youth-empowerments.ethut.co Open in urlscan Pro
66.45.250.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://youth-empowerments.ethut.co/Step2.html
Submission: On November 08 via manual (November 8th 2021, 10:12:44 am UTC) from IT — Scanned from IT

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 17 domains to perform 45 HTTP transactions. The main IP is 66.45.250.213, located in United States and belongs to IS-AS-1, US. The main domain is youth-empowerments.ethut.co.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 5th 2021. Valid for: 3 months.

This is the only time youth-empowerments.ethut.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	66.45.250.213 66.45.250.213	19318 (IS-AS-1) (IS-AS-1)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:a12f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	139.45.197.126 139.45.197.126	() ()
7	139.45.197.251 139.45.197.251	() ()
2	188.42.224.28 188.42.224.28	() ()
1	139.45.195.8 139.45.195.8	() ()
45	15

11 66.45.250.213 (United States)

ASN19318 (IS-AS-1, US)

youth-empowerments.ethut.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.126 (None, )

ASN- ()

toonoost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.251 (None, )

ASN- ()

uwoaptee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.224.28 (None, )

ASN- ()

voonogoa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (None, )

ASN- ()

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ethut.co youth-empowerments.ethut.co	451 KB
7	uwoaptee.com uwoaptee.com	59 KB
4	blogspot.com 1.bp.blogspot.com	453 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
3	googletagmanager.com www.googletagmanager.com	107 KB
2	voonogoa.net voonogoa.net	336 B
2	toonoost.net toonoost.net	11 KB
2	imgur.com i.imgur.com	55 KB
1	rtmark.net my.rtmark.net	553 B
1	fontawesome.com ka-f.fontawesome.com	14 KB
1	gstatic.com encrypted-tbn0.gstatic.com	6 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
0	line-me.vip Failed r.line-me.vip Failed
0	owo-owo.vip Failed owo-owo.vip Failed
0	Failed function sub() { [native code] }. Failed
0	nigeria-independence.online Failed nigeria-independence.online Failed
45	17

	Domain	Requested by
11	youth-empowerments.ethut.co	youth-empowerments.ethut.co ajax.googleapis.com
7	uwoaptee.com	youth-empowerments.ethut.co
4	1.bp.blogspot.com	youth-empowerments.ethut.co
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	youth-empowerments.ethut.co www.googletagmanager.com
2	voonogoa.net	youth-empowerments.ethut.co
2	toonoost.net	youth-empowerments.ethut.co
2	i.imgur.com	youth-empowerments.ethut.co
2	fonts.googleapis.com	youth-empowerments.ethut.co
1	my.rtmark.net	youth-empowerments.ethut.co
1	ka-f.fontawesome.com	youth-empowerments.ethut.co
1	encrypted-tbn0.gstatic.com	youth-empowerments.ethut.co
1	ajax.googleapis.com	youth-empowerments.ethut.co
1	maxcdn.bootstrapcdn.com	youth-empowerments.ethut.co
0	r.line-me.vip Failed	ajax.googleapis.com
0	owo-owo.vip Failed	ajax.googleapis.com
0	truncated Failed	youth-empowerments.ethut.co
0	nigeria-independence.online Failed	youth-empowerments.ethut.co
45	18

This site contains no links.

Subject Issuer	Validity	Valid
youth-empowerments.ethut.co cPanel, Inc. Certification Authority	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
toonoost.net R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
uwoaptee.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
voonogoa.net R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://youth-empowerments.ethut.co/Step2.html
Frame ID: 235FF7587C00EFC1B999CA915F814837
Requests: 42 HTTP requests in this frame

Frame: https://voonogoa.net/jho3ulcqsqh.php
Frame ID: BC52099CD1A801B538D17BE9C8D1A781
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: A9A775B3DB9773BA45A8F3E054846DB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Presidential Youth Empowerment Scheme Funds

