urlscan.io logo urlscan.io
SecurityTrails logo

secrity2yellowline.com Open in urlscan Pro
213.202.223.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://alipay.comapple.com/
Effective URL: https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome...
Submission: On November 07 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 213.202.223.82, located in Germany and belongs to MYLOC-AS IP Backbone of WIIT AG formerly myLoc managed IT AG, DE. The main domain is secrity2yellowline.com.
TLS certificate: Issued by E6 on September 18th 2024. Valid for: 3 months.
This is the only time secrity2yellowline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 170.178.183.18 46844 (SHARKTECH)
1 4 103.224.182.206 133618 (TRELLIAN-...)
4 213.202.223.82 24961 (MYLOC-AS ...)
1 104.18.11.207 13335 (CLOUDFLAR...)
8 3
Apex Domain
Subdomains		 Transfer
4 secrity2yellowline.com
secrity2yellowline.com
25 KB
4 ucureo.com
ucureo.com
4 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270
28 KB
1 comapple.com
alipay.comapple.com
2 KB
8 4
Domain Requested by
4 secrity2yellowline.com ucureo.com
secrity2yellowline.com
4 ucureo.com 1 redirects ucureo.com
1 stackpath.bootstrapcdn.com secrity2yellowline.com
1 alipay.comapple.com 1 redirects
8 4

This site contains no links.

Subject Issuer Validity Valid
bomaderry.au
R10		 2024-09-23 -
2024-12-22		 3 months crt.sh
secrity2yellowline.com
E6		 2024-09-18 -
2024-12-17		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
Frame ID: 7B31F5CA739A53C63EEEA7865F21EDE7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TotalAV - Protect Your Android

Page URL History Show full URLs

  1. http://alipay.comapple.com/ HTTP 307
    https://alipay.comapple.com/ HTTP 302
    http://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0p... HTTP 307
    https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0p... Page URL
  2. https://ucureo.com/r.php?u=https%3A%2F%2Fsecrity2yellowline.com%2Fclick%3Fkey%3D809222eee01e538... HTTP 302
    https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.non... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

