www.ubermensch.site - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 15.228.36.243, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is www.ubermensch.site.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.

This is the only time www.ubermensch.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	15.228.36.243 15.228.36.243	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3033::6815:40f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2

2 15.228.36.243 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-228-36-243.sa-east-1.compute.amazonaws.com

www.ubermensch.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:40f3 (United States)

ASN13335 (CLOUDFLARENET, US)

tkcloud.yomifx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	yomifx.com tkcloud.yomifx.com	374 B
2	ubermensch.site www.ubermensch.site	15 KB
4	2

	Domain	Requested by
2	tkcloud.yomifx.com	www.ubermensch.site
2	www.ubermensch.site	www.ubermensch.site
4	2

This site contains no links.

Subject Issuer	Validity	Valid
bivifyx.online R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
yomifx.com GTS CA 1P5	`2023-10-08` - `2024-01-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ubermensch.site/
Frame ID: 6E785BEA2C6050CB0A816FFF38413443
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

15 kB
Transfer

35 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ubermensch.site/ 2 KB
994 B 490ms
149ms Document
text/html 15.228.36.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ubermensch.site/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

15.228.36.243 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-228-36-243.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

092cd94443aff686f0aed5c5ad0b4639cbf0671e3b93760b4934480b250a72aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 28 Nov 2023 09:08:45 GMT
etag: W/"65658572-819"
last-modified: Tue, 28 Nov 2023 06:15:14 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 axios.min.js Show response
www.ubermensch.site/ 33 KB
14 KB 152ms
150ms Script
application/javascript 15.228.36.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ubermensch.site/axios.min.js

Requested by

Host: www.ubermensch.site
URL: https://www.ubermensch.site/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

15.228.36.243 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-228-36-243.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.ubermensch.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 06:15:14 GMT
server: nginx
etag: W/"65658572-8355"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 28 Nov 2023 21:08:45 GMT

POST
H2 200 get_url Show response
tkcloud.yomifx.com/mall/api/redirect/ 31 B
374 B 263ms
262ms XHR
application/json 2606:4700:3033::6815:40f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tkcloud.yomifx.com/mall/api/redirect/get_url

Requested by

Host: www.ubermensch.site
URL: https://www.ubermensch.site/axios.min.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:40f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce7440af2f0453dce281deba605d5163518357db3c40c5311655d985443ddc2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ubermensch.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 09:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
tlogtraceid: 13774784219300672
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq4pBdxm9bV%2BMN80h8jUzgjCiaGQAnSjYrnFD%2BfNf30k73hb8TruUDhVoOOjiCmZ4LGHngUzBP%2BPTD0pq1TRvByk50kf6FPNMUSSH2fq3h0xYCcmWvKrGlfewV2Fb3Fa255aJmcLOBCK66gPEtd4Fw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ubermensch.site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 82d177dfac274bd8-BUF
expires: 0

OPTIONS
H2 200 get_url
tkcloud.yomifx.com/mall/api/redirect/ 0
0 719ms
485ms Preflight 2606:4700:3033::6815:40f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tkcloud.yomifx.com/mall/api/redirect/get_url

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:40f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ubermensch.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ubermensch.site
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82d177dcac0b4bd8-BUF
content-length: 0
date: Tue, 28 Nov 2023 09:08:46 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kvQASH%2FzBZzcXbGAv4C2VFlB%2BPB8Zm3SiuyrIM0gygm7qEmZHRSTymot9yxZBPAaQXfTrAcZI5%2BecqdGvSKqScvBJPk2b6w6Xc%2BqL2WXM7clqXka3jwUj8LOyijC7PP7JkJpTQXpmLjEyDLW09JstA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| axios function| getUrlParams

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tkcloud.yomifx.com
www.ubermensch.site
15.228.36.243
2606:4700:3033::6815:40f3
092cd94443aff686f0aed5c5ad0b4639cbf0671e3b93760b4934480b250a72aa
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
ce7440af2f0453dce281deba605d5163518357db3c40c5311655d985443ddc2e

www.ubermensch.site Open in urlscan Pro 15.228.36.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

15 kBTransfer

35 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.ubermensch.site Open in urlscan Pro
15.228.36.243 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

15 kB
Transfer

35 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions