cool.sceroeder.cyou Open in urlscan Pro
5.104.107.248  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://balsunut.com/hyftgkihloultzd Page URL
2. https://cool.sceroeder.cyou/s/14534492ea333 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	hyftgkihloultzd Show response balsunut.com/	7 KB 4 KB	711ms 396ms	Document text/html	94.159.97.133 H2NEXUS-AS H2NEXU...
General Check archive.org Show headers Download Go to Full URL https://balsunut.com/hyftgkihloultzd Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.159.97.133 , Russian Federation, ASN215730 (H2NEXUS-AS H2NEXUS LTD, GB), Reverse DNS 80338.h2.nexus Software openresty / PHP/7.2.30 Resource Hash 974442edcd8821a251a93f83c56a1e048d971ba2de820625f26b17a82475acbb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 31 Dec 2024 19:49:12 GMT Server openresty Transfer-Encoding chunked X-Powered-By PHP/7.2.30
GET H/1.1	404 Not Found	favicon.ico balsunut.com/	552 B 363 B	346ms 345ms	Other text/html	94.159.97.133 H2NEXUS-AS H2NEXU...
General Check archive.org Show headers Download Go to Full URL https://balsunut.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.159.97.133 , Russian Federation, ASN215730 (H2NEXUS-AS H2NEXUS LTD, GB), Reverse DNS 80338.h2.nexus Software openresty / Resource Hash a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://balsunut.com/hyftgkihloultzd Response headers Transfer-Encoding chunked Content-Encoding gzip Date Tue, 31 Dec 2024 19:49:12 GMT Content-Type text/html Server openresty Connection keep-alive
GET H2	200	Primary Request 14534492ea333 Show response cool.sceroeder.cyou/s/	43 KB 18 KB	314ms 51ms	Document text/html	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://cool.sceroeder.cyou/s/14534492ea333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash bbf8a5850da49a008f369a0cfda52fc7b0db349a8ae6371c0246304f79587a41 Request headers Referer https://balsunut.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control must-revalidate, no-cache, no-store, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 31 Dec 2024 19:49:14 GMT expires 0 pragma no-cache server openresty vary Accept-Encoding
GET H2	200	style.css cool.sceroeder.cyou/bundle/661/assets/css/	4 KB 2 KB	16ms 15ms	Stylesheet text/css	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://cool.sceroeder.cyou/bundle/661/assets/css/style.css Requested by Host: cool.sceroeder.cyou URL: https://cool.sceroeder.cyou/s/14534492ea333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash a3e1d11d146734d54df28aa07659dc9a477153a987ca7fa5c6672fda8bc6ab39 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cool.sceroeder.cyou/s/14534492ea333 Response headers cache-control max-age=2592000 content-encoding gzip etag W/"62b3385d-1140" expires Thu, 30 Jan 2025 19:49:14 GMT date Tue, 31 Dec 2024 19:49:14 GMT content-type text/css vary Accept-Encoding server openresty last-modified Wed, 22 Jun 2022 15:42:21 GMT
GET H2	200	functions.js Show response cool.sceroeder.cyou/bundle/661/assets/js/	85 KB 33 KB	19ms 19ms	Script application/javascript	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://cool.sceroeder.cyou/bundle/661/assets/js/functions.js Requested by Host: cool.sceroeder.cyou URL: https://cool.sceroeder.cyou/s/14534492ea333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash ed6d19786075ea95f4ff2239adac627ef482e8fee0a0333a926b799feb70010e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cool.sceroeder.cyou/s/14534492ea333 Response headers cache-control max-age=2592000 content-encoding gzip etag W/"62b3385e-15492" expires Thu, 30 Jan 2025 19:49:14 GMT date Tue, 31 Dec 2024 19:49:14 GMT content-type application/javascript vary Accept-Encoding server openresty last-modified Wed, 22 Jun 2022 15:42:22 GMT
GET H2	200	1_web.mp4 cool.sceroeder.cyou/bundle/661/assets/images/	651 KB 652 KB	15ms 15ms	Media video/mp4	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://cool.sceroeder.cyou/bundle/661/assets/images/1_web.mp4 Requested by Host: cool.sceroeder.cyou URL: https://cool.sceroeder.cyou/s/14534492ea333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash 8d5fc3a1be12083adc257df88fff8be0c26fd20f4798be9fac199115ab5fbc7d Request headers Referer https://cool.sceroeder.cyou/s/14534492ea333 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=2592000 etag "62b3385e-a2bbb" expires Thu, 30 Jan 2025 19:49:14 GMT content-length 666555 date Tue, 31 Dec 2024 19:49:14 GMT content-type video/mp4 last-modified Wed, 22 Jun 2022 15:42:22 GMT server openresty
GET H2	404	vid_1.jpg cool.sceroeder.cyou/bundle/661/assets/images/	54 B 54 B	43ms 42ms	Image text/html	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Show image Full URL https://cool.sceroeder.cyou/bundle/661/assets/images/vid_1.jpg Requested by Host: cool.sceroeder.cyou URL: https://cool.sceroeder.cyou/bundle/661/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash d82ff7070947e5002d6babcc5928c55a36218fd1b19b519e22038dc2c46191d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cool.sceroeder.cyou/bundle/661/assets/css/style.css Response headers content-encoding gzip date Tue, 31 Dec 2024 19:49:14 GMT content-type text/html vary Accept-Encoding server openresty
GET H2	200	1_mob.mp4 cool.sceroeder.cyou/bundle/661/assets/images/	645 KB 645 KB	38ms 37ms	Media video/mp4	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://cool.sceroeder.cyou/bundle/661/assets/images/1_mob.mp4 Requested by Host: cool.sceroeder.cyou URL: https://cool.sceroeder.cyou/s/14534492ea333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash 78961ad8e363f03c9974b56aabaa3071dc1520ba92daf3189838a7051217d03b Request headers Referer https://cool.sceroeder.cyou/s/14534492ea333 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=2592000 etag "62b3385e-a123d" expires Thu, 30 Jan 2025 19:49:14 GMT content-length 660029 date Tue, 31 Dec 2024 19:49:14 GMT content-type video/mp4 last-modified Wed, 22 Jun 2022 15:42:22 GMT server openresty
GET H2	200	favicon.png cool.sceroeder.cyou/bundle/661/assets/images/	2 KB 3 KB	14ms 14ms	Other image/png	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://cool.sceroeder.cyou/bundle/661/assets/images/favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash 124e81555c7b35e5a1177252c407def5d4a8a322473b255c97d491519290fee9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cool.sceroeder.cyou/s/14534492ea333 Response headers cache-control max-age=2592000 etag "62b3385e-9df" expires Thu, 30 Jan 2025 19:49:14 GMT content-length 2527 date Tue, 31 Dec 2024 19:49:14 GMT content-type image/png last-modified Wed, 22 Jun 2022 15:42:22 GMT server openresty

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sendTrack function| Fingerprint2 function| fingerprintGo function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sceroeder.cyou/	1970-01-21 02:09:20	Name: s Value: JtNVLw9r68eVUDKQNVJnI0ngM4Cxb1SHxzJQgMZgBUQkcerNTRNMqnvwK71XKNMQMbh06PrWBKOb46qnCqt8%2FiB%2BLvanHqJb%2FRS476rKBcacmtytzKRn1MOvWNBoEUFd2XKo1E7cUDaI65AqDsrWVFdt%2BQmCI5azv%2FHsArFh%2F%2FlYEJ3aZW3lho4nc9u1EAiSieuvZaROTsrcdT3lvOsU1fBTrMmZLFc4QsHoeK5Zp6U%2BKiUWM1JiwmjfrI6vHfXelfLm3c%2BbXVP8W%2BMpMXTxbG73BLoWUn7ImU1VW73DUvVL95e6%2FOVuh2o1jIIn2NpkztGPkM5B%2FVIDL4xW2wy9evnloQ5HDEznB%2FOINkVpPxVMkcD4W6wLSKyZif2uLZPBFC3%2FMNlF967%2F1LWBYrGZrHJL1jWQIV0FHeobntuf9OZ4t%2B%2FpJUxHmTn3lnxMGXzj7msgY%2BojiC%2FFxqBh7%2F74%2B8jqd%2FFocaPAqNSPSE9Ez8PHdqwWEzXL%2BPXtBmsX107djsjX6z80%2BWu7uAcY9Ny6az5XPpYk%2Fa7ymZKmXDezQAnn%2FAtUHYpEKeQ1yBE9b7EKquMGwLEX5Mle88NYsN8WwRUCU6B2Z69xLYHPwawhdCt1h03632eYjVkR1Uj7%2B6w1SAHjXG2qudJJy5kZIbDN9FuJ6DPzBt%2BrNONeV3mhVaPbn1MMP5eBlzm8DH2CTpHZfWgaf2x7Y%2FdjOQ%2Fj9oKXvJoFMV2NNQiAVPwrst7zZIn8duKs69%2BllSI6Gs6h%2B4V5JBtA7FNMQKMeA0tpuR7DRexGG5IYOGS37CXPRg6aGIbEXfgaKUpur%2FL96VebhwBfAWOJ3K2a3ssqR7XWlqT%2FuqOYlGtXry8iOZKuflSCq3gkuW0V%2B841Ip8qvOR6LgqnQKaX5wPjpk6F8W4FluP%2Bhy5UNlPny3%2BLBD%2Fo2BzxkQOLUVDHv2Vkpz0uVqIThAEovK0J0uNVCwoE%2BGZQZ2ea7RNnFwh6jyBEv6kcwLZQQXXQ%2BijmFRLRJs4pGNEgBojSVWKHDoTPDrI0HCwoyIS1mhWrjMd%2FQ1ClLieRj23jQ2pp1lZTiM6JlTKLnj4XNihM0W64tc5p7hygf006AFU3bYqFd4ogD29uF1xQPZAb8SBkgdIcCHgNv%2BlO4IjS4HdOMZ3dT3AFCxRioGIWtSiyk1tvDs05akru52JMbqcUILcdmHYakxPtn1kmLPbNeDqlMirXizx%2BUvem9HnD6F3zSNBAk2PY83XNO6J8t5H5eNKjgc4fVHbq1XV8X5CyPMCwtTg1yucZnniVx2CKewKhs%2B1VHvBg1VhMvk0YMXEv8IsvPJ8ZyGCryDlMWUtIwl3R2yZ%2Fsj%2BWfJrjNte6zgQlZ09God400PI9JuC5GZzG5U4uinxPj4%2F16MSO42KNpi55gnULM88UNHqekAPF0tjzFA05z1jD575b8hsQY0U%2B2xCcB3VF815ZYEZz%2Fst7B8J%2FKLmZwECOtnzpxDzt1X9KeiHdbB%2BGCYT1haYqBZVZiDnzpbuf1I6V6jE4ylo87GlR8HQaC5QeIXbZ%2BgHj6dO%2F%2B1nYMfYVmY2fR6MomtJJ4y29kr34xFm06m%2Fcf0BCZPkUSBMooKJB5DZTWE%2BOpXJZogDghLBFuWnFE68fU3eGqk97sVmrY4tQIT9emNuFLNhXuQ%2F3JALdkvOtLEt3WXujU1tuVWAJoNzJpESbmSG7a8F%2BsVLUuXtGNoOeX4tLES4Ec4bTKzpWHz0PaUXpnoCXBCTf3GFJEIMAPSNmSjbTstDWyRvpJQJmoKqHvWGop%2FXJP%2FT6OY7RdMA59rBsM2SpWhmaL70zWdRtUXjE5vHsDo3mvRVPQLfbZr97QaCZ8jGUSLU7l7iPnDSFOrC2C2%2BdVfj1XsNQurnl

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://balsunut.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://cool.sceroeder.cyou/s/14534492ea333(Line 6) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
network	error	URL: https://cool.sceroeder.cyou/bundle/661/assets/images/vid_1.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balsunut.com
cool.sceroeder.cyou
5.104.107.248
94.159.97.133
124e81555c7b35e5a1177252c407def5d4a8a322473b255c97d491519290fee9
78961ad8e363f03c9974b56aabaa3071dc1520ba92daf3189838a7051217d03b
8d5fc3a1be12083adc257df88fff8be0c26fd20f4798be9fac199115ab5fbc7d
974442edcd8821a251a93f83c56a1e048d971ba2de820625f26b17a82475acbb
a3e1d11d146734d54df28aa07659dc9a477153a987ca7fa5c6672fda8bc6ab39
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
bbf8a5850da49a008f369a0cfda52fc7b0db349a8ae6371c0246304f79587a41
d82ff7070947e5002d6babcc5928c55a36218fd1b19b519e22038dc2c46191d4
ed6d19786075ea95f4ff2239adac627ef482e8fee0a0333a926b799feb70010e