Page Statistics

45
Requests

91 %
HTTPS

57 %
IPv6

17
Domains

18
Subdomains

15
IPs

2
Countries

1230 kB
Transfer

1804 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Step2.html Show response
youth-empowerments.ethut.co/ 177 KB
58 KB 332ms
107ms Document
text/html 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 29aedc10931461e85740cc8b840ccbd9fd0704ae3d1b7d6db24c00b95ae4d5f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

content-type: text/html
last-modified: Thu, 04 Nov 2021 07:04:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 58748
date: Mon, 08 Nov 2021 10:12:30 GMT
server: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 112ms
38ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158836264-1

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18425b1249e9fbbd54a71c3d7b9af333ce824d8c61db6dc0536883cfa7f6041f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36441
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 10:12:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 130ms
61ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176308522-1

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc9a76ee81293f64eef2a70c6f195c9508c91f6ecf007da6361aa8e1fb55cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36443
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 10:12:30 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 82ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Origin: https://youth-empowerments.ethut.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 061fd0e02805ef9440fb47e20b3eacc8
cf-ray: 6aae05fb3c5f0f7e-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 1 KB
1 KB 98ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo&display=swap

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9761e420af3328d27d24e7ea50ebe0b50d23f5c64d4ebd2dbadb07e809961e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:12:16 GMT
server: ESF
date: Mon, 08 Nov 2021 10:12:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 10:12:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 101ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 14:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 06 Nov 2022 14:40:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
584 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:01:07 GMT
server: ESF
date: Mon, 08 Nov 2021 10:12:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 10:12:30 GMT

GET do721t1.png
nigeria-independence.online/ 0
0

GET
H2 200 pyese.png
youth-empowerments.ethut.co/ 132 KB
132 KB 109ms
107ms Image
image/png 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/pyese.png
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f547144b00ff16c992f5905ad2b84270622bab176f8d0aa0f21ce62226fa3970

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
last-modified: Thu, 21 Oct 2021 07:36:07 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 134916
expires: Mon, 15 Nov 2021 10:12:30 GMT

GET
H2 200 ouJgS71.gif
i.imgur.com/ 49 KB
50 KB 89ms
26ms Image
image/gif 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ouJgS71.gif

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
x-content-type-options: nosniff
age: 3385829
x-cache: HIT, HIT
content-length: 50336
x-served-by: cache-bwi5170-BWI, cache-hhn4076-HHN
last-modified: Thu, 22 Oct 2020 22:51:11 GMT
server: cat factory 1.0
x-timer: S1636366351.770266,VS0,VE0
etag: "74581d7f057a8880cbf459921bd8bbc9"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 6

GET
H2 200 pyes1.png
youth-empowerments.ethut.co/ 7 KB
7 KB 237ms
235ms Image
image/png 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/pyes1.png
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6d7cbcad4a39e8d4eccd4a1044646205f53d7e89f8f008dfebeb23604b7902a2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
last-modified: Thu, 23 Sep 2021 06:15:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7046
expires: Mon, 15 Nov 2021 10:12:30 GMT

GET
H2 200 pyes2.png
youth-empowerments.ethut.co/ 52 KB
52 KB 237ms
236ms Image
image/png 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/pyes2.png
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a5915f186108be78f89d1682bc7b06a1938dfec88712cd18622b19b289403457

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
last-modified: Thu, 23 Sep 2021 06:15:39 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 52880
expires: Mon, 15 Nov 2021 10:12:30 GMT

GET
H2 200 WVKvJDS.png
i.imgur.com/ 6 KB
6 KB 120ms
57ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WVKvJDS.png

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4b392d27dbb09781249eaa99538e3ad055cb96cf90ce0097561715b041e29700

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
x-content-type-options: nosniff
age: 1547459
x-cache: HIT, HIT
content-length: 5877
x-served-by: cache-bwi5133-BWI, cache-hhn4076-HHN
last-modified: Fri, 23 Oct 2020 11:26:00 GMT
server: cat factory 1.0
x-timer: S1636366351.770354,VS0,VE0
etag: "273ad62178d0fbabc28c076a77ac1cad"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 3

GET
H2 200 FB_IMG_15869730632923052.jpg
1.bp.blogspot.com/-Qhhqa37Fep4/XpdlgxSfpkI/AAAAAAAAAKY/CXFPWnrW4f0zCAAe6K-ZF2fKI2LHyWpdwCLcBGAsYHQ/s1600/ 98 KB
98 KB 101ms
36ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Qhhqa37Fep4/XpdlgxSfpkI/AAAAAAAAAKY/CXFPWnrW4f0zCAAe6K-ZF2fKI2LHyWpdwCLcBGAsYHQ/s1600/FB_IMG_15869730632923052.jpg

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2510964c1e902cb23352128bac09d69f9a277d9d5b3fcdd30395a9696cc4480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 09:42:16 GMT
x-content-type-options: nosniff
age: 1814
content-disposition: inline;filename="FB_IMG_15869730632923052.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100293
x-xss-protection: 0
server: fife
etag: "vab"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:40:43 GMT

GET
H2 200 FB_IMG_15869726679037399.jpg
1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/ 151 KB
151 KB 122ms
57ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/FB_IMG_15869726679037399.jpg

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4b1b95544a98a46c0b587e7c321de6fb660675195cb5de21b2e31d355ed057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:26:20 GMT
x-content-type-options: nosniff
age: 6370
content-disposition: inline;filename="FB_IMG_15869726679037399.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154558
x-xss-protection: 0
server: fife
etag: "va8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:40:43 GMT

GET
H2 200 FB_IMG_15869730921979436.jpg
1.bp.blogspot.com/-UQW1DxDR9Ko/XpdlghF8wJI/AAAAAAAAAKU/EXuIMhMGNeED6BwLWbxkGgtBe3HL0RTTACLcBGAsYHQ/s1600/ 80 KB
80 KB 153ms
88ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UQW1DxDR9Ko/XpdlghF8wJI/AAAAAAAAAKU/EXuIMhMGNeED6BwLWbxkGgtBe3HL0RTTACLcBGAsYHQ/s1600/FB_IMG_15869730921979436.jpg

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e94a2e599af3383db4e702b6813463319e93a14afdf1c442f9876f45c497a8a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:44:50 GMT
x-content-type-options: nosniff
age: 5260
content-disposition: inline;filename="FB_IMG_15869730921979436.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81996
x-xss-protection: 0
server: fife
etag: "vaa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Nov 2021 21:19:56 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 6 KB
6 KB 135ms
43ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRl3ygUb7cGUuruQywsZk7zn2kkMrnklAPM1w&usqp=CAU

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ed5258cb4762d32124b9b8b8d71245e4f30c1198aab362e7115f5c2e4e19f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5720
x-xss-protection: 0
last-modified: Sat, 17 Oct 2020 08:07:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Nov 2022 10:12:30 GMT

GET
H2 200 P-YES-Login.png
youth-empowerments.ethut.co/ 97 KB
97 KB 237ms
236ms Image
image/png 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/P-YES-Login.png
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4686de0383fb44017e623f042a4bd2fbcaab67b107dd678d7132a092b0f936d5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
last-modified: Thu, 23 Sep 2021 05:54:19 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 99423
expires: Mon, 15 Nov 2021 10:12:30 GMT

GET
H2 200 jm.jpg
youth-empowerments.ethut.co/ 102 KB
102 KB 238ms
237ms Image
image/jpeg 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/jm.jpg
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 24913cd908d31a71a171eb8374ef8fee11a0e3f14e361608150334c19751c3fd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
last-modified: Thu, 23 Sep 2021 06:03:29 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 104113
expires: Mon, 15 Nov 2021 10:12:30 GMT

GET
H2 200 FB_IMG_15869727062399866.jpg
1.bp.blogspot.com/-VLe9ANL6zpc/XpdlYHgo_bI/AAAAAAAAAKA/YdZWOlZvb2cuxfhdYhZIJLsfsqEe3QIbgCLcBGAsYHQ/s1600/ 123 KB
124 KB 149ms
84ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-VLe9ANL6zpc/XpdlYHgo_bI/AAAAAAAAAKA/YdZWOlZvb2cuxfhdYhZIJLsfsqEe3QIbgCLcBGAsYHQ/s1600/FB_IMG_15869727062399866.jpg

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f47775cd654d893a389a12715a6e9b87fa7d09ddf7e6a14b417f61bbd210dbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:26:35 GMT
x-content-type-options: nosniff
age: 6355
content-disposition: inline;filename="FB_IMG_15869727062399866.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126275
x-xss-protection: 0
server: fife
etag: "va7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Nov 2021 21:19:56 GMT

GET truncated
/ 0
0

GET
H2 404 yuming.js Show response
youth-empowerments.ethut.co/ 1 KB
1 KB 208ms
207ms XHR
text/html 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://youth-empowerments.ethut.co/yuming.js?1636366350665&_=1636366350632
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://youth-empowerments.ethut.co/Step2.html
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET verify.js
owo-owo.vip/ 0
0

GET total.php
r.line-me.vip/record/ 0
0

GET
H2 404 like.png
youth-empowerments.ethut.co/img/f/ 1 KB
1 KB 292ms
291ms Image
text/html 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/img/f/like.png
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 bubble.png
youth-empowerments.ethut.co/img/f/ 1 KB
1 KB 192ms
192ms Image
text/html 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youth-empowerments.ethut.co/img/f/bubble.png
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/Step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 Tahoma-Bold.ttf
youth-empowerments.ethut.co/fonts/ 0
0 191ms
191ms Font
text/html 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://youth-empowerments.ethut.co/fonts/Tahoma-Bold.ttf
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://youth-empowerments.ethut.co/Step2.html
Origin: https://youth-empowerments.ethut.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ 13 KB
14 KB 90ms
31ms Font
font/woff2 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-regular-400.woff2
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2bc9b921ec022706cf67e3d319d79c5787b2342e4c64d10fa2324f2366ca127

Request headers

Referer: https://youth-empowerments.ethut.co/
Origin: https://youth-empowerments.ethut.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
via: 1.1 a492d514787de63e7daf0f07b0c799fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350013
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13576
last-modified: Wed, 14 Oct 2020 21:22:07 GMT
server: cloudflare
etag: "787f098a53efc4938550773f48056957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhVe2A4TYlZEnHcYuNoDU9uFKxUPqW77MGVSIm%2FMV3hnFUZeEQiFZCp4VsREmUYr0VSbRNVPYYAdIRd%2FfSHa2BEDhfrXjHy7fq5PghxFaiI2q%2B8lybJRe6BvvsxVI5HYfV6YvREAy0TWaf2hkz2Tog3cvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
accept-ranges: bytes
cf-ray: 6aae05fc8f9159b9-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: g-yxBrAjpqdfW1qigrfB72a4niW3uVOywQ3sIQZtnviBNHNBO1KUHA==

GET
H2 404 Tahoma.ttf
youth-empowerments.ethut.co/fonts/ 0
0 191ms
191ms Font
text/html 66.45.250.213
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://youth-empowerments.ethut.co/fonts/Tahoma.ttf
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 66.45.250.213 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://youth-empowerments.ethut.co/Step2.html
Origin: https://youth-empowerments.ethut.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 117ms
41ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158836264-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 684
date: Mon, 08 Nov 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 08 Nov 2021 12:01:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-176308522-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158836264-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c8cfa3daadd00a4d20637c240939c3ef66344572448e79e22195661fb0db8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36446
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 10:12:30 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
214 B 34ms
32ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=748800046&t=pageview&_s=1&dl=https%3A%2F%2Fyouth-empowerments.ethut.co%2FStep2.html&ul=en-us&de=UTF-8&dt=Presidential%20Youth%20Empowerment%20Scheme%20Funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1159454434&gjid=369042424&cid=791163181.1636366351&tid=UA-158836264-1&_gid=347722846.1636366351&_r=1&gtm=2oub31&z=869042212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://youth-empowerments.ethut.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 33ms
33ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=748800046&t=pageview&_s=1&dl=https%3A%2F%2Fyouth-empowerments.ethut.co%2FStep2.html&ul=en-us&de=UTF-8&dt=Presidential%20Youth%20Empowerment%20Scheme%20Funds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=660161851&gjid=985232070&cid=791163181.1636366351&tid=UA-176308522-1&_gid=347722846.1636366351&_r=1&gtm=2oub31&z=870028665

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://youth-empowerments.ethut.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bootstrap.css
toonoost.net/ 20 KB
9 KB 210ms
53ms Stylesheet
text/css 139.45.197.126

General

Check archive.org

Show headers Download Go to

Full URL

https://toonoost.net/bootstrap.css?aHR0cHM6Ly91d29hcHRlZS5jb20vcGZlL2N1cnJlbnQvbnRmYy5taW4uanM/cD0yOTY5NDU0

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.126 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9fa466bd67a944db8255c9b3289faa88a37e1d5ce3cb3a161a8cd938624b2d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Origin: https://youth-empowerments.ethut.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 10:12:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Content-Type: text/css
Access-Control-Allow-Origin: https://youth-empowerments.ethut.co
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *

GET
H/1.1 200
OK index.css
toonoost.net/ 3 KB
2 KB 49ms
49ms Stylesheet
text/css 139.45.197.126

General

Check archive.org

Show headers Download Go to

Full URL

https://toonoost.net/index.css?aHR0cHM6Ly92b29ub2dvYS5uZXQvbG9nLmpzP3o9Mjk2OTQ1NCZmPXB1c2hlci11bml2ZXJzYWw=

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.126 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

366f699c986804a40093f7e2c0f2c48963504f1b5d6caf1dea51b7e6fe7b4a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Origin: https://youth-empowerments.ethut.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 10:12:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff, nosniff
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1, max-age=1
Content-Type: text/css
Access-Control-Allow-Origin: https://youth-empowerments.ethut.co
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *, *

GET
H2 200 zone Show response
uwoaptee.com/ 696 B
993 B 175ms
71ms Fetch
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL

https://uwoaptee.com/zone?pub=0&zone_id=2969454&is_mobile=false&domain=youth-empowerments.ethut.co&var=&ymid=&var_3=

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f7dbe04e16316a3cf61122d193e4519601e62d66eb350124b5c9a1aa18699da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: b284ccb4d4c669977382d7e5ef5f4686
date: Mon, 08 Nov 2021 10:12:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://youth-empowerments.ethut.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 696

GET
H2 200 universal.min.js Show response
uwoaptee.com/pfe/current/ 105 KB
38 KB 201ms
73ms Fetch
application/javascript 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://uwoaptee.com/pfe/current/universal.min.js?v=3.1.339
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1a982c82df2d09c6629d76ae5c83bbf9719dfeff2bdda1e51d42a469555dd2f7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:41 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 14:40:12 GMT
server: nginx
etag: W/"61829f4c-1a2a9"
content-type: application/javascript
access-control-allow-origin: https://youth-empowerments.ethut.co
cache-control: no-cache
access-control-allow-credentials: true

POST
H/1.1 200
OK jho3ulcqsqh.php Show response
voonogoa.net/ Frame BC52 0
336 B 33ms
32ms XHR
text/plain 188.42.224.28

General

Check archive.org

Show headers Download Go to

Full URL

https://voonogoa.net/jho3ulcqsqh.php

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.224.28 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer
Accept-Language: it-IT,it;q=0.9
X-Log-Type: request
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 08 Nov 2021 10:12:41 GMT
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Access-Control-Allow-Origin: *
Connection: keep-alive
Timing-Allow-Origin: *, *
Content-Length: 0

OPTIONS
H/1.1 200
OK jho3ulcqsqh.php
voonogoa.net/ Frame 0
0 140ms
31ms Preflight 188.42.224.28

General

Check archive.org

Show headers Download Go to

Full URL

https://voonogoa.net/jho3ulcqsqh.php

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.224.28 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-log-type
Origin: https://youth-empowerments.ethut.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 08 Nov 2021 10:12:41 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://youth-empowerments.ethut.co
Access-Control-Allow-Headers: Token,Content-Type,X-Log-Type
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

OPTIONS
H2 200 custom
uwoaptee.com/ Frame 0
0 98ms
97ms Preflight
text/plain 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://uwoaptee.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://youth-empowerments.ethut.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 08 Nov 2021 10:12:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://youth-empowerments.ethut.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
uwoaptee.com/ 39 B
333 B 45ms
44ms Fetch
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL

https://uwoaptee.com/custom

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 18855084bce5e3f26871b02924784dde
date: Mon, 08 Nov 2021 10:12:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://youth-empowerments.ethut.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
553 B 144ms
45ms Fetch
application/json 139.45.195.8

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=a3903e51337b4b799edcb5ef94a748dd&zoneId=2969454&checkDuplicate=true&ymid=&var=

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8b0f7e4742035413a0b8b913249825f7d21df6270e9444590f7680f40400edb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 10:12:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://youth-empowerments.ethut.co
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 defaultSkin.min.js Show response
uwoaptee.com/pfe/current/ 56 KB
19 KB 51ms
51ms Fetch
application/javascript 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://uwoaptee.com/pfe/current/defaultSkin.min.js
Requested by: Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://youth-empowerments.ethut.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 10:12:41 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 14:40:12 GMT
server: nginx
etag: W/"61829f4c-df63"
content-type: application/javascript
access-control-allow-origin: https://youth-empowerments.ethut.co
cache-control: no-cache
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame A9A7 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 custom
uwoaptee.com/ Frame 0
0 44ms
44ms Preflight
text/plain 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://uwoaptee.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://youth-empowerments.ethut.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 08 Nov 2021 10:12:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://youth-empowerments.ethut.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
uwoaptee.com/ 39 B
333 B 45ms
44ms Fetch
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL

https://uwoaptee.com/custom

Requested by

Host: youth-empowerments.ethut.co
URL: https://youth-empowerments.ethut.co/Step2.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://youth-empowerments.ethut.co/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 7b7faac167bbb7c6e3ebe582fcc77033
date: Mon, 08 Nov 2021 10:12:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://youth-empowerments.ethut.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nigeria-independence.online
URL: https://nigeria-independence.online/do721t1.png

Domain: truncated
URL: data:truncated

Domain: owo-owo.vip
URL: https://owo-owo.vip/verify.js?_=1636366350633

Domain: r.line-me.vip
URL: https://r.line-me.vip/record/total.php?ac=total&name=null&_=1636366350634

Domain: r.line-me.vip
URL: https://r.line-me.vip/record/total.php?ac=total&name=hw&_=1636366350635

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
youth-empowerments.ethut.co/	1970-01-19 22:32:46	Name: null Value: null
youth-empowerments.ethut.co/	1970-01-19 22:32:46	Name: hw Value: hw
.ethut.co/	1970-01-20 16:03:58	Name: _ga Value: GA1.2.791163181.1636366351
.ethut.co/	1970-01-19 22:34:12	Name: _gid Value: GA1.2.347722846.1636366351
.ethut.co/	1970-01-19 22:32:46	Name: _gat_gtag_UA_158836264_1 Value: 1
.ethut.co/	1970-01-19 22:32:46	Name: _gat_gtag_UA_176308522_1 Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABoAAAAaAQMAAACThN6NAAAABlBMVEUAAAC5ubnoUmKJAAAAAXRSTlMAQObYZgAAAEVJREFUCNdjQAI8cEIOTtiDiPoGGPH5AIh4wMDA+PkDAwMzhPjBwMAOIvg//4ES8v//AbV+/g8l6v//b4AQ////P8AMERICA SCHOLARSHIPgCNvyHz1VKxBQAAAABJRU5ErkJggg== Message: Failed to load resource: net::ERR_INVALID_URL
network	error	URL: https://owo-owo.vip/verify.js?_=1636366350633 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://r.line-me.vip/record/total.php?ac=total&name=null&_=1636366350634 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://r.line-me.vip/record/total.php?ac=total&name=hw&_=1636366350635 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://youth-empowerments.ethut.co/yuming.js?1636366350665&_=1636366350632 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://youth-empowerments.ethut.co/fonts/Tahoma-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://youth-empowerments.ethut.co/fonts/Tahoma.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://youth-empowerments.ethut.co/img/f/bubble.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://youth-empowerments.ethut.co/img/f/like.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
i.imgur.com
ka-f.fontawesome.com
maxcdn.bootstrapcdn.com
my.rtmark.net
nigeria-independence.online
owo-owo.vip
r.line-me.vip
toonoost.net
truncated
uwoaptee.com
voonogoa.net
www.google-analytics.com
www.googletagmanager.com
youth-empowerments.ethut.co
nigeria-independence.online
owo-owo.vip
r.line-me.vip
truncated
139.45.195.8
139.45.197.126
139.45.197.251
151.101.112.193
188.42.224.28
2606:4700:3037::ac43:a12f
2606:4700::6812:bcf
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:831::200e
66.45.250.213
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07ed5258cb4762d32124b9b8b8d71245e4f30c1198aab362e7115f5c2e4e19f9
18425b1249e9fbbd54a71c3d7b9af333ce824d8c61db6dc0536883cfa7f6041f
1a982c82df2d09c6629d76ae5c83bbf9719dfeff2bdda1e51d42a469555dd2f7
24913cd908d31a71a171eb8374ef8fee11a0e3f14e361608150334c19751c3fd
29aedc10931461e85740cc8b840ccbd9fd0704ae3d1b7d6db24c00b95ae4d5f4
2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91
366f699c986804a40093f7e2c0f2c48963504f1b5d6caf1dea51b7e6fe7b4a1d
4686de0383fb44017e623f042a4bd2fbcaab67b107dd678d7132a092b0f936d5
4b392d27dbb09781249eaa99538e3ad055cb96cf90ce0097561715b041e29700
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7cbcad4a39e8d4eccd4a1044646205f53d7e89f8f008dfebeb23604b7902a2
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
8b0f7e4742035413a0b8b913249825f7d21df6270e9444590f7680f40400edb3
8c8cfa3daadd00a4d20637c240939c3ef66344572448e79e22195661fb0db8a8
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
9761e420af3328d27d24e7ea50ebe0b50d23f5c64d4ebd2dbadb07e809961e22
9fa466bd67a944db8255c9b3289faa88a37e1d5ce3cb3a161a8cd938624b2d48
a5915f186108be78f89d1682bc7b06a1938dfec88712cd18622b19b289403457
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
bc9a76ee81293f64eef2a70c6f195c9508c91f6ecf007da6361aa8e1fb55cf1b
c2bc9b921ec022706cf67e3d319d79c5787b2342e4c64d10fa2324f2366ca127
d4b1b95544a98a46c0b587e7c321de6fb660675195cb5de21b2e31d355ed057a
e2510964c1e902cb23352128bac09d69f9a277d9d5b3fcdd30395a9696cc4480
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94a2e599af3383db4e702b6813463319e93a14afdf1c442f9876f45c497a8a2
f47775cd654d893a389a12715a6e9b87fa7d09ddf7e6a14b417f61bbd210dbe6
f547144b00ff16c992f5905ad2b84270622bab176f8d0aa0f21ce62226fa3970
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7dbe04e16316a3cf61122d193e4519601e62d66eb350124b5c9a1aa18699da9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

youth-empowerments.ethut.co Open in urlscan Pro 66.45.250.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

45 Requests

91 %HTTPS

57 %IPv6

17 Domains

18 Subdomains

15 IPs

2 Countries

1230 kBTransfer

1804 kBSize

6 Cookies

0 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

youth-empowerments.ethut.co Open in urlscan Pro
66.45.250.213 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

91 %
HTTPS

57 %
IPv6

17
Domains

18
Subdomains

15
IPs

2
Countries

1230 kB
Transfer

1804 kB
Size

6
Cookies

45 HTTP transactions
2 data transactions