urlscan.io logo urlscan.io
SecurityTrails logo

yourcoolfeed.com Open in urlscan Pro
139.45.197.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wgqkosnzlkx0n.bar/youtube-mo/*
Effective URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&...
Submission: On December 09 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 19 HTTP transactions. The main IP is 139.45.197.132, located in United Kingdom and belongs to RETN-AS, GB. The main domain is yourcoolfeed.com.
TLS certificate: Issued by R3 on November 23rd 2021. Valid for: 3 months.
This is the only time yourcoolfeed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 185.66.201.42 201702 (SKHOSTING-EU)
2 18.142.109.31 16509 (AMAZON-02)
1 139.45.197.238 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
5 139.45.197.132 9002 (RETN-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 139.45.197.240 ()
1 2a02:6b8::1:119 ()
1 139.45.197.251 ()
19 10
1    2606:4700:3030::ac43:c3d1 (United States)

ASN13335 (CLOUDFLARENET, US)
wgqkosnzlkx0n.bar
1    185.66.201.42 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com
benfly.net
2    18.142.109.31 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-109-31.ap-southeast-1.compute.amazonaws.com
demenemyslarreats.com
sennatifrogen.com
1    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
atraichuor.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
5    139.45.197.132 (United Kingdom)

ASN9002 (RETN-AS, GB)
yourcoolfeed.com
1    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
2    139.45.197.240 (None, )

ASN- ()
propeller-tracking.com
1    2a02:6b8::1:119 (None, )

ASN- ()
mc.yandex.ru
1    139.45.197.251 (None, )

ASN- ()
yonhelioliskor.com
Domain Requested by
5 yourcoolfeed.com atraichuor.com
yourcoolfeed.com
2 propeller-tracking.com yourcoolfeed.com
propeller-tracking.com
1 yonhelioliskor.com yourcoolfeed.com
yonhelioliskor.com
1 mc.yandex.ru yourcoolfeed.com
1 littlecdn.com yourcoolfeed.com
1 my.rtmark.net atraichuor.com
yonhelioliskor.com
1 atraichuor.com
1 sennatifrogen.com
1 demenemyslarreats.com benfly.net
1 benfly.net
1 wgqkosnzlkx0n.bar 1 redirects
19 11

This site contains no links.

Subject Issuer Validity Valid
benfly.net
R3		 2021-12-07 -
2022-03-07		 3 months crt.sh
demenemyslarreats.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
sennatifrogen.com
R3		 2021-11-25 -
2022-02-23		 3 months crt.sh
atraichuor.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
yourcoolfeed.com
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
propeller-tracking.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-11-06		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
yonhelioliskor.com
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Frame ID: 8D909FF5B3E8078004390C5C14C21CE9
Requests: 17 HTTP requests in this frame

Frame: https://yourcoolfeed.com/templates/_assets/push-skin/skin.html
Frame ID: A3A28ED38C6E16D4CB5A31620639E0BB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Press Allow

Page URL History Show full URLs

  1. http://wgqkosnzlkx0n.bar/youtube-mo/* HTTP 302
    https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami Page URL
  2. https://demenemyslarreats.com/13d6c894-3f46-4aaa-b38d-ccf062f39003?c2=26233199&c1=affC1639066109afffc4f6bc... Page URL
  3. https://sennatifrogen.com/redirect?target=BASE64aHR0cHM6Ly9hdHJhaWNodW9yLmNvbS9hZnUucGhwP3pvbmVpZD00ND... Page URL
  4. https://atraichuor.com/afu.php?zoneid=4474572&var=var_26233199376913d6c894-3f46-4aaa-b38d-ccf062f39... Page URL
  5. https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z... Page URL

Page Statistics

19
Requests

79 %
HTTPS

30 %
IPv6

11
Domains

11
Subdomains

10
IPs

4
Countries

74 kB
Transfer

289 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wgqkosnzlkx0n.bar/youtube-mo/* HTTP 302
    https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami Page URL
  2. https://demenemyslarreats.com/13d6c894-3f46-4aaa-b38d-ccf062f39003?c2=26233199&c1=affC1639066109afffc4f6bcb56251a700a250 Page URL
  3. https://sennatifrogen.com/redirect?target=BASE64aHR0cHM6Ly9hdHJhaWNodW9yLmNvbS9hZnUucGhwP3pvbmVpZD00NDc0NTcyJnZhcj12YXJfMjYyMzMxOTkzNzY5MTNkNmM4OTQtM2Y0Ni00YWFhLWIzOGQtY2NmMDYyZjM5MDAzJnltaWQ9d3UxYmt0N2Y5NnBrYWdnYzJ1bnYxNGVz&ts=1639066110035&hash=kFs5G79ZZL5_xeL1iLQD7JuYWkQ-b9r3IFK5xU7OOf4&rm=D Page URL
  4. https://atraichuor.com/afu.php?zoneid=4474572&var=var_26233199376913d6c894-3f46-4aaa-b38d-ccf062f39003&ymid=wu1bkt7f96pkaggc2unv14es Page URL
  5. https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wgqkosnzlkx0n.bar/youtube-mo/* HTTP 302
  • https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
benfly.net/e8ff0088ab/1c337ce436/
Redirect Chain
  • http://wgqkosnzlkx0n.bar/youtube-mo/*
  • https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
432 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
affilist.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

server
nginx
date
Thu, 09 Dec 2021 16:08:29 GMT
content-type
text/html; charset=UTF-8
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
content-encoding
br

