urlscan.io logo urlscan.io
SecurityTrails logo

fordems.biz Open in urlscan Pro
2606:4700:3038::6815:ea85  Public Scan

Go To Rescan Add Verdict Report
URL: https://fordems.biz/bz2.php
Submission: On January 23 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3038::6815:ea85, located in United States and belongs to CLOUDFLARENET, US. The main domain is fordems.biz.
TLS certificate: Issued by GTS CA 1P5 on January 4th 2023. Valid for: 3 months.
This is the only time fordems.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.190.41.116 15169 (GOOGLE)
7 5
Apex Domain
Subdomains		 Transfer
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
139 KB
2 acscdn.com
acscdn.com — Cisco Umbrella Rank: 179337
60 KB
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 38791
1 KB
1 fordems.biz
fordems.biz
c.fordems.biz Failed
975 B
7 4
Domain Requested by
2 cdn.jsdelivr.net fordems.biz
2 acscdn.com fordems.biz
acscdn.com
1 youradexchange.com acscdn.com
1 fordems.biz
0 c.fordems.biz Failed cdn.jsdelivr.net
7 5

This site contains links to these domains. Also see Links.

Domain
youradexchange.com
Subject Issuer Validity Valid
*.fordems.biz
GTS CA 1P5		 2023-01-04 -
2023-04-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-08		 a year crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-20 -
2023-06-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fordems.biz/bz2.php
Frame ID: 2CE0CCF1F2D7275A674DEC76FF83627C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

7
Requests

86 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

200 kB
Transfer

669 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bz2.php
fordems.biz/ 		902 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fordems.biz/bz2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c37298c04df4764e9203d32e4a38e8f31817dbec22fc47fbc6413132309eca3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78dfbea11dcdbb32-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 10:11:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raYBnjUswLhlrpq1FashVkPE8GndbhCUKfyobjDgXFxvkxqefE6VZ2G9poo%2BFEgophCYvCVehD%2FOOUU0J06GxWuURgSmHpJM9fS1MSpIF7BKBke%2B8nAu0PapbDE2xxVGd62dM4Nksm8x8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
suv4.js
acscdn.com/script/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/suv4.js
Requested by
Host: fordems.biz
URL: https://fordems.biz/bz2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fordems.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 10:11:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3462
x-guploader-uploadid
ADPycdvASZotzTIfuZ3HU32xSg-zM-Cb2D_DdjkqBGgEoNkJRyT6d5obiuyB7BHKBquDrVqZ-D9R1I4loJ1mE9NG33x2OQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:55:25 GMT
server
cloudflare
etag
W/"416f6928d8f3d8d66655abc097baca03"
vary
Accept-Encoding
x-goog-hash
crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation
1670939725427322
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zd6uU5FnVeaYSs8pYmGAjKrqdO2aEtJ2bR1xw%2FKYlL3tX4LZeBJZYkkmID0PQdEB1U%2FuKZEZFAWt9EPrJARH7wff3YWFTb3B6hn1V%2FddRtlTvJTjkzipA4EQSBDCSxhr58xJvZvWxBu"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
100623
cf-ray
78dfbea2deca9043-FRA
expires
Mon, 23 Jan 2023 09:21:35 GMT
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ 		470 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: fordems.biz
URL: https://fordems.biz/bz2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fordems.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 10:11:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16888070
x-jsd-version
0.4.7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA, cache-itm18851-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTzqJoEIv9Qv%2ByGOxh%2BxwUGx5neqEXdRzdFPCPkxjpeZjuh%2FOtGbfwXzXb2XEFF7e5hmP20t0k6WLH8VjspgwL8nG55laDT5aiz0CD7ooQOJ6cevgXXSuBYuwKu%2BWPGX4OO%2BKqIIl%2Bs03oJ%2BSVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
78dfbea2cea730ca-FRA
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: fordems.biz
URL: https://fordems.biz/bz2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fordems.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 10:11:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10419
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA, cache-itm18844-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNnplHMZDISZgSH4ui9yr7Ur6taxuHBftxxG%2BVdNQB28PYXyKZPlBR94SyaDohKd82%2BTwaY7SaDNKZCB6TXdzZ%2BPXpu68G8mP%2FAG5PMbszmFQpCgWo8Y92%2FZ9vvOveMkTZLGZ4d%2FxeGdgehP7Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
78dfbea2ceaf30ca-FRA
playlist.m3u8
c.fordems.biz/live/multiple_fd-2/ 		0
0
ut.js
acscdn.com/script/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/ut.js?cb=1674468680177
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fordems.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 10:11:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2029
x-guploader-uploadid
ADPycduC-pFhw5UdO95yUYsya7dX1FbHwWPWZY3nbreVR6byHMTJvs0B5cGu0qBLLWWH1oaaIQpwHyXqlnBzHnUSIOM54A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Dec 2022 13:55:49 GMT
server
cloudflare
etag
W/"d5903ccaed951c280d67f4188548e1e9"
vary
Accept-Encoding
x-goog-hash
crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-generation
1670939749168345
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgZDictpjVEkxH%2B0yeRreVrIzekA9pu%2F5kvTBOUQAoe%2F8IRj2DWXMObAKt5n3Knt%2FPO35%2FM1GN8POZ3ipqZCuy4nR5h%2FtrVzXvE2prq8WUgIUK0tnAKr3osedHZWsEM4aSsrTQFIdpsT"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
71395
cf-ray
78dfbea3b87d9043-FRA
expires
Mon, 23 Jan 2023 09:53:28 GMT
suurl4.php
youradexchange.com/script/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=6602254&chmob=%3F0&cbur=0.3949799128180369&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Ffordems.biz%2Fbz2.php&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&aggr=0
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3cf7383edc4783964bfe7c999f0a4dd05a47a5b3b0f80752125609645fe11d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fordems.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 10:11:20 GMT
content-encoding
gzip
via
1.1 google
server
openresty
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.fordems.biz
URL
https://c.fordems.biz/live/multiple_fd-2/playlist.m3u8

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| regeneratorRuntime boolean| s2ss123 function| s2ss123ff object| Clappr function| Zepto function| $ function| LevelSelector object| player boolean| user_engagement123 string| utsid-send

0 Cookies