urlscan.io logo urlscan.io
SecurityTrails logo

cagothie.net Open in urlscan Pro
139.45.197.238  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cdnqq.net/out.php?mode=main
Effective URL: https://cagothie.net/4/4476513/?var=fallback
Submission: On September 13 via manual from FR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 8 HTTP transactions. The main IP is 139.45.197.238, located in United Kingdom and belongs to RETN-AS, GB. The main domain is cagothie.net.
TLS certificate: Issued by R3 on July 5th 2021. Valid for: 3 months.
This is the only time cagothie.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 109.206.162.83 50245 (SERVEREL-AS)
2 2 92.204.53.70 8972 (GD-EMEA-D...)
1 2 139.45.197.238 9002 (RETN-AS)
2 139.45.195.8 ()
1 139.45.197.147 ()
8 5
1    2606:4700:3031::6815:6032 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnqq.net
3    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
syrsple2se8nyu09.com
2    92.204.53.70 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: astra7066.startdedicated.com
deliver.vkcdnservice.com
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
cagothie.net
2    139.45.195.8 (None, )

ASN- ()
my.rtmark.net
1    139.45.197.147 (None, )

ASN- ()
mugrikees.com
Domain Requested by
3 syrsple2se8nyu09.com cdnqq.net
syrsple2se8nyu09.com
2 my.rtmark.net cagothie.net
2 cagothie.net 1 redirects syrsple2se8nyu09.com
2 deliver.vkcdnservice.com 2 redirects
1 mugrikees.com
1 cdnqq.net
8 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-23 -
2022-01-22		 a year crt.sh
syrsple2se8nyu09.com
R3		 2021-07-27 -
2021-10-25		 3 months crt.sh
cagothie.net
R3		 2021-07-05 -
2021-10-03		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
mugrikees.com
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh

This page contains 1 frames:

Frame: https://mugrikees.com/?l=XKmG8ooqkNkREHl&s=461256826223079610&z=4476513
Frame ID: 3111B16559DDC291DAF79C835A78D607
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cdnqq.net/out.php?mode=main Page URL
  2. https://syrsple2se8nyu09.com/1811810/?var=1&psid= Page URL
  3. https://syrsple2se8nyu09.com/?r=dir&zoneid=1811810&var=1&pb=9dc48adbf89c574c733aa41bdaf3b8441631542904&ps... Page URL
  4. https://deliver.vkcdnservice.com/api/back/iesoeis3co HTTP 302
    https://deliver.vkcdnservice.com/api/direct/319162 HTTP 302
    https://cagothie.net/4/4476513/?var=fallback Page URL

Page Statistics

8
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

21 kB
Transfer

43 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cdnqq.net/out.php?mode=main Page URL
  2. https://syrsple2se8nyu09.com/1811810/?var=1&psid= Page URL
  3. https://syrsple2se8nyu09.com/?r=dir&zoneid=1811810&var=1&pb=9dc48adbf89c574c733aa41bdaf3b8441631542904&psp=yW4YNsLP8gtQXv7xcUx0c_iuSV7GQw-2H8AVbd1Ra3X12OUp-290Tm9-tfL9i3vUM0GfscZ8f9kMDk9PnombNi_w0H__RC6F0hgR-_btBH6j1MWI6l0l0Gddmq9mnqBA1gj3RLgDgkYEAjAU92iu1hEheSDHmH8zNYE9y_Dfll_l_pt4hq33KFehqFaXgSKwZxF5UxSukAhhwFf-al8-AE7GQHPdkKakioTTSMxFsEJpr73d4VEQdL8toOMxb2OZApWYGGnpRjK-hEktOB-WuDGo-JXoPOxmsKshQPC3kVqJk2-sCJqRpkxz5L0wnxes2Ifh_0Rzo5Rd88ZWT_rbmYkhBxlHmXxKa1-19lsYGm5PNQE2g96xhfbWpGeKh7Fj4R1ZQFUQH0vK-2ZDfSOb4xv8B3W12wsSVsfMqr2M2QW2Eioollgx5YHKnZwEVwraNdO57kt8CwBMaGwzzRzFkp9rgyGeFsPQaqpwGwQAdkJSB1A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  4. https://deliver.vkcdnservice.com/api/back/iesoeis3co HTTP 302
    https://deliver.vkcdnservice.com/api/direct/319162 HTTP 302
    https://cagothie.net/4/4476513/?var=fallback Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cagothie.net/?z=4476513&syncedCookie=true HTTP 302
  • https://mugrikees.com/?l=XKmG8ooqkNkREHl&s=461256826223079610&z=4476513

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
out.php
cdnqq.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdnqq.net/out.php?mode=main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:6032 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c654a8eadd00ce821c8f0721e702ae9e1115f9d7c1daf607e56c60ca89814232
Security Headers
Name Value
X-Frame-Options DENY

Request headers

:method
GET
:authority
cdnqq.net
:scheme
https
:path
/out.php?mode=main
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Sep 2021 12:21:39 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
pragma
cache
expires
Mon, 13 Sep 2021 12:22:39 GMT
x-frame-options
DENY
x-robots-tag
noindex
cache-control
public
x-cache-status-inferno-l
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zizJAho2HRmgb68MzHN9027s%2FeDlHThehIPfKsQGHc9h8E7Lt5XY1hk7CZtGG%2B1ojmBU5nsxolbDRJGNfZm63EV4fL2IiyS4REJo43C8hieaF36UbQtAz1XBIAoYyx27HZ%2B0ZXnoiaU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68e1562a8e263237-FRA
content-encoding
br
/
syrsple2se8nyu09.com/1811810/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syrsple2se8nyu09.com/1811810/?var=1&psid=
Requested by
Host: cdnqq.net
URL: https://cdnqq.net/out.php?mode=main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a114c8bc3c79d1c3d281e9f24d74905ca384ef5b2a31aea27026493f3d6ef4c2

Request headers

:method
GET
:authority
syrsple2se8nyu09.com
:scheme
https
:path
/1811810/?var=1&psid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://cdnqq.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdnqq.net/

Response headers

server
nginx
date
Mon, 13 Sep 2021 12:21:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
UID=2109130721be693c4724034183b731852e4e; Path=/; SameSite=None; Expires=Tue, 13 Sep 2022 12:21:44 GMT; HttpOnly; Secure
content-encoding
gzip
timing-allow-origin
*
submit.min.js
syrsple2se8nyu09.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syrsple2se8nyu09.com/submit.min.js?2.0
Requested by
Host: syrsple2se8nyu09.com
URL: https://syrsple2se8nyu09.com/1811810/?var=1&psid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96b97b01bcc2ced9d1c7a6b0314262e33aefb0a26787d450f95a68d957e14520

Request headers

:path
/submit.min.js?2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
syrsple2se8nyu09.com
cookie
UID=2109130721be693c4724034183b731852e4e
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 12:21:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 15:15:35 GMT
server
nginx
etag
W/"6130ea97-8183"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
syrsple2se8nyu09.com/ 		856 B
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syrsple2se8nyu09.com/?r=dir&zoneid=1811810&var=1&pb=9dc48adbf89c574c733aa41bdaf3b8441631542904&psp=yW4YNsLP8gtQXv7xcUx0c_iuSV7GQw-2H8AVbd1Ra3X12OUp-290Tm9-tfL9i3vUM0GfscZ8f9kMDk9PnombNi_w0H__RC6F0hgR-_btBH6j1MWI6l0l0Gddmq9mnqBA1gj3RLgDgkYEAjAU92iu1hEheSDHmH8zNYE9y_Dfll_l_pt4hq33KFehqFaXgSKwZxF5UxSukAhhwFf-al8-AE7GQHPdkKakioTTSMxFsEJpr73d4VEQdL8toOMxb2OZApWYGGnpRjK-hEktOB-WuDGo-JXoPOxmsKshQPC3kVqJk2-sCJqRpkxz5L0wnxes2Ifh_0Rzo5Rd88ZWT_rbmYkhBxlHmXxKa1-19lsYGm5PNQE2g96xhfbWpGeKh7Fj4R1ZQFUQH0vK-2ZDfSOb4xv8B3W12wsSVsfMqr2M2QW2Eioollgx5YHKnZwEVwraNdO57kt8CwBMaGwzzRzFkp9rgyGeFsPQaqpwGwQAdkJSB1A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: syrsple2se8nyu09.com
URL: https://syrsple2se8nyu09.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
syrsple2se8nyu09.com
:scheme
https
:path
/?r=dir&zoneid=1811810&var=1&pb=9dc48adbf89c574c733aa41bdaf3b8441631542904&psp=yW4YNsLP8gtQXv7xcUx0c_iuSV7GQw-2H8AVbd1Ra3X12OUp-290Tm9-tfL9i3vUM0GfscZ8f9kMDk9PnombNi_w0H__RC6F0hgR-_btBH6j1MWI6l0l0Gddmq9mnqBA1gj3RLgDgkYEAjAU92iu1hEheSDHmH8zNYE9y_Dfll_l_pt4hq33KFehqFaXgSKwZxF5UxSukAhhwFf-al8-AE7GQHPdkKakioTTSMxFsEJpr73d4VEQdL8toOMxb2OZApWYGGnpRjK-hEktOB-WuDGo-JXoPOxmsKshQPC3kVqJk2-sCJqRpkxz5L0wnxes2Ifh_0Rzo5Rd88ZWT_rbmYkhBxlHmXxKa1-19lsYGm5PNQE2g96xhfbWpGeKh7Fj4R1ZQFUQH0vK-2ZDfSOb4xv8B3W12wsSVsfMqr2M2QW2Eioollgx5YHKnZwEVwraNdO57kt8CwBMaGwzzRzFkp9rgyGeFsPQaqpwGwQAdkJSB1A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
UID=2109130721be693c4724034183b731852e4e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 13 Sep 2021 12:21:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
OXCCLK=ABXzkgAAAAAAAAAB; Path=/; SameSite=None; Expires=Tue, 14 Sep 2021 12:21:44 GMT; Secure OXPCLK=AAHAXgAAAAAAAAAB; Path=/; SameSite=None; Expires=Tue, 14 Sep 2021 12:21:44 GMT; Secure ppucnt=1; Path=/; SameSite=None; Expires=Tue, 14 Sep 2021 12:21:44 GMT; Secure
content-encoding
gzip
timing-allow-origin
*
Primary Request /
cagothie.net/4/4476513/
Redirect Chain
  • https://deliver.vkcdnservice.com/api/back/iesoeis3co
  • https://deliver.vkcdnservice.com/api/direct/319162
  • https://cagothie.net/4/4476513/?var=fallback
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cagothie.net/4/4476513/?var=fallback
Requested by
Host: syrsple2se8nyu09.com
URL: https://syrsple2se8nyu09.com/?r=dir&zoneid=1811810&var=1&pb=9dc48adbf89c574c733aa41bdaf3b8441631542904&psp=yW4YNsLP8gtQXv7xcUx0c_iuSV7GQw-2H8AVbd1Ra3X12OUp-290Tm9-tfL9i3vUM0GfscZ8f9kMDk9PnombNi_w0H__RC6F0hgR-_btBH6j1MWI6l0l0Gddmq9mnqBA1gj3RLgDgkYEAjAU92iu1hEheSDHmH8zNYE9y_Dfll_l_pt4hq33KFehqFaXgSKwZxF5UxSukAhhwFf-al8-AE7GQHPdkKakioTTSMxFsEJpr73d4VEQdL8toOMxb2OZApWYGGnpRjK-hEktOB-WuDGo-JXoPOxmsKshQPC3kVqJk2-sCJqRpkxz5L0wnxes2Ifh_0Rzo5Rd88ZWT_rbmYkhBxlHmXxKa1-19lsYGm5PNQE2g96xhfbWpGeKh7Fj4R1ZQFUQH0vK-2ZDfSOb4xv8B3W12wsSVsfMqr2M2QW2Eioollgx5YHKnZwEVwraNdO57kt8CwBMaGwzzRzFkp9rgyGeFsPQaqpwGwQAdkJSB1A=&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
20fd8338e9cb4ee93cd083d252b44cc442eaf7b0640f2d304d9a63480d4d5597

Request headers

:method
GET
:authority
cagothie.net
:scheme
https
:path
/4/4476513/?var=fallback
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://syrsple2se8nyu09.com/afu.php?zoneid=1776636&var=1811810

Response headers

server
nginx
date
Mon, 13 Sep 2021 12:21:55 GMT
content-type
text/html; charset=utf8
x-trace-id
6c5b3930d32eda8c370a178f2cadbfb6
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin
* *
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
timing-allow-origin
*
set-cookie
OAID=6bff1899223f4dfab9ff49a58eb678ad; expires=Tue, 13 Sep 2022 12:21:55 GMT; path=/; secure; SameSite=None oaidts=1631535715; expires=Tue, 13 Sep 2022 12:21:55 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
content-encoding
gzip

Redirect headers

server
nginx
date
Mon, 13 Sep 2021 12:21:49 GMT
content-length
0
location
https://cagothie.net/4/4476513/?var=fallback
set-cookie
nauid=gaQB5XBqyLP84dLPXct6; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None asgle=13776896946526934010; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control
private
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=6bff1899223f4dfab9ff49a58eb678ad
Requested by
Host: cagothie.net
URL: https://cagothie.net/4/4476513/?var=fallback
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cagothie.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 12:21:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
img.gif
my.rtmark.net/ 		43 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=6bff1899223f4dfab9ff49a58eb678ad
Requested by
Host: cagothie.net
URL: https://cagothie.net/4/4476513/?var=fallback
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://cagothie.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Sep 2021 12:21:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://cagothie.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Cookie set /
mugrikees.com/
Redirect Chain
  • https://cagothie.net/?z=4476513&syncedCookie=true
  • https://mugrikees.com/?l=XKmG8ooqkNkREHl&s=461256826223079610&z=4476513
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mugrikees.com/?l=XKmG8ooqkNkREHl&s=461256826223079610&z=4476513
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.147 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.18
Resource Hash

Request headers

Host
mugrikees.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://cagothie.net
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 13 Sep 2021 12:22:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.18
Set-Cookie
reverse=OMTjb22cOJKFlMLzgEw2URBd4c5z2y5q1AQVK8sqNpM; expires=Mon, 13-Sep-2021 13:22:01 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding
gzip

Redirect headers

server
nginx
date
Mon, 13 Sep 2021 12:21:56 GMT
content-length
0
location
https://mugrikees.com/?l=XKmG8ooqkNkREHl&s=461256826223079610&z=4476513
x-trace-id
9da377e63d618358307883588e01827f
link
<https://mugrikees.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
referrer-policy
no-referrer
access-control-allow-origin
https://cagothie.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
set-cookie
OAID=6bff1899223f4dfab9ff49a58eb678ad; expires=Tue, 13 Sep 2022 12:21:56 GMT; path=/; secure; SameSite=None oaidts=1631535715; expires=Tue, 13 Sep 2022 12:21:56 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Mon, 20 Sep 2021 12:21:56 GMT; path=/; secure; SameSite=None
strict-transport-security
max-age=1
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Domain/Path Name / Value
syrsple2se8nyu09.com/ Name: UID
Value: 2109130721be693c4724034183b731852e4e
syrsple2se8nyu09.com/ Name: OXCCLK
Value: ABXzkgAAAAAAAAAB
syrsple2se8nyu09.com/ Name: OXPCLK
Value: AAHAXgAAAAAAAAAB
syrsple2se8nyu09.com/ Name: ppucnt
Value: 1
deliver.vkcdnservice.com/ Name: nauid
Value: gaQB5XBqyLP84dLPXct6
deliver.vkcdnservice.com/ Name: asgle
Value: 13776896946526934010
cagothie.net/ Name: OAID
Value: 6bff1899223f4dfab9ff49a58eb678ad
cagothie.net/ Name: oaidts
Value: 1631535715
cagothie.net/ Name: syncedCookie
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY