Submitted URL: http://altura-photo.canonflashes.us/
Effective URL: https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome...
Submission: On December 24 via api from US — Scanned from US

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 213.202.223.82, located in Germany and belongs to MYLOC-AS WIIT AG, DE. The main domain is secrity2yellowline.com.
TLS certificate: Issued by E6 on November 17th 2024. Valid for: 3 months.
This is the only time secrity2yellowline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.212.217 133618 (TRELLIAN-...)
1 4 103.224.182.206 133618 (TRELLIAN-...)
5 213.202.223.82 24961 (MYLOC-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains
Transfer
5 secrity2yellowline.com
secrity2yellowline.com
25 KB
4 ucureo.com
ucureo.com
4 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370
25 KB
1 canonflashes.us
altura-photo.canonflashes.us
2 KB
9 4
Domain Requested by
5 secrity2yellowline.com ucureo.com
secrity2yellowline.com
4 ucureo.com 1 redirects ucureo.com
1 stackpath.bootstrapcdn.com secrity2yellowline.com
1 altura-photo.canonflashes.us 1 redirects
9 4

This site contains no links.

Subject Issuer Validity Valid
consumerxardaccess.com
R10
2024-12-23 -
2025-03-23
3 months crt.sh
secrity2yellowline.com
E6
2024-11-17 -
2025-02-15
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
Frame ID: 674490ED57202AEDB24CA44C8A76DEC8
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

TotalAV - Protect Your Android

Page URL History Show full URLs

  1. http://altura-photo.canonflashes.us/ HTTP 307
    https://altura-photo.canonflashes.us/ HTTP 302
    http://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU... HTTP 307
    https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU... Page URL
  2. https://ucureo.com/r.php?u=https%3A%2F%2Fsecrity2yellowline.com%2Fclick%3Fkey%3D30dcb85d7b6aa7b... HTTP 302
    https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.non... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

9
Requests

67 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

53 kB
Transfer

188 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://altura-photo.canonflashes.us/ HTTP 307
    https://altura-photo.canonflashes.us/ HTTP 302
    http://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D HTTP 307
    https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D Page URL
  2. https://ucureo.com/r.php?u=https%3A%2F%2Fsecrity2yellowline.com%2Fclick%3Fkey%3D30dcb85d7b6aa7b5b4e5%26cpv%3D0.019%26sub%3D1126151802%26kw%3D.us.01.mobile.nonadult.android.chrome%26sid%3D202412242023049080e79d096697fe6a&s=j&enc=9%2B%2B0y3z%2BJAiQgnuHsCoGw349fm9EV0VqakVWWnZEc0ZjUHhvRXh1NmJZV3Y3Wm8rNzAyeDd3SUJMQWRGUmlxSXcvQjBvVytjWmt0UEg5NGttMkJTMUdiY1l1KzNlSWNtREdKV05TWmFZbjViODdjU2pEeURWN2RFZi9NOXByRnB6YUNBRFlNM1ZERDgvYjJMS2FXWGVXNFk5SXI3R1JESm93YkZtWFRDTEduNFJHMmlRRFFCbmZYUkFXVk5oc1RUeGQrbmFtYzVCZFBTdTMwb1BSRThKSlZJSkVuY3ZvUWRiTWpzRVBNVGFRelNxdll2Z2N6c0tCeVIyUW5PczVycXJBYUhWeld6SGJkWlk2ZVJVaWs3ZjkyZ1hmSHNrNllTRGVmRVVqSkNxb3ltUW1LTkN2elpDWTZ5bWIxUXdMUmF3eWV2d0JYVkhjcnorREpIcmxyQndnWDlNUVR1RnBBclc4OUJvUjZBdnBKcXVHdm1jRW9LSE1NMHFmakdIQk9hSU44NHNVb3BuMEZJS3ZMUlNsLzZpRllWWUVwUDk3dnlySEc5UDRpNEMrUUdITXhvdVFMbXF1TGd3UDJzeWZWaytCUUhMa3JXaFpKRHhMQTU3SkpLbWRtdUVmbHplZkZzb25YZ3hSeVVNT0dudFE1MitrSnp5YWdqRFYwZFVFYkk2TTA5cmx3TFVQVlRlOTZGQ0RLTXg5VitPaHE5ZUcxa1FIa2RHSFIwUGQzcDJWWnNRZVFnUWcyc051V05BUExMZ3hKQlp5b01rRkJiV2s3L2R0NGVSVXlzNFVPcmdUM2x3Q2ltdW5KMlFXdmY2S291QVNOTnZ4c2g3Q2ZoSTMzTmtHYlJHTHlRVTZ6d3RoMUZEUVhOdldYbkpjcm01WHIyU3AvcExZanp2clhicllaUG1mOHNDWUc3T00vemt1d0dtK3R3WTdnYStlQUZ4TmdEcEk1bEhzeEFLRTN4cXl0NXNTZVRHRmE0RDVFdlY2bVVpZUNkNHpuUUVTaXgyeHZYemhIM3hUcXdtYjkwVTVQcEdWUGhSVWJPSGo3TlhIK2NBZ05vamdxVzd6VzdVUSs4WGpMT0p6M0g3M2pVWGhrM1VTZURuVkpVZUl1Zm1QRVZpazVHUnl4Q3J2cjNVUGJoRFdPMmtEMDc2dnY4U0dYVE9FQWJGWFVPVEZRSUx6YnpEVnc4bHlVSDdYV0FTMGZndWxjNDVObXQ3S1R2MUYvOUZFbFFWb0xScU5pSkFXQnhNWUxYRzVMcTc0Tk1PaGlkWFZzSk5YSC9vSWlYb1pDc05VQUVBaUxLdUkxVHRnYUZySlgrNEpqaWU4UnA3Y2lyNHZqQ2oxMEN0QUlMcXlxWS9lV29GVkx1Y09FWjlLTE1jRlpBNGZHZ1VXd0NOaUUyaURIYU81akhWckpWQ0tXK3o2cE1YUHhFVkd1V1ZSZjZDYlczVFBuZkJQZzJWMW1uZ2YvNDFKdmdSbkZOR0RLRDk2SVpTQW16Zm95bFF5dU10Wm1leFpZQitQUElYZG5BYnpYY1paWUVmK2pDMDI3WnZCSw%3D%3D&vs=1600:1200&ds=1600:1200&sl=20:20&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1 HTTP 302
    https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://altura-photo.canonflashes.us/ HTTP 307
  • https://altura-photo.canonflashes.us/ HTTP 302
  • http://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D HTTP 307
  • https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
xr.php
ucureo.com/
Redirect Chain
  • http://altura-photo.canonflashes.us/
  • https://altura-photo.canonflashes.us/
  • http://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJ...
  • https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGd...
5 KB
3 KB
Document
General
Full URL
https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
5cfcbc394c8d631ef28ee893e3040a006992091464ec9960fb7e5f7da9619a73

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
2636
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 09:23:05 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D
Non-Authoritative-Reason
HttpsUpgrades
jscheck.php
ucureo.com/
0
150 B
XHR
General
Full URL
https://ucureo.com/jscheck.php?enc=9%2B%2B0y3z%2BJAiQgnuHsCoGw349fm9EV0VqakVWWnZEc0ZjUHhvRXh1NmJZV3Y3Wm8rNzAyeDd3SUJMQWRGUmlxSXcvQjBvVytjWmt0UEg5NGttMkJTMUdiY1l1KzNlSWNtREdKV05TWmFZbjViODdjU2pEeURWN2RFZi9NOXByRnB6YUNBRFlNM1ZERDgvYjJMS2FXWGVXNFk5SXI3R1JESm93YkZtWFRDTEduNFJHMmlRRFFCbmZYUkFXVk5oc1RUeGQrbmFtYzVCZFBTdTMwb1BSRThKSlZJSkVuY3ZvUWRiTWpzRVBNVGFRelNxdll2Z2N6c0tCeVIyUW5PczVycXJBYUhWeld6SGJkWlk2ZVJVaWs3ZjkyZ1hmSHNrNllTRGVmRVVqSkNxb3ltUW1LTkN2elpDWTZ5bWIxUXdMUmF3eWV2d0JYVkhjcnorREpIcmxyQndnWDlNUVR1RnBBclc4OUJvUjZBdnBKcXVHdm1jRW9LSE1NMHFmakdIQk9hSU44NHNVb3BuMEZJS3ZMUlNsLzZpRllWWUVwUDk3dnlySEc5UDRpNEMrUUdITXhvdVFMbXF1TGd3UDJzeWZWaytCUUhMa3JXaFpKRHhMQTU3SkpLbWRtdUVmbHplZkZzb25YZ3hSeVVNT0dudFE1MitrSnp5YWdqRFYwZFVFYkk2TTA5cmx3TFVQVlRlOTZGQ0RLTXg5VitPaHE5ZUcxa1FIa2RHSFIwUGQzcDJWWnNRZVFnUWcyc051V05BUExMZ3hKQlp5b01rRkJiV2s3L2R0NGVSVXlzNFVPcmdUM2x3Q2ltdW5KMlFXdmY2S291QVNOTnZ4c2g3Q2ZoSTMzTmtHYlJHTHlRVTZ6d3RoMUZEUVhOdldYbkpjcm01WHIyU3AvcExZanp2clhicllaUG1mOHNDWUc3T00vemt1d0dtK3R3WTdnYStlQUZ4TmdEcEk1bEhzeEFLRTN4cXl0NXNTZVRHRmE0RDVFdlY2bVVpZUNkNHpuUUVTaXgyeHZYemhIM3hUcXdtYjkwVTVQcEdWUGhSVWJPSGo3TlhIK2NBZ05vamdxVzd6VzdVUSs4WGpMT0p6M0g3M2pVWGhrM1VTZURuVkpVZUl1Zm1QRVZpazVHUnl4Q3J2cjNVUGJoRFdPMmtEMDc2dnY4U0dYVE9FQWJGWFVPVEZRSUx6YnpEVnc4bHlVSDdYV0FTMGZndWxjNDVObXQ3S1R2MUYvOUZFbFFWb0xScU5pSkFXQnhNWUxYRzVMcTc0Tk1PaGlkWFZzSk5YSC9vSWlYb1pDc05VQUVBaUxLdUkxVHRnYUZySlgrNEpqaWU4UnA3Y2lyNHZqQ2oxMEN0QUlMcXlxWS9lV29GVkx1Y09FWjlLTE1jRlpBNGZHZ1VXd0NOaUUyaURIYU81akhWckpWQ0tXK3o2cE1YUHhFVkd1V1ZSZjZDYlczVFBuZkJQZzJWMW1uZ2YvNDFKdmdSbkZOR0RLRDk2SVpTQW16Zm95bFF5dU10Wm1leFpZQitQUElYZG5BYnpYY1paWUVmK2pDMDI3WnZCSw%3D%3D&rand=0.8816036821234059&vs=1600:1200&ds=1600:1200&sl=20:20&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
Requested by
Host: ucureo.com
URL: https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D

Response headers

content-length
0
date
Tue, 24 Dec 2024 09:23:05 GMT
content-type
text/html; charset=UTF-8
server
Apache
connection
close
favicon.ico
ucureo.com/
94 B
170 B
Other
General
Full URL
https://ucureo.com/favicon.ico
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
/
Resource Hash
9221cfedfc5e03790f46c7890bca21fcc47c5788d89dab0aa0799c492b6ae78a

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D

Response headers

content-type
text/html
cache-control
no-cache
Primary Request click
secrity2yellowline.com/
Redirect Chain
  • https://ucureo.com/r.php?u=https%3A%2F%2Fsecrity2yellowline.com%2Fclick%3Fkey%3D30dcb85d7b6aa7b5b4e5%26cpv%3D0.019%26sub%3D1126151802%26kw%3D.us.01.mobile.nonadult.android.chrome%26sid%3D2024122420...
  • https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
3 KB
4 KB
Document
General
Full URL
https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
Requested by
Host: ucureo.com
URL: https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy /
Resource Hash
9704b0e2e19fad459bb97bb267651f73b75abb1b94375ce329f3a62443691586

Request headers

Referer
https://ucureo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 09:23:06 GMT
server
Caddy
x-request-id
fbb1d4fc-288d-4b78-bc82-f28de6b37741

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 09:23:05 GMT
location
https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
server
Apache
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/
157 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: secrity2yellowline.com
URL: https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://secrity2yellowline.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"816af0eddd3b4822c2756227c7e7b7ee"
age
1737336
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 09:23:06 GMT
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/22/2024 23:02:21
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fef2d2ba696eeaa5a14c612b59fa90f4
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8f6f87dc8c3780d9-EWR
access-control-allow-origin
*
cdn-edgestorageid
1067
server
cloudflare
cdn-requestcountrycode
US
tav.webp
secrity2yellowline.com/landers/safe_totalav/
12 KB
12 KB
Image
General
Full URL
https://secrity2yellowline.com/landers/safe_totalav/tav.webp
Requested by
Host: secrity2yellowline.com
URL: https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
2f8bbf1d693f96329bcb173295d6f77a10faea7ea2a507dc37d92c8f5274b56e

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a

Response headers

accept-ranges
bytes
content-length
12280
date
Tue, 24 Dec 2024 09:23:06 GMT
etag
"65d885fa-2ff8"
content-type
image/webp
last-modified
Fri, 23 Feb 2024 11:48:10 GMT
server
Caddy, nginx/1.21.6
t.png
secrity2yellowline.com/landers/safe_totalav/
8 KB
8 KB
Image
General
Full URL
https://secrity2yellowline.com/landers/safe_totalav/t.png
Requested by
Host: secrity2yellowline.com
URL: https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
4bdc6e10f47c1a1b7423d95e81693f2ed5e79ad57ae0a96b4e9b5f5cf792e2a1

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a

Response headers

cache-control
max-age=31536000, public, no-transform
etag
"65d885d4-1e16"
expires
Wed, 24 Dec 2025 09:23:06 GMT
accept-ranges
bytes
content-length
7702
date
Tue, 24 Dec 2024 09:23:06 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 11:47:32 GMT
server
Caddy, nginx/1.21.6
scripts.js
secrity2yellowline.com/
3 KB
1 KB
Script
General
Full URL
https://secrity2yellowline.com/scripts.js
Requested by
Host: ucureo.com
URL: https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
d84c33e9ab81fef04fa5f7021dd3a2664a5c8143167624debe49381440fcd9bd

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://secrity2yellowline.com
Referer
https://secrity2yellowline.com/landers/safe_totalav/

Response headers

cache-control
max-age=31536000, public, no-transform
content-encoding
gzip
etag
W/"66ec17ec-de1"
expires
Wed, 24 Dec 2025 09:23:06 GMT
date
Tue, 24 Dec 2024 09:23:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 12:24:12 GMT
server
Caddy, nginx/1.21.6
favicon.ico
secrity2yellowline.com/
555 B
602 B
Other
General
Full URL
https://secrity2yellowline.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
99beb83bfc755030c90cf2fd651288b365138374dc02aab8cb538e307a18f67f

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a

Response headers

content-length
555
date
Tue, 24 Dec 2024 09:23:06 GMT
content-type
text/html; charset=utf-8
server
Caddy, nginx/1.21.6

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| fin_link object| links function| getURLParameter

5 Cookies

Domain/Path Name / Value
altura-photo.canonflashes.us/ Name: __tad
Value: 1735032184.8155175
.ucureo.com/ Name: __dsnsid
Value: 202412242023049080e79d096697fe6a
secrity2yellowline.com/ Name: uclick
Value: zL6Ll19cato1g+WlamCYsnl0Tmqpbq3f9/OjQTK/P6k43uqyJsXwjwj7ECApJ8xbdo0Pww==
secrity2yellowline.com/ Name: bcid
Value: ctl7quma3kps73c1kfr0
secrity2yellowline.com/ Name: cid
Value: ctl7quma3kps73c1kfr0

4 Console Messages

Source Level URL
Text
rendering warning URL: https://ucureo.com/xr.php?e=MTt%2BudKGakIeZZa1NoOqZH49fmRMTWNibXJWN20yMjlTKzNJcS8zSHBlcEtwdGpEU05ROFpYWU9MeHpvK29QbVZqQVN3dnhkZlkvUVdML1E0MUx5ajlYQXpDcVZ4a0cycUFJajVJeFZOMGxlK0dxQVlkeVJGczJxSWdveGdJb01qditMUkFLQ3pqSHQvVUtIY2pxMWF3U0JIK3pSTmI3TWJxRVZlVy9ReFBKRzl6NGI2MTZ5ejZaMy9YOUtnYTh4VVJtSnVHL0NEWUMyMExqS0t1bzVOcDFlVzg5R04xSE1hdHJTOVZiWElPTGpMU0QwQ25NVEthYkY1V1BoUnQxcDN3bG9YRkZnUm9UcmxhaEt5VzZFL1NsYy9Vb0dYNWRjZnNwVWJGS29mcFN2MzVia3lmZlc0T2hRY1lSQTIvQnM1ZTYzM0tUdWVZT3MyYlVmRUt0Vjl4NmJVV2pXcUFYVE1VV3BNTXhJSXVaVkZEZlJ3SXM2Y0wyOVhEOElwUWxzKzlXc0RDbWZVUitIMUlMTGJ0TnArTTg0b1VlalJ2VFpIMDQzVTRFcWJVN2hjaEVKRnhaTkFXVW5rRTdDcXNWMmVSV2dyUUhETncwVkhsTUk5ZE0rbURYYzNmazFRN0xCWWxlcStsTEtWN2lYV1lQOHNOOExMZVp6SnMya3FiQnVKV2VTYm8wRVFlVHQ5cnZqejQ2b1NFai9qdTlmRHpBMVpvREdSYjdxMDhTMXk1cHFqQ1AxVlZUN3RVQXZ1bGhENWt5TzBydkpLVUpaT3VLcFRHTXZHeEsremhDVCtsWFhXYS9iTWZLRWQxOSthZnRlZDFoNk1sWkpGS1NwcEVVbDlUdTc4V3lUM0FvQmZ4UUszSzFvRVAvdjNFMThKNm14aFhwNTIxMDNUQkhuU0lXUFJvYXYrVmxmdW5zWVcvSTN4Rjkza2tsQkJuVVM3cTQ3MkFZUmtsRzRRVFFJMkQzSUlQUVdabzVnS281QWl0OExNSE81WHdlL1Z1STlEdDFkVjkrZTJSSjE3dis0RTQxc2lXSSt2YjNJZFhRdnRxYUJhR3B5Ymo2aUhhcWtCQ1BKVVZpVVpnU29GVlNINnRuam9EMG5RYkJXNUVFWWF4TnVwaG9TQTBkQzg5d0wyOThnUDNVcWtab3cwbkw1dFZNbDk5NGRpMXJBeUdLdnVZSWNRMnhyZnpGZEljRElveDVBTzU5K1l5andPb0MwRVJnK0dCUVNtVlQvUnY5RC9GcU83M2hkZGgzWjhmc2VnZlBnSVhoamRNc1lqZlFqZUpJTitDOWpZVWFaUXpkSitTQlAyby9MZ1BDb3c9PQ%3D%3D(Line 133)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000F513DC260000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://ucureo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://secrity2yellowline.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://secrity2yellowline.com/click?key=30dcb85d7b6aa7b5b4e5&cpv=0.019&sub=1126151802&kw=.us.01.mobile.nonadult.android.chrome&sid=202412242023049080e79d096697fe6a
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.