yoursgo.com Open in urlscan Pro
172.104.76.154 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yoursgo.com/
Submission: On October 15 via api (October 15th 2024, 4:56:50 am UTC) from CA — Scanned from JP

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 172.104.76.154, located in Tokyo, Japan and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is yoursgo.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on September 1st 2024. Valid for: 3 months.

This is the only time yoursgo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OnlyFans (Online)

Domain & IP information

	IP Address	AS Autonomous System
10	172.104.76.154 172.104.76.154	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2404:6800:400... 2404:6800:4004:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:481d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.42.131 142.251.42.131	15169 (GOOGLE) (GOOGLE)
14	4

10 172.104.76.154 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-76-154.ip.linodeusercontent.com

yoursgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:481d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bootcdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	yoursgo.com yoursgo.com	2 MB
2	gstatic.com fonts.gstatic.com	36 KB
1	bootcdn.org cdn.bootcdn.org	652 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
14	4

	Domain	Requested by
10	yoursgo.com	yoursgo.com
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.bootcdn.org	yoursgo.com
1	fonts.googleapis.com	yoursgo.com
14	4

This site contains links to these domains. Also see Links.

Domain
www.1bamclub.com

Subject Issuer	Validity	Valid
1bamclubad.com ZeroSSL RSA Domain Secure Site CA	`2024-09-01` - `2024-11-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
bootcdn.org WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://yoursgo.com/
Frame ID: A757A37D248A19E40AD1305EA9945A6C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

29 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1913 kB
Transfer

2000 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.1bamclub.com/?f=1bamad
Title: 예

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
yoursgo.com/ 5 KB
2 KB 15ms
3ms Document
text/html 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: d9b8955ec30caadb524f9deae778d1e4b23232fe07072f4da9c430b3d4c1656b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1574
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 04:56:45 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
yoursgo.com/css/ 15 KB
3 KB 2ms
2ms Stylesheet
text/css 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/css/style.css
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: cb433328d2a4f2c1061dd2fdaf7308ada6f279c363691d5b1832eb5b6dce6a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Content-Encoding: gzip
ETag: "3a67-60717e7bf9a80"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2964
Keep-Alive: timeout=5, max=99
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 03:25:14 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/css

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
yoursgo.com/ 91 KB
33 KB 9ms
7ms Script
application/javascript 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/jquery-1.8.3.min.js
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Content-Encoding: gzip
ETag: "16dc5-60717e839ac80"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33433
Keep-Alive: timeout=5, max=100
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 03:25:22 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK vegas.js Show response
yoursgo.com/ 11 KB
4 KB 10ms
7ms Script
application/javascript 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/vegas.js
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: f1ecc30de71c71801898b6ca060868c13690a72588ea8a0f66b9d166e2d878cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Content-Encoding: gzip
ETag: "2d3e-60717e8953a00"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3399
Keep-Alive: timeout=5, max=100
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 03:25:28 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK script.js Show response
yoursgo.com/ 3 KB
775 B 4ms
2ms Script
application/javascript 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/script.js?t=1696649069
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: c265a1513af691effab3be68e78367807f07766d5160c493a91f2131ef651188

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Content-Encoding: gzip
ETag: "d11-60717e94c5500"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 446
Keep-Alive: timeout=5, max=100
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 03:25:40 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK 1.jpg
yoursgo.com/image/ 61 KB
61 KB 8ms
5ms Image
image/jpeg 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yoursgo.com/image/1.jpg
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Content-Encoding: gzip
ETag: "f2d4-60718f6790600"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 61941
Keep-Alive: timeout=5, max=100
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 04:40:56 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: image/jpeg

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 88ms
43ms Stylesheet
text/css 2404:6800:4004:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: yoursgo.com
URL: https://yoursgo.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a27edb907b4b9c1580815a6312982c8d6f926acb9143fd7784ffceaca42e9595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 04:56:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 04:56:45 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Oct 2024 04:38:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.js Show response
cdn.bootcdn.org/ajax/libs/jquery/3.1.0/ 81 B
652 B 176ms
146ms Script
text/html 2606:4700:3033::6815:481d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcdn.org/ajax/libs/jquery/3.1.0/jquery.js
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:481d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aca640a180911e0bc24422cc117785a06bbe5d4ecceaa99a3c85c055a1aa79b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHZdqfRQgPGj5aEYlGC1sohdH5pjLwjWKn0OWOInWie1xjjb7afMGnoRj%2BWx9fTSlcBjuTZKMXQ5qnYulfR3rjmlsdEURNlkgmBqswFEfA01tBOuOtKtP7t29QoARmgsLdpkPXHplFXlYEGZttk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2d39756962d75c-NRT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 04:56:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
last-modified: Tuesday, 15-Oct-2024 04:56:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 49ms
4ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://yoursgo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 261640
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 04:16:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 04:16:05 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 48ms
3ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://yoursgo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 251057
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 07:12:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 07:12:28 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK 2.jpg
yoursgo.com/image/ 100 KB
101 KB 5ms
5ms Image
image/jpeg 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yoursgo.com/image/2.jpg
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "191b0-60718ff1d8c40"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 04:43:21 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: image/jpeg

GET
H/1.1 200
OK 3.jpg
yoursgo.com/image/ 146 KB
147 KB 5ms
4ms Image
image/jpeg 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yoursgo.com/image/3.jpg
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "24934-60718ff979e40"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 04:43:29 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: image/jpeg

GET
H/1.1 206
Partial Content 1.mp4
yoursgo.com/image/ 1 MB
1 MB 5ms
5ms Media
video/mp4 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/image/1.mp4
Requested by: Host: yoursgo.com
URL: https://yoursgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94

Request headers

Referer: https://yoursgo.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

ETag: "17ce64-60719025585c0"
Connection: Keep-Alive
Content-Range: bytes 0-1560163/1560164
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1560164
Date: Tue, 15 Oct 2024 04:56:45 GMT
Last-Modified: Sat, 07 Oct 2023 04:44:15 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: video/mp4

GET
H/1.1 404
Not Found favicon.ico
yoursgo.com/ 196 B
396 B 1ms
1ms Other
text/html 172.104.76.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursgo.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.76.154 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-76-154.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://yoursgo.com/

Response headers

Keep-Alive: timeout=5, max=98
Content-Length: 196
Date: Tue, 15 Oct 2024 04:56:45 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache
Connection: Keep-Alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OnlyFans (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://yoursgo.com/(Line 6) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
network	error	URL: https://yoursgo.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcdn.org
fonts.googleapis.com
fonts.gstatic.com
yoursgo.com
142.251.42.131
172.104.76.154
2404:6800:4004:828::200a
2606:4700:3033::6815:481d
0aca640a180911e0bc24422cc117785a06bbe5d4ecceaa99a3c85c055a1aa79b
10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c
5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a27edb907b4b9c1580815a6312982c8d6f926acb9143fd7784ffceaca42e9595
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c265a1513af691effab3be68e78367807f07766d5160c493a91f2131ef651188
c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6
cb433328d2a4f2c1061dd2fdaf7308ada6f279c363691d5b1832eb5b6dce6a5c
d9b8955ec30caadb524f9deae778d1e4b23232fe07072f4da9c430b3d4c1656b
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373
f1ecc30de71c71801898b6ca060868c13690a72588ea8a0f66b9d166e2d878cd

yoursgo.com Open in urlscan Pro 172.104.76.154 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

29 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1913 kBTransfer

2000 kBSize

0 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

yoursgo.com Open in urlscan Pro
172.104.76.154 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

29 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1913 kB
Transfer

2000 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!