urlscan.io logo urlscan.io
SecurityTrails logo

ifruimp6o0.youturbe.biz Open in urlscan Pro
104.21.70.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://7nunu.go-abroad.pl/
Effective URL: https://ifruimp6o0.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106
Submission: On January 11 via manual from ID — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 9 domains to perform 15 HTTP transactions. The main IP is 104.21.70.36, located in and belongs to CLOUDFLARENET, US. The main domain is ifruimp6o0.youturbe.biz.
TLS certificate: Issued by GTS CA 1P5 on December 27th 2023. Valid for: 3 months.
This is the only time ifruimp6o0.youturbe.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.184.242 13335 (CLOUDFLAR...)
1 2 192.243.61.227 39572 (ADVANCEDH...)
1 1 13.213.242.46 16509 (AMAZON-02)
1 1 172.67.132.21 13335 (CLOUDFLAR...)
5 104.21.70.36 13335 (CLOUDFLAR...)
2 139.45.197.251 ()
1 139.45.195.8 ()
15 5
1    172.67.184.242 (United States)

ASN13335 (CLOUDFLARENET, US)
7nunu.go-abroad.pl
2    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
changesretirereality.com
1    13.213.242.46 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-242-46.ap-southeast-1.compute.amazonaws.com
fast.dope.autos
1    172.67.132.21 (United States)

ASN13335 (CLOUDFLARENET, US)
videok.biz
5    104.21.70.36 (None, )

ASN13335 (CLOUDFLARENET, US)
68797usbzp2hq4k863.youturbe.biz
youturbe.biz
ifruimp6o0.youturbe.biz
2    139.45.197.251 (None, )

ASN- ()
ddtvskish.com
1    139.45.195.8 (None, )

ASN- ()
my.rtmark.net
Apex Domain
Subdomains		 Transfer
5 youturbe.biz
68797usbzp2hq4k863.youturbe.biz
youturbe.biz — Cisco Umbrella Rank: 152653
ifruimp6o0.youturbe.biz
32 KB
2 ddtvskish.com
ddtvskish.com
1 KB
2 changesretirereality.com
changesretirereality.com
4 KB
1 rtmark.net
my.rtmark.net
557 B
1 videok.biz
videok.biz — Cisco Umbrella Rank: 94738
676 B
1 dope.autos
fast.dope.autos — Cisco Umbrella Rank: 273753
614 B
1 go-abroad.pl
7nunu.go-abroad.pl
561 B
0 ikuwyz.com Failed
ikuwyz.com Failed
0 proftrafficcounter.com Failed
proftrafficcounter.com Failed
15 9
Domain Requested by
2 ddtvskish.com youturbe.biz
2 youturbe.biz 68797usbzp2hq4k863.youturbe.biz
ifruimp6o0.youturbe.biz
2 68797usbzp2hq4k863.youturbe.biz youturbe.biz
2 changesretirereality.com 1 redirects
1 ifruimp6o0.youturbe.biz 68797usbzp2hq4k863.youturbe.biz
youturbe.biz
1 my.rtmark.net youturbe.biz
1 videok.biz 1 redirects
1 fast.dope.autos 1 redirects
1 7nunu.go-abroad.pl 1 redirects
0 ikuwyz.com Failed 68797usbzp2hq4k863.youturbe.biz
0 proftrafficcounter.com Failed changesretirereality.com
15 11

This site contains no links.

Subject Issuer Validity Valid
changesretirereality.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
youturbe.biz
GTS CA 1P5		 2023-12-27 -
2024-03-26		 3 months crt.sh
ddtvskish.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ifruimp6o0.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106
Frame ID: 407F3ECFFD7CF9841D4A3B03C80E27A4
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play

Page URL History Show full URLs

  1. https://7nunu.go-abroad.pl/ HTTP 302
    https://changesretirereality.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06 Page URL
  2. https://changesretirereality.com/api/users?token=L2U1MXhtZmI5P2tleT02Y2YwYmY1Mzc3NGU1MmVjOWUzY2E5NDgwM2Y0OGIw... HTTP 302
    https://fast.dope.autos/c67ed2e9-7d1b-4abb-90e8-46edfc4d3c24?placement=17683209&browser=Chrome%20Mob... HTTP 302
    https://videok.biz/cyhml2k.php?key=28wjgkc2oseb5liq6vh4&c1=w6216644oqce7ecuioq61mdo&t1=17683209 HTTP 302
    https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106 Page URL
  3. https://ifruimp6o0.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106 Page URL

Page Statistics

15
Requests

60 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

5
IPs

3
Countries

37 kB
Transfer

83 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://7nunu.go-abroad.pl/ HTTP 302
    https://changesretirereality.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06 Page URL
  2. https://changesretirereality.com/api/users?token=L2U1MXhtZmI5P2tleT02Y2YwYmY1Mzc3NGU1MmVjOWUzY2E5NDgwM2Y0OGIwNiZwc3Q9MTcwNDk1MzE2OSZybXRjPXQmc2h1PWNiMTA2Y2EyNmM4ZTg0M2E0OTVlMGQ3MWZiMmRmYzI2NzdjN2JlYmU2NDFjNmNhOWU0YTA3NjljMWE4NTAxODZkYzIyZjM4MDhhNWJmNjdmODQ0NWI2NzAxZjE4NDQ0NTM1ZWRiNDljZGNiY2Y3ZGNhNmJhZGY1ZTgwZmU2MTE1ZjYxNzYwODZhYjJlNjEwZTAwODhjMGE3MDE1MGQ5YmJmY2M1MmI5NDA1NjY2YTBlYmU0MzZhMWRkNmFhNjU%3D&uuid=&pii=&in=false HTTP 302
    https://fast.dope.autos/c67ed2e9-7d1b-4abb-90e8-46edfc4d3c24?placement=17683209&browser=Chrome%20Mobile&bannerid=2702933&os=Android&country=Singapore&region=Singapore&isp=StarHub&useragent=Mozilla%2F5.0%20%28Linux%3B%20Android%2011%3B%20SM-A102U%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.131%20Mobile%20Safari%2F537.36&language=6&trafID=3&subid=32733f541f4c81f8012ae831fd51166b HTTP 302
    https://videok.biz/cyhml2k.php?key=28wjgkc2oseb5liq6vh4&c1=w6216644oqce7ecuioq61mdo&t1=17683209 HTTP 302
    https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106 Page URL
  3. https://ifruimp6o0.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://7nunu.go-abroad.pl/ HTTP 302
  • https://changesretirereality.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06
Request Chain 2
  • https://changesretirereality.com/api/users?token=L2U1MXhtZmI5P2tleT02Y2YwYmY1Mzc3NGU1MmVjOWUzY2E5NDgwM2Y0OGIwNiZwc3Q9MTcwNDk1MzE2OSZybXRjPXQmc2h1PWNiMTA2Y2EyNmM4ZTg0M2E0OTVlMGQ3MWZiMmRmYzI2NzdjN2JlYmU2NDFjNmNhOWU0YTA3NjljMWE4NTAxODZkYzIyZjM4MDhhNWJmNjdmODQ0NWI2NzAxZjE4NDQ0NTM1ZWRiNDljZGNiY2Y3ZGNhNmJhZGY1ZTgwZmU2MTE1ZjYxNzYwODZhYjJlNjEwZTAwODhjMGE3MDE1MGQ5YmJmY2M1MmI5NDA1NjY2YTBlYmU0MzZhMWRkNmFhNjU%3D&uuid=&pii=&in=false HTTP 302
  • https://fast.dope.autos/c67ed2e9-7d1b-4abb-90e8-46edfc4d3c24?placement=17683209&browser=Chrome%20Mobile&bannerid=2702933&os=Android&country=Singapore&region=Singapore&isp=StarHub&useragent=Mozilla%2F5.0%20%28Linux%3B%20Android%2011%3B%20SM-A102U%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.131%20Mobile%20Safari%2F537.36&language=6&trafID=3&subid=32733f541f4c81f8012ae831fd51166b HTTP 302
  • https://videok.biz/cyhml2k.php?key=28wjgkc2oseb5liq6vh4&c1=w6216644oqce7ecuioq61mdo&t1=17683209 HTTP 302
  • https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
e51xmfb9
changesretirereality.com/
Redirect Chain
  • https://7nunu.go-abroad.pl/
  • https://changesretirereality.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://changesretirereality.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
54814cfa5288690c011c697e9f7463cb8a2c2cf0adeac0c9304579ea061b053a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
zh-SG,zh;q=0.9
referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 11 Jan 2024 06:05:09 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.21.6
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
X-Request-ID
f6c5f93c28170853f72763eac4b3dd2f

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
843af75abc15a12f-SIN
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 06:05:07 GMT
location
https://changesretirereality.com/e51xmfb9?key=6cf0bf53774e52ec9e3ca94803f48b06
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbnMFmX7On6np8fFAjVFKf3%2BrN7z%2F7Yd0oKtXwWfdsHcWMej5q3p%2FBZ27IRfEGOV%2B5yYAkzJg0LhTWoUxPuCDi%2BiG4ZfYjiSFcyGxuC5xQlqLMbVA%2BEs4%2Bj8U9aGhy02Yo9KvlE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
stats
proftrafficcounter.com/ 		0
0
/
68797usbzp2hq4k863.youturbe.biz/
Redirect Chain
  • https://changesretirereality.com/api/users?token=L2U1MXhtZmI5P2tleT02Y2YwYmY1Mzc3NGU1MmVjOWUzY2E5NDgwM2Y0OGIwNiZwc3Q9MTcwNDk1MzE2OSZybXRjPXQmc2h1PWNiMTA2Y2EyNmM4ZTg0M2E0OTVlMGQ3MWZiMmRmYzI2NzdjN2Jl...
  • https://fast.dope.autos/c67ed2e9-7d1b-4abb-90e8-46edfc4d3c24?placement=17683209&browser=Chrome%20Mobile&bannerid=2702933&os=Android&country=Singapore&region=Singapore&isp=StarHub&useragent=Mozilla%...
  • https://videok.biz/cyhml2k.php?key=28wjgkc2oseb5liq6vh4&c1=w6216644oqce7ecuioq61mdo&t1=17683209
  • https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2acbee06a524bad2b4ee5e81accdc435ff7bc40194caa063fceb88ca34da616

Request headers

Referer
https://changesretirereality.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
zh-SG,zh;q=0.9
referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
843af77a6bab40f0-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 06:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOtvBjdzbuJRSc95vFpSAmNCcNuuL4kvTDPjWHwHVFqZsVANUHwIBO3TscBVTIRff8V8a8YOjtcP3PebEMVETAFEUssDd0FiyYM0Sn2UINclWuRUMDJPVJRMDIPB%2BUpyZ5SFtl1CBjAJjfMNxKiVW7Jy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
843af7721e303e1e-SIN
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 06:05:11 GMT
location
https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGMLHGw54YFe9mevyreHE2%2BBuy4JZe5Pq0DaaLTvhuc1qBUEQ2HYMn1JIuf%2Fz1UFxwTog2s7JJJM7nYTaHAGQqcqcD9OrNWllL0uRtOi7EcIG4ktCXOXf%2FmBaKJf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
micro.tag.min.js
youturbe.biz/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youturbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=68797usbzp2hq4k863&var=2106&sw=/sw-check-permissions-local-5137789.js
Requested by
Host: 68797usbzp2hq4k863.youturbe.biz
URL: https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:05:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 31 Jul 2023 21:58:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64c82e80-689b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVpN%2BCDguYKGvYHzd0BsrxN5lRknr6ecJkYNnhaS3gzw4oUgksw2Cc75Eohg0ogxX%2BBNEIfNCzFCnL%2Fd8JOYtKBQLgd7pGj9S0VHQ42Fx9x8%2F69ULOe34f0nAseQhUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
843af77b8d1140f0-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
sw-check-permissions-local-5137789.js
68797usbzp2hq4k863.youturbe.biz/ 		0
626 B 		Other
General
Check archive.org
Download Go to
Full URL
https://68797usbzp2hq4k863.youturbe.biz/sw-check-permissions-local-5137789.js?var=2106&ymid=68797usbzp2hq4k863
Requested by
Host: youturbe.biz
URL: https://youturbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=68797usbzp2hq4k863&var=2106&sw=/sw-check-permissions-local-5137789.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:05:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Jul 2022 16:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62d03f40-21f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BSWeIQ%2Fsc4bEj96VkHQRtN%2BWjM0%2B%2Fv3ez6ZQUfIfVJLC5TKaitunaDVWfgZDOUPCueglAvWbZw%2B4vJGriknn%2FiyiKEIKuNz4uly5ugv%2F1joz%2BRZlyd7MW8CrK%2F6%2Ff1QJwYBzlnEjjgNvehB5hKcXth%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
843af77c9e6440f0-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
zone
ddtvskish.com/ 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=true&domain=68797usbzp2hq4k863.youturbe.biz&var=2106&ymid=68797usbzp2hq4k863&var_3=&var_4=&dsig=&action=prerequest
Requested by
Host: youturbe.biz
URL: https://youturbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=68797usbzp2hq4k863&var=2106&sw=/sw-check-permissions-local-5137789.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-trace-id
43d405d11f145fb8c19c2522cbde0dba
date
Thu, 11 Jan 2024 06:05:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://68797usbzp2hq4k863.youturbe.biz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
gid.js
my.rtmark.net/ 		65 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=68797usbzp2hq4k863&var=2106
Requested by
Host: youturbe.biz
URL: https://youturbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=68797usbzp2hq4k863&var=2106&sw=/sw-check-permissions-local-5137789.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d383863e8923ac923180290ceea093f528e30a2ed37bc736e21ab6111c6aae56
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:05:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://68797usbzp2hq4k863.youturbe.biz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
ddtvskish.com/ 		911 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=true&domain=68797usbzp2hq4k863.youturbe.biz&var=2106&ymid=68797usbzp2hq4k863&var_3=&var_4=&dsig=&action=settings
Requested by
Host: youturbe.biz
URL: https://youturbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=68797usbzp2hq4k863&var=2106&sw=/sw-check-permissions-local-5137789.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-trace-id
f6bcf4c39df6da9d4aa739b102392d7e
date
Thu, 11 Jan 2024 06:05:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://68797usbzp2hq4k863.youturbe.biz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
911
InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs
ikuwyz.com/gosl/ 		0
0
Primary Request /
ifruimp6o0.youturbe.biz/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ifruimp6o0.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106
Requested by
Host: 68797usbzp2hq4k863.youturbe.biz
URL: https://68797usbzp2hq4k863.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106&gg=2106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd85e13ad6296c33072862e667a4dfd19ab75bc232984b232b471ef1986026c

Request headers

Referer
https://68797usbzp2hq4k863.youturbe.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
zh-SG,zh;q=0.9
referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
843af7817c8340f0-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 06:05:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZidq4Kd%2Bn9IjT%2F5fqfhuZCUWbo%2F%2FRSCbsSjA1GAz8vHW0K62D9yaXC%2BMuMrBGstun%2FANq4tTSq7cHybhwDeRZnHJrstHqZ0LYMuVk%2Bhus2zoTCNnjyrulsx8Q3%2BirYfGpyYaJlw%2FWhPuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
micro.tag.min.js
youturbe.biz/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youturbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=68797usbzp2hq4k863&var=2106&sw=/sw-check-permissions-local-5137789.js
Requested by
Host: ifruimp6o0.youturbe.biz
URL: https://ifruimp6o0.youturbe.biz/?cnv_id=68797usbzp2hq4k863&sourceid=2106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://7nunu.go-abroad.pl/&ved=2ahUKEwiwnsiH1dSDAxWwSGwGHVSIC2c4FBAWegQIBhAB&usg=AOvVaw0VpH8Mc1_v14sCBbMT2WRN
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-A102U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:05:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 31 Jul 2023 21:58:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2
etag
W/"64c82e80-689b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKJ6sDJd6qa1nOpAoeV6rBhbuYiix1gyEf%2BAT58Af2MndEacCfG2wxz7yiU%2BNnY9WzSKEnPBfq4GN9WX8YYJ2tVOnDZXsYqgDpGhNQuWGcXAnYc8ZZuIzZiwQgfE2TQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
843af7827da140f0-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
sw-check-permissions-local-5137789.js
ifruimp6o0.youturbe.biz/ 		0
0
zone
ddtvskish.com/ 		0
0
gid.js
my.rtmark.net/ 		0
0
zone
ddtvskish.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
proftrafficcounter.com
URL
https://proftrafficcounter.com/stats
Domain
ikuwyz.com
URL
https://ikuwyz.com/gosl/InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs?si1=2106&click_id=68797usbzp2hq4k863
Domain
ifruimp6o0.youturbe.biz
URL
https://ifruimp6o0.youturbe.biz/sw-check-permissions-local-5137789.js?var=2106&ymid=68797usbzp2hq4k863
Domain
ddtvskish.com
URL
https://ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=true&domain=ifruimp6o0.youturbe.biz&var=2106&ymid=68797usbzp2hq4k863&var_3=&var_4=&dsig=&action=prerequest
Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=68797usbzp2hq4k863&var=2106
Domain
ddtvskish.com
URL
https://ddtvskish.com/zone?&pub=0&zone_id=5137789&is_mobile=true&domain=ifruimp6o0.youturbe.biz&var=2106&ymid=68797usbzp2hq4k863&var_3=&var_4=&dsig=&action=settings

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| launchpopLink function| launchpopLink2 object| url string| pci string| ppi string| cmp string| dom object| s function| redirect function| subDomain object| zfgformats

12 Cookies

Domain/Path Name / Value
changesretirereality.com/api Name: iprc60c0f265d273a86ac282ea0b8d39c5b3
Value: 4858224
changesretirereality.com/api Name: pdhtkv
Value: true
changesretirereality.com/api Name: uncs
Value: 1
changesretirereality.com/api Name: pdhtkv28
Value: true
changesretirereality.com/api Name: uncs28
Value: 1
changesretirereality.com/ Name: u_pl
Value: 17683209
changesretirereality.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY4MzIwOSwiayI6IjZjZjBiZjUzNzc0ZTUyZWM5ZTNjYTk0ODAzZjQ4YjA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTg2NTY1LCJwaWQiOjU0MjY1MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJlNTF4bWZiOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3ODgyMjM1NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiR2FsYXh5IEExMGUiLCJ2IjoiU2Ftc3VuZyIsIm0iOiJTTS1BMTAyVSIsImYiOjMsImZuIjoiU21hcnRQaG9uZSIsIm9pZCI6MTAyNzU3LCJvbiI6IkFuZHJvaWQiLCJvdiI6IjExLjAiLCJiaWQiOjExMjQ0NSwiYm4iOiJDaHJvbWUgTW9iaWxlIiwiYnYiOiI5MiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE5MSwiYyI6IlNHIiwibiI6IlNpbmdhcG9yZSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IlN0YXJIdWIifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIiLCJhciI6W119fQ.bkj0VF9ilghif-1KsFuXQdyZTRJCeO-lQlAAr_YlKv0
changesretirereality.com/ Name: cjs
Value: t
.fast.dope.autos/ Name: c67ed2e9-7d1b-4abb-90e8-46edfc4d3c24-v4
Value: M20pH0ZZclibsh_vmN0uLP9oZ1mZgxdYnlM6rZV0CAw
.fast.dope.autos/ Name: cc-v4
Value: Xy91Y%2FvSIZfi90Gzkx%2B04y3u2ecSHbbxuNMomoMIe%2FHKV6oBUyo5sz1%2F7BOVsOh%2Fco9CJ0Cs1lsO0HkflpK2JbfM8%2Bk0uBWrgTLTEjO8QB%2BhXL6YzesnWaMaw7pJEuF1mK4P8hia7zrD72ajc0RmQw%3D%3D
videok.biz/ Name: uclick
Value: usbzp2hq4k
videok.biz/ Name: uclickhash
Value: usbzp2hq4k-usbzp2hq4k-7va6-4kxs-rnwh-qda4vr-qda4i4-0ccb38

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubdomains