002247155.1965736441
.reurl.cc/ Name: _ga
Value: GA1.2.985865174.1695002247
.reurl.cc/ Name: _gid
Value: GA1.2.1102543495.1695002247
.reurl.cc/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://handadt.com/?token=6oTzisshM9f80rJC
Message:
Failed to load resource: the server responded with a status of 502 ()