l3hruxsbpab.9ci4.shop
Open in
urlscan Pro
46.21.250.29
Public Scan
Submitted URL: https://3chast.youtuebu.com/:YIL1
Effective URL: https://l3hruxsbpab.9ci4.shop/f/jAS
Submission: On August 25 via api from US — Scanned from NL
Effective URL: https://l3hruxsbpab.9ci4.shop/f/jAS
Submission: On August 25 via api from US — Scanned from NL
Summary
This website contacted 6 IPs
in 3 countries
across 6 domains to perform 17 HTTP transactions.
The main IP is 46.21.250.29, located in
Amsterdam, Netherlands and
belongs to ON-LINE-DATA, NL.
The main domain is l3hruxsbpab.9ci4.shop.
TLS certificate: Issued by R10 on July 8th 2024. Valid for: 3 months.
This is the only time l3hruxsbpab.9ci4.shop was scanned on urlscan.io!
TLS certificate: Issued by R10 on July 8th 2024. Valid for: 3 months.
This is the only time l3hruxsbpab.9ci4.shop was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 185.209.22.147 185.209.22.147 | 204601 (ON-LINE-DATA) (ON-LINE-DATA) | |
| 4 | 134.209.203.156 134.209.203.156 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 10 | 46.21.250.29 46.21.250.29 | 204601 (ON-LINE-DATA) (ON-LINE-DATA) | |
| 1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::2016 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 185.177.92.132 185.177.92.132 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
| 17 | 6 |
1
185.209.22.147
(Dronten, Netherlands)
ASN204601 (ON-LINE-DATA, NL)
PTR: vm4071682.1nvme.had.wf
ASN204601 (ON-LINE-DATA, NL)
PTR: vm4071682.1nvme.had.wf
| 3chast.youtuebu.com |
4
134.209.203.156
(Amsterdam, Netherlands)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| znews16.com | |
| 0.znews16.com |
10
46.21.250.29
(Amsterdam, Netherlands)
ASN204601 (ON-LINE-DATA, NL)
PTR: 4845450.ds.had.pm
ASN204601 (ON-LINE-DATA, NL)
PTR: 4845450.ds.had.pm
| l3hruxsbpab.9ci4.shop |
1
185.177.92.132
(Amsterdam, Netherlands)
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-132.ah-server.com
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-132.ah-server.com
| cashmachines.biz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
9ci4.shop
l3hruxsbpab.9ci4.shop |
44 KB |
| 4 |
znews16.com
znews16.com 0.znews16.com |
130 KB |
| 1 |
cashmachines.biz
cashmachines.biz |
19 KB |
| 1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 117 |
144 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
30 KB |
| 1 |
youtuebu.com
1 redirects
3chast.youtuebu.com |
459 B |
| 17 | 6 |
| Domain | Requested by | |
|---|---|---|
| 10 | l3hruxsbpab.9ci4.shop |
znews16.com
l3hruxsbpab.9ci4.shop code.jquery.com |
| 2 | 0.znews16.com |
znews16.com
|
| 2 | znews16.com | |
| 1 | cashmachines.biz |
l3hruxsbpab.9ci4.shop
|
| 1 | i.ytimg.com |
l3hruxsbpab.9ci4.shop
|
| 1 | code.jquery.com |
l3hruxsbpab.9ci4.shop
|
| 1 | 3chast.youtuebu.com | 1 redirects |
| 17 | 7 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nvideohd3.shop |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| 2.znews16.com R11 |
2024-08-01 - 2024-10-30 |
3 months | crt.sh |
| 9ci4.shop R10 |
2024-07-08 - 2024-10-06 |
3 months | crt.sh |
| *.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
| edgestatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| tailstories.biz R10 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://l3hruxsbpab.9ci4.shop/f/jAS
Frame ID: F8CB697A40F01EDDCD09F0D9EC7A95A3
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Для просмотра видео нажмите кнопку РазрешитьPage URL History Show full URLs
-
https://3chast.youtuebu.com/:YIL1
HTTP 301
https://znews16.com/?p=gy3dgnbxgi5gi3bpg42dsny Page URL
- https://0.znews16.com/?p=gy3dgnbxgi5gi3bpg42dsny Page URL