56 kB
Transfer

188 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://alipay.comapple.com/ HTTP 307
    https://alipay.comapple.com/ HTTP 302
    http://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D HTTP 307
    https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D Page URL
  2. https://ucureo.com/r.php?u=https%3A%2F%2Fsecrity2yellowline.com%2Fclick%3Fkey%3D809222eee01e538ec520%26cpv%3D0.014%26sub%3D1035358490%26kw%3D.uk.01.mobile.nonadult.android.chrome%26sid%3D20241107163519359046faef421be317&s=j&enc=G3Ke19NV4AhLhOq7p4%2BnjX49flQyRk54dThTWTR5NjdFK1czTEJkdFRRMnZGZVgzZzFIV1Frc09tSnZxOFhPVy9NanFxT25acGpTRVNDZ2JVRXl2S0pWWHJWV0hPZktDUHVCUnliYlhDU0tjck01aFNITGIyWXZmczBYOG8yaTN3NFpabHZqL2NvTmNrTEpLdEl0bXhta05QdmEra0wyVUNQRWtoME9rSGhvalBWbzluNDk1ODBHWUc3Y3BRY1ZQYTN6K2VITEUvSTJvbjZ3Zm5iNk12R2M4ektBYzVGWXgvT0pDVmJxT2J0ck9qQnRZNWlURFF3NzA4ZFludU1iOG8rdkZXNXl2NnNMelJCUzhaM2Z1UmRKSmVRRzRLeEhTWGQ3b01OY0h2dmh3Rzl4NWNLdXBDanNWbUU0UVJGVXc4Y3VGUGxVbGVlU3FCY2Z3MnlyclE5T2VQbFlOZ0YvMXlQMDMrR1ZaV0lkeHpzLzQraTRDWDdvVTRJZk8yNlNCTlBtM1RmQzUxZTRBRlMzdXZxRWdqOVBQaGd1VWhSamNtallhWGppc1NMUXBUZGhsczl2T3JkUnJCSTJVTTFzU3hFTGo2SW5NbERReDFvcVdNRkNwZnN0cTdnZlAySmNTVitPTkl5S056WGRzV2FTekI5VUh6NDBtb2U4K05Tc2FhUzcwSS9aakJlY0xqNXhkdjVKblVsaDk0cFluR0pBeUFQMkpLb2VIVkRVZ3dnZS9nN2lsSjNsSWpLbDZlRGp5TmNYVFU5YXVrMlFpYUJ0THZyY2lveno1am1jNG5vMUpMU2ZCSzB0dWJMa1cxY2RaTWxQVjJyaHlRdnpndW1XY1hKODVMQW1MTWcwYk93OFhHUEo0Znl0VG5wVWpIN09CWFFKL2V1ZEtuak4vTndJNXBMNTd4ZzF3aUYwMjVNTHpIM2NUWGFZZUY5ZTZKZHA1dlRodTVQRjlaKzR2QmhRMVBQL1FSUGoyby9jangyN0llS0NFMzdSSHV3ZmVzOWl3TFUrSDJBL29xOGVpTFNMRThhOFdRWjdGckN0bUF6ZU1iK29jVmQyVVQxYzdWTEo0MkFyZS82UGt1NllIQW5jdkVqZVNMSVJPLzZEbGZwSmREek5DL1g5TWpSbjNPQno3eE5QNUZmT2NFZVV3clNCQkxBQkc3bWhnQzZQQVF4N2tuaDBJaFIzNFd5RlVCK1FJVWFQMk5RREpzR3hKdzdaV05hc2FWTmtyeWVzOUFEN0FQYlAxYk5wNnJRVm1Od3RxOStDb1d4ZGQ4M2t4TittbG04S0ZNSVMyT0hHbzZuSm9NMGVtaVd2N1dGSS85QmhuYUdEUU5mNTNmNzUvM2FFTkliSXBIa2kzLzkvVUl4Q1pDRjBGdGdKbkFxWTFhSVlDM3dRSHVtNUtGUWJ0c0ZrTW04dndSK05EMGpPQnZxRGZ4a1NtWnN0T0VWTkUxVFlOYTBFbWNIOFJUcFhGVzBIbXB0dGhFR0prNzhEeEJJbDJzMVBlZXQxVlpWZ25xTmIrVE1xZkVxc2ZOdVdPNDFYK0Vwbg%3D%3D&vs=1600:1200&ds=1600:1200&sl=110:110&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1 HTTP 302
    https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://alipay.comapple.com/ HTTP 307
  • https://alipay.comapple.com/ HTTP 302
  • http://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D HTTP 307
  • https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xr.php
ucureo.com/
Redirect Chain
  • http://alipay.comapple.com/
  • https://alipay.comapple.com/
  • http://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcU...
  • https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTc...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
d01e49cfee0806cf9b71c39fbe30f52e470adaa6a2a51692d6b2faa92220f858

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

connection
close
content-encoding
gzip
content-length
2637
content-type
text/html; charset=UTF-8
date
Thu, 07 Nov 2024 05:35:20 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D
Non-Authoritative-Reason
HttpsUpgrades
jscheck.php
ucureo.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ucureo.com/jscheck.php?enc=G3Ke19NV4AhLhOq7p4%2BnjX49flQyRk54dThTWTR5NjdFK1czTEJkdFRRMnZGZVgzZzFIV1Frc09tSnZxOFhPVy9NanFxT25acGpTRVNDZ2JVRXl2S0pWWHJWV0hPZktDUHVCUnliYlhDU0tjck01aFNITGIyWXZmczBYOG8yaTN3NFpabHZqL2NvTmNrTEpLdEl0bXhta05QdmEra0wyVUNQRWtoME9rSGhvalBWbzluNDk1ODBHWUc3Y3BRY1ZQYTN6K2VITEUvSTJvbjZ3Zm5iNk12R2M4ektBYzVGWXgvT0pDVmJxT2J0ck9qQnRZNWlURFF3NzA4ZFludU1iOG8rdkZXNXl2NnNMelJCUzhaM2Z1UmRKSmVRRzRLeEhTWGQ3b01OY0h2dmh3Rzl4NWNLdXBDanNWbUU0UVJGVXc4Y3VGUGxVbGVlU3FCY2Z3MnlyclE5T2VQbFlOZ0YvMXlQMDMrR1ZaV0lkeHpzLzQraTRDWDdvVTRJZk8yNlNCTlBtM1RmQzUxZTRBRlMzdXZxRWdqOVBQaGd1VWhSamNtallhWGppc1NMUXBUZGhsczl2T3JkUnJCSTJVTTFzU3hFTGo2SW5NbERReDFvcVdNRkNwZnN0cTdnZlAySmNTVitPTkl5S056WGRzV2FTekI5VUh6NDBtb2U4K05Tc2FhUzcwSS9aakJlY0xqNXhkdjVKblVsaDk0cFluR0pBeUFQMkpLb2VIVkRVZ3dnZS9nN2lsSjNsSWpLbDZlRGp5TmNYVFU5YXVrMlFpYUJ0THZyY2lveno1am1jNG5vMUpMU2ZCSzB0dWJMa1cxY2RaTWxQVjJyaHlRdnpndW1XY1hKODVMQW1MTWcwYk93OFhHUEo0Znl0VG5wVWpIN09CWFFKL2V1ZEtuak4vTndJNXBMNTd4ZzF3aUYwMjVNTHpIM2NUWGFZZUY5ZTZKZHA1dlRodTVQRjlaKzR2QmhRMVBQL1FSUGoyby9jangyN0llS0NFMzdSSHV3ZmVzOWl3TFUrSDJBL29xOGVpTFNMRThhOFdRWjdGckN0bUF6ZU1iK29jVmQyVVQxYzdWTEo0MkFyZS82UGt1NllIQW5jdkVqZVNMSVJPLzZEbGZwSmREek5DL1g5TWpSbjNPQno3eE5QNUZmT2NFZVV3clNCQkxBQkc3bWhnQzZQQVF4N2tuaDBJaFIzNFd5RlVCK1FJVWFQMk5RREpzR3hKdzdaV05hc2FWTmtyeWVzOUFEN0FQYlAxYk5wNnJRVm1Od3RxOStDb1d4ZGQ4M2t4TittbG04S0ZNSVMyT0hHbzZuSm9NMGVtaVd2N1dGSS85QmhuYUdEUU5mNTNmNzUvM2FFTkliSXBIa2kzLzkvVUl4Q1pDRjBGdGdKbkFxWTFhSVlDM3dRSHVtNUtGUWJ0c0ZrTW04dndSK05EMGpPQnZxRGZ4a1NtWnN0T0VWTkUxVFlOYTBFbWNIOFJUcFhGVzBIbXB0dGhFR0prNzhEeEJJbDJzMVBlZXQxVlpWZ25xTmIrVE1xZkVxc2ZOdVdPNDFYK0Vwbg%3D%3D&rand=0.6019857715839128&vs=1600:1200&ds=1600:1200&sl=110:110&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
Requested by
Host: ucureo.com
URL: https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D

Response headers

content-length
0
date
Thu, 07 Nov 2024 05:35:21 GMT
content-type
text/html; charset=UTF-8
server
Apache
connection
close
favicon.ico
ucureo.com/ 		94 B
170 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ucureo.com/favicon.ico
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D

Response headers

content-type
text/html
cache-control
no-cache
Primary Request click
secrity2yellowline.com/
Redirect Chain
  • https://ucureo.com/r.php?u=https%3A%2F%2Fsecrity2yellowline.com%2Fclick%3Fkey%3D809222eee01e538ec520%26cpv%3D0.014%26sub%3D1035358490%26kw%3D.uk.01.mobile.nonadult.android.chrome%26sid%3D2024110716...
  • https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
Requested by
Host: ucureo.com
URL: https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of WIIT AG formerly myLoc managed IT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy /
Resource Hash
9704b0e2e19fad459bb97bb267651f73b75abb1b94375ce329f3a62443691586

Request headers

Referer
https://ucureo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 07 Nov 2024 05:35:22 GMT
server
Caddy
x-request-id
efcbc2e3-d161-4ab9-9334-fe4d13f7d4ea

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Nov 2024 05:35:22 GMT
location
https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
server
Apache
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: secrity2yellowline.com
URL: https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://secrity2yellowline.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"816af0eddd3b4822c2756227c7e7b7ee"
age
98454
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 05:35:22 GMT
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
05/29/2024 18:09:57
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8c2dbc1f8ab83450c2493a130902b48c
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8deaf5a65c8c419b-LHR
access-control-allow-origin
*
cdn-edgestorageid
865
server
cloudflare
cdn-requestcountrycode
DE
tav.webp
secrity2yellowline.com/landers/safe_totalav/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secrity2yellowline.com/landers/safe_totalav/tav.webp
Requested by
Host: secrity2yellowline.com
URL: https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of WIIT AG formerly myLoc managed IT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
2f8bbf1d693f96329bcb173295d6f77a10faea7ea2a507dc37d92c8f5274b56e

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317

Response headers

accept-ranges
bytes
content-length
12280
date
Thu, 07 Nov 2024 05:35:22 GMT
etag
"65d885fa-2ff8"
content-type
image/webp
last-modified
Fri, 23 Feb 2024 11:48:10 GMT
server
Caddy, nginx/1.21.6
t.png
secrity2yellowline.com/landers/safe_totalav/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secrity2yellowline.com/landers/safe_totalav/t.png
Requested by
Host: secrity2yellowline.com
URL: https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of WIIT AG formerly myLoc managed IT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
4bdc6e10f47c1a1b7423d95e81693f2ed5e79ad57ae0a96b4e9b5f5cf792e2a1

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer
https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317

Response headers

cache-control
max-age=31536000, public, no-transform
etag
"65d885d4-1e16"
expires
Fri, 07 Nov 2025 05:35:22 GMT
accept-ranges
bytes
content-length
7702
date
Thu, 07 Nov 2024 05:35:22 GMT
content-type
image/png
last-modified
Fri, 23 Feb 2024 11:47:32 GMT
server
Caddy, nginx/1.21.6
scripts.js
secrity2yellowline.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secrity2yellowline.com/scripts.js
Requested by
Host: ucureo.com
URL: https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.202.223.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of WIIT AG formerly myLoc managed IT AG, DE),
Reverse DNS
srv30403.dus7.dedi.server-hosting.expert
Software
Caddy, nginx/1.21.6 /
Resource Hash
d84c33e9ab81fef04fa5f7021dd3a2664a5c8143167624debe49381440fcd9bd

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin
https://secrity2yellowline.com
Referer
https://secrity2yellowline.com/landers/safe_totalav/

Response headers

cache-control
max-age=31536000, public, no-transform
content-encoding
gzip
etag
W/"66ec17ec-de1"
expires
Fri, 07 Nov 2025 05:35:22 GMT
date
Thu, 07 Nov 2024 05:35:22 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 12:24:12 GMT
server
Caddy, nginx/1.21.6

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| fin_link object| links function| getURLParameter

5 Cookies

Domain/Path Name / Value
alipay.comapple.com/ Name: __tad
Value: 1730957719.5724971
.ucureo.com/ Name: __dsnsid
Value: 20241107163519359046faef421be317
secrity2yellowline.com/ Name: uclick
Value: mr6LxltUOo411LGnbGCYt0gQxiISy6gN/ZFNJkyxKWfI7CZ9HWfza5/7dU+LtkptCVc9mw==
secrity2yellowline.com/ Name: bcid
Value: csm536ma3kps73epsqj0
secrity2yellowline.com/ Name: cid
Value: csm536ma3kps73epsqj0

3 Console Messages

Source Level URL
Text
rendering warning URL: https://ucureo.com/xr.php?e=ERvIwFHATngaPCrKXahOE349fnE4d0hNU1hlTjIrcEswYnpNYWZON1pqVnl3amVya0pZY3VlZmRocDdpdWFXd2VVWlZ6eEk3bTIvd1VFV0thdnI4LzVtR0ljRVQ3WWhyUWdhekNXajg5TVlNd2dlemRGMFdPdVR6eDEvUGNTcURVRllxMmhUY0wyWTVLanpPTFVuTHRaTGRQblJhT0dVUjZkdnJ3WU83cVgxcGpxWkxDTHg2OUsrcCtqczFuVEFYUWRST2s3dlZHMkhHVWVuYldhRVZtVWtCcksxM2k0ZXRVeXlOSm94dVZjTVVVVjhaaW1xd1NyVWQxaE1HYjBMK213R3JDTm4ramJROTRzdmVrclphS2N4Uy9XYk9hV2xqY1NkMnd4MFNaemhuQVo3NWlkQnNKWUFiTHA2MWRJY0M5dkl0aXZTLzhMSTIzN0pJQXB5QkhXMmhkMWxHTm1jWHFxV1cySENwQWpJUnU0aUN1R01DeG9LMzk0V0tBMHRYNVB6N2JIR0lRaTlQRGpYaXc5NWdnbitvS2Z2UDl0SUdKd3NQWDJJYWRHZDBqa2ZqUnR5aUs5LzJ4dU5IV0VBSEJsYmZQMEZHeVZlaHJ2OC9MNm9ZcnNMWVE5TTkvOVA0aVdiZHpVY0QrcDN1VFMycGVGS3RNeGxsZE0zY3NUM2l2TVRQMkFYTTFGSThiSWxKZHBZcHp3ODAxYTRtejBiNjJCQ0VGb2VWTXdPTWpCMU5JaVBueTFjV0ZLSzRpcmhXKzJ1dmV0MWwxVlBmY2JXRjgzZkNuZllaNWhGMWFCOTJWYmJBNjQybDZXSy9aTEJFUHNWVHhCT0JyWXNxNHovSkpHSzE1S3pzeGxoZVZFSXJtb293akpOaFdtUHRBZEZ6WXkxNGREYXZhYktJcWs5SDI5cEN2M01yTzJjL3ZKUzRRcXNscUU2Ly9BeTRoTDhUMG14VXpya1BudklEQjhDK3VvbEhHU1lidW5FdUliWHFLMTBJbDBGeVUrOHhrRStwalJXZExQdlJvemhRTkR1Q0R2WjBhVThhYUMrbnExMy9hL0RUa3hBL1BDclJDdzdPelpTR29DNHc0YldKc2Ntd2krMHVTRDNPb1NEd0JzVzZ1cnhBL1ZQdnE0Yko5LzlXWldVc2IwM0VGVWFMd2ZDclpUcEpQUTZsVVI5ZTJJTjF4N0hoNGtLNUljN3cxY2hBRmVtUkxZV1ZWY1VmcVNESnpEOFJmSVowdy81MzIyUkpXYmROUHBPYjlxT1o0SlRGRElZOHpld2w5L3VFL0ZBSXBtSQ%3D%3D(Line 122)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0720074330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://ucureo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other error URL: https://secrity2yellowline.com/click?key=809222eee01e538ec520&cpv=0.014&sub=1035358490&kw=.uk.01.mobile.nonadult.android.chrome&sid=20241107163519359046faef421be317
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.