Redirect headers

Date
Thu, 09 Dec 2021 16:08:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
location
https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGkubUH5phAcoMnZ3HlEJtP9Erq%2BMsLLZvUsOKZCDNMEZvy8tqaqm%2FMBorPl3%2BbAcodd0z0Y1fp2I067641rZjhTzj%2FqGckcBuYnml4Fj%2Bxs6xAD3OR2gThPyXlO9wEUe9e%2BpvIgjq8uHM0rBbTLWA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6baf7e0bad20207d-NRT
13d6c894-3f46-4aaa-b38d-ccf062f39003
demenemyslarreats.com/ 		511 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demenemyslarreats.com/13d6c894-3f46-4aaa-b38d-ccf062f39003?c2=26233199&c1=affC1639066109afffc4f6bcb56251a700a250
Requested by
Host: benfly.net
URL: https://benfly.net/e8ff0088ab/1c337ce436/?placementName=jiami
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.142.109.31 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-109-31.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://benfly.net/

Response headers

server
nginx
date
Thu, 09 Dec 2021 16:08:30 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, pre-check=0, post-check=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
redirect
sennatifrogen.com/ 		344 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sennatifrogen.com/redirect?target=BASE64aHR0cHM6Ly9hdHJhaWNodW9yLmNvbS9hZnUucGhwP3pvbmVpZD00NDc0NTcyJnZhcj12YXJfMjYyMzMxOTkzNzY5MTNkNmM4OTQtM2Y0Ni00YWFhLWIzOGQtY2NmMDYyZjM5MDAzJnltaWQ9d3UxYmt0N2Y5NnBrYWdnYzJ1bnYxNGVz&ts=1639066110035&hash=kFs5G79ZZL5_xeL1iLQD7JuYWkQ-b9r3IFK5xU7OOf4&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.142.109.31 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-109-31.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://demenemyslarreats.com/

Response headers

server
nginx
date
Thu, 09 Dec 2021 16:08:31 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, pre-check=0, post-check=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
afu.php
atraichuor.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://atraichuor.com/afu.php?zoneid=4474572&var=var_26233199376913d6c894-3f46-4aaa-b38d-ccf062f39003&ymid=wu1bkt7f96pkaggc2unv14es
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
279f716e317fa3b6f78e383ef253b1aa1cf09bd05be213fd07014df0bf842c08
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://sennatifrogen.com/

Response headers

server
nginx
date
Thu, 09 Dec 2021 16:08:31 GMT
content-type
text/html; charset=utf8
x-trace-id
cedf359113a41a20ad2b32e30bd33fcd
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://yourcoolfeed.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=dff70721bfb5414da7f7cb792a480057
Requested by
Host: atraichuor.com
URL: https://atraichuor.com/afu.php?zoneid=4474572&var=var_26233199376913d6c894-3f46-4aaa-b38d-ccf062f39003&ymid=wu1bkt7f96pkaggc2unv14es
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 09 Dec 2021 16:08:32 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://atraichuor.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request /
yourcoolfeed.com/ 		34 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by
Host: atraichuor.com
URL: https://atraichuor.com/afu.php?zoneid=4474572&var=var_26233199376913d6c894-3f46-4aaa-b38d-ccf062f39003&ymid=wu1bkt7f96pkaggc2unv14es
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.132 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
a9e2e57df3d106e839875d4b27f3b25e3860a27ea784bb8ace9e98d82476ed10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Server
nginx
Date
Thu, 09 Dec 2021 16:08:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.24
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding
gzip
inapp.min.js
littlecdn.com/apps/templates/_assets/scripts/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/_assets/scripts/inapp.min.js
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ba3541ae765b293259fff16bf4599fb18295116b19d6b928e74d55f67b57a8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 16:08:33 GMT
content-encoding
br
cf-cache-status
HIT
age
4730
last-modified
Thu, 09 Dec 2021 13:05:06 GMT
server
cloudflare
etag
W/"61b1ff02-54ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
cf-ray
6baf7e270d4480f3-NRT
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
fv.js
propeller-tracking.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/fv.js?t=71022&cb=1293012563
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 16:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-trace-id
a0bba871211e2ed9b2e6a18298947d68
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		90 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 16:08:33 GMT
content-encoding
br
last-modified
Thu, 09 Dec 2021 14:50:44 GMT
etag
"61b1ed94-10770"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67440
expires
Thu, 09 Dec 2021 17:08:33 GMT
micro.tag.min.js
yonhelioliskor.com/pfe/current/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4662709&ymid=492841595025253212&var=4474572&sw=/sw-check-permissions/4662709
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
af682b04fcb29fc8bb56d3a798b46a464febf6002e5a4cd50fc30889879f0340

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Dec 2021 16:08:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 12:49:06 GMT
server
nginx
etag
W/"61b1fb42-148af"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
skin.html
yourcoolfeed.com/templates/_assets/push-skin/ Frame A3A2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yourcoolfeed.com/templates/_assets/push-skin/skin.html
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.132 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
87ff48a9cd88a4c7f8611fbbf68b4da09401553cad4f8f23ae71cf4aef0a4a08
Security Headers
Name Value
Strict-Transport-Security max-age=60
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Response headers

Server
nginx
Date
Thu, 09 Dec 2021 16:08:33 GMT
Content-Type
text/html
Last-Modified
Thu, 09 Dec 2021 15:53:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"61b2266c-a84"
Strict-Transport-Security
max-age=60
X-Content-Type-Options
nosniff
Content-Encoding
gzip
/
yourcoolfeed.com/ 		2 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.132 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/?s=492841595025253212&ssk=63dceabefec123d77380e21aadaae221&svar=1639066111&z=4474572&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 09 Dec 2021 16:08:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.24
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
skin.css
yourcoolfeed.com/templates/_assets/push-skin/ Frame A3A2 		23 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yourcoolfeed.com/templates/_assets/push-skin/skin.css
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/templates/_assets/push-skin/skin.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.132 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
078f8d637ba3c9b35da7e4392c083232c392aa968c6c4c3af030e7fb9d5d6d17

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/templates/_assets/push-skin/skin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 09 Dec 2021 16:08:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 15:53:16 GMT
Server
nginx
ETag
W/"61b2266c-5cf1"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
skin.min.js
yourcoolfeed.com/templates/_assets/push-skin/ Frame A3A2 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yourcoolfeed.com/templates/_assets/push-skin/skin.min.js
Requested by
Host: yourcoolfeed.com
URL: https://yourcoolfeed.com/templates/_assets/push-skin/skin.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.132 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2850867d45189af6747c0e88fcf55922006b36e447035be87adf4df1046a064d

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/templates/_assets/push-skin/skin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 09 Dec 2021 16:08:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 15:53:16 GMT
Server
nginx
ETag
W/"61b2266c-6d48"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
vctx
propeller-tracking.com/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vctx?t=71022
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1293012563
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://yourcoolfeed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
4673ecc214aefcd5b17080754d87e9d4
pragma
no-cache
date
Thu, 09 Dec 2021 16:08:33 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://yourcoolfeed.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
vbl
propeller-tracking.com/ 		0
0
zone
yonhelioliskor.com/ 		0
0
gid.js
my.rtmark.net/ 		0
0
zone
yonhelioliskor.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
propeller-tracking.com
URL
https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined
Domain
yonhelioliskor.com
URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=yourcoolfeed.com&var=4474572&ymid=492841595025253212&var_3=&dsig=&action=prerequest
Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=492841595025253212&var=4474572
Domain
yonhelioliskor.com
URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=yourcoolfeed.com&var=4474572&ymid=492841595025253212&var_3=&dsig=&action=settings

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| alphabet string| subdomain function| randomInt number| YMID function| ym string| cpPushZone string| cpS string| cpZ string| cpTargetUrl string| cpDebug number| cpPermissionDefaultCounter function| redirect object| _0xd6c1 object| pvars function| BrowsingModeDetector string| clickTbUrl

6 Cookies

Domain/Path Name / Value
.demenemyslarreats.com/ Name: 13d6c894-3f46-4aaa-b38d-ccf062f39003-v4
Value: imSAUzhEqDQVDaOAgWiSKgF-bF-J9FybKkNdQsaigk0
.demenemyslarreats.com/ Name: cc-v4
Value: AoAtXM3%2FUZyznGdYKw%2FNA3f6DYSC7iZbv1F%2FXik18p1kmwK9NFfcgg9rH7dcOlOXe7kJkuZFG3FKzmN0Kjbne8mAxm1Cg43ojjcEXStQi3ELgy7IHLNY88752DNzxgHx6sNihURquQY%2Bbh90i26MZg%3D%3D
atraichuor.com/ Name: OAID
Value: dff70721bfb5414da7f7cb792a480057
atraichuor.com/ Name: oaidts
Value: 1639066111
my.rtmark.net/ Name: ID
Value: dff70721bfb5414da7f7cb792a480057
yourcoolfeed.com/ Name: reverse
Value: D3S4CeAdocsoKFN-d6JcYBT78aBgRAEtPYdsSEgDHqo