- https://l3hruxsbpab.9ci4.shop/f/jAS Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://nvideohd3.shop/?ref=5254&like=%D0%9F%D0%BE%20%D1%81%D0%BB%D0%B5%D0%B4%D1%83%20%D0%BD%D0%B5%D1%83%D0%BB%D0%BE%D0%B2%D0%B8%D0%BC%D0%BE%D0%B3%D0%BE%20(2024)&s=3&e=3&img=https://i.ytimg.com/vi/v4BtbV3XNyU/maxresdefault.jpg
Title: Разрешить
Title: Разрешить
Search URL Search Domain Scan URL
&s=3&e=3&img=https://i.ytimg.com/vi/v4BtbV3XNyU/maxresdefault.jpg%22){kind=link}
&s=3&e=3&img=https://i.ytimg.com/vi/v4BtbV3XNyU/maxresdefault.jpg){kind=link}
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://3chast.youtuebu.com/:YIL1
HTTP 301
https://znews16.com/?p=gy3dgnbxgi5gi3bpg42dsny Page URL
- https://0.znews16.com/?p=gy3dgnbxgi5gi3bpg42dsny Page URL
- https://l3hruxsbpab.9ci4.shop/f/jAS Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://3chast.youtuebu.com/:YIL1 HTTP 301
- https://znews16.com/?p=gy3dgnbxgi5gi3bpg42dsny
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
znews16.com/ Redirect Chain
|
64 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
znews16.com/ |
0 125 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
0.znews16.com/ |
64 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
0.znews16.com/ |
0 125 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
jAS
l3hruxsbpab.9ci4.shop/f/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon1.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon2.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon3.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon4.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon5.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon7.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon8.png
l3hruxsbpab.9ci4.shop/themes/theme15_data/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
maxresdefault.jpg
i.ytimg.com/vi/v4BtbV3XNyU/ |
144 KB 144 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
application.php
l3hruxsbpab.9ci4.shop/ |
0 309 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
cashmachines.biz/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
l3hruxsbpab.9ci4.shop/ |
5 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| onSubInit object| Sk4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .znews16.com/ | Name: uuid Value: 9a06e048-7382-45b4-ba63-3cd18ec6e567 |
|
| .0.znews16.com/ | Name: uuid Value: 9a06e048-7382-45b4-ba63-3cd18ec6e567 |
|
| .9ci4.shop/ | Name: PHPSESSID Value: 8k6sboci43htspbjsfbjaq4ri5 |
|
| .cashmachines.biz/ | Name: uuid Value: 6eb1cb7d-e899-4146-9359-c7563b1a9168 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | img-src https: data:; upgrade-insecure-requests |
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.znews16.com
3chast.youtuebu.com
cashmachines.biz
code.jquery.com
i.ytimg.com
l3hruxsbpab.9ci4.shop
znews16.com
134.209.203.156
185.177.92.132
185.209.22.147
2a00:1450:4001:827::2016
2a04:4e42:400::649
46.21.250.29
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
242d76bf058b66e7f41d7f3c0f421e703727d7e71f921bdd365c61d75da0e55a
2a96d3f296fc338a666ac5adefb6e2f6659d9a89baf704da4afb3cbbd2d4f933
2f9524e99065ff5fbba0fee6a05611d0a8d67c15880cdea5b7bf4dec703ec0b2
349f4bc944f444e656ac165e19aa5c1920416170f0b24f75b02766a363888e93
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
4d861e2ddf605b4ad46748815e60a68c7a58379142755a4f611d6e011e8412f9
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
cb1c3c7fcb95100947ad5e021436d096a8de5bcb747d728ad0cfa1bab627b894
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e871ab8ab4c9d6c251e9a74ae30a42642e535a8f1d64b80a2e4c87719060f227
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba