realfrutimarketing.com Open in urlscan Pro
172.67.153.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://torrent911a.fr/0.2378872949745836
Effective URL:
https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356...
Submission: On June 03 via api (June 3rd 2024, 9:36:19 pm UTC) from US — Scanned from FR

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 9 HTTP transactions. The main IP is 172.67.153.104, located in United States and belongs to CLOUDFLARENET, US. The main domain is realfrutimarketing.com.
TLS certificate: Issued by GTS CA 1P5 on May 8th 2024. Valid for: 3 months.

This is the only time realfrutimarketing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.211.229.248 95.211.229.248	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	51.255.127.45 51.255.127.45	16276 (OVH) (OVH)
2	172.67.153.104 172.67.153.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.76.3 104.21.76.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.72.9 172.67.72.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	6

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

torrent911a.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.248 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net

t.optzsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.127.45 (France) 1 redirects

ASN16276 (OVH, FR)

affcpatrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.153.104 (United States)

ASN13335 (CLOUDFLARENET, US)

realfrutimarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.76.3 (None, )

ASN13335 (CLOUDFLARENET, US)

feed.rtbadshubmy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.72.9 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 41502 t.ocmhood.com — Cisco Umbrella Rank: 13726	14 KB
2	realfrutimarketing.com realfrutimarketing.com	21 KB
2	optzsrv.com 1 redirects t.optzsrv.com	3 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 43373	800 B
1	rtbadshubmy.com feed.rtbadshubmy.com — Cisco Umbrella Rank: 135174	421 B
1	affcpatrk.com 1 redirects affcpatrk.com — Cisco Umbrella Rank: 412524	835 B
1	torrent911a.fr 1 redirects torrent911a.fr	510 B
9	7

	Domain	Requested by
3	t.ocmhood.com	sdk.ocmhood.com
2	realfrutimarketing.com	t.optzsrv.com realfrutimarketing.com
2	t.optzsrv.com	1 redirects
1	cdn.ocmtag.com	sdk.ocmhood.com
1	sdk.ocmhood.com	realfrutimarketing.com
1	feed.rtbadshubmy.com	realfrutimarketing.com
1	affcpatrk.com	1 redirects
1	torrent911a.fr	1 redirects
9	8

This site contains no links.

Subject Issuer	Validity	Valid
optzsrv.com R3	`2024-05-26` - `2024-08-24`	3 months	crt.sh
realfrutimarketing.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
rtbadshubmy.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
ocmhood.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
ocmtag.com Cloudflare Inc ECC CA-3	`2023-12-25` - `2024-12-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5
Frame ID: 8A34001822EC6F9EC29F00546BD1B213
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

http://torrent911a.fr/0.2378872949745836 HTTP 307
https://torrent911a.fr/0.2378872949745836 HTTP 301
https://t.optzsrv.com/splash.php?type=8&idzone=10128 Page URL
https://t.optzsrv.com/splash.php?type=8&idzone=10128&p=https%3A%2F%2Ftorrent9-miroir.fr&tested=1&c... HTTP 302
https://affcpatrk.com/track?id=65ba227c7733fa01ead818e8&aff_sub=opc7gmbppZp7XTT03S2ulc6a51Nrp3Uyul... HTTP 302
https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&si... Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

37 kB
Transfer

78 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://torrent911a.fr/0.2378872949745836 HTTP 307
https://torrent911a.fr/0.2378872949745836 HTTP 301
https://t.optzsrv.com/splash.php?type=8&idzone=10128 Page URL
https://t.optzsrv.com/splash.php?type=8&idzone=10128&p=https%3A%2F%2Ftorrent9-miroir.fr&tested=1&check=aa756896955220919b3103510b503703&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
https://affcpatrk.com/track?id=65ba227c7733fa01ead818e8&aff_sub=opc7gmbppZp7XTT03S2ulc6a51Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0zq66t6LKd6qKtLJY5raZ6qZbba5a56rbrna73UaWV6XbV1bb71a2cccbzz7y51Z0Z8OlcYJCbgNdF_2QPZI.COmrllVNPLK50rpXSuldK6V0rpXSumsmspqlqspc50rpXSuldK6V0rpXSuldnTVVZVLxdtRpXXXvdZvPtpdrNddVnPnm4PsA-&aff_sub2=10128 HTTP 302
https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://torrent911a.fr/0.2378872949745836 HTTP 307
https://torrent911a.fr/0.2378872949745836 HTTP 301
https://t.optzsrv.com/splash.php?type=8&idzone=10128

9 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	splash.php t.optzsrv.com/ Redirect Chain http://torrent911a.fr/0.2378872949745836 https://torrent911a.fr/0.2378872949745836 https://t.optzsrv.com/splash.php?type=8&idzone=10128	1 KB 1 KB	100ms 31ms	Document text/html	95.211.229.248 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://t.optzsrv.com/splash.php?type=8&idzone=10128 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.248 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ds03.evo.0x3e.net Software nginx / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Accept-CH Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version Accept-Ch Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch Access-Control-Allow-Headers X-CH-VALUES Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 03 Jun 2024 21:36:14 GMT Server nginx Transfer-Encoding chunked X-Robots-Tag noindex, follow Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=3600 cf-ray 88e2d148fbe3018c-CDG content-length 167 content-type text/html date Mon, 03 Jun 2024 21:36:14 GMT expires Mon, 03 Jun 2024 22:36:14 GMT location https://t.optzsrv.com/splash.php?type=8&idzone=10128 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnn%2FVjoVw2r1dcUragHA24W76a43SaFjN53lFPMkhX%2BE4ko9WjsK8vU%2FygfD%2FK%2FVq5IozyDfI9HYueXTbNDa3CmThoCoXj4TepTJN9joy0pcgaXirBJONGE1N4naj8ymjA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	Primary Request / Show response realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/ Redirect Chain https://t.optzsrv.com/splash.php?type=8&idzone=10128&p=https%3A%2F%2Ftorrent9-miroir.fr&tested=1&check=aa756896955220919b3103510b503703&screen_resolution=1600x1200&container_resolution=1600x1200&if... https://affcpatrk.com/track?id=65ba227c7733fa01ead818e8&aff_sub=opc7gmbppZp7XTT03S2ulc6a51Nrp3UyuldK6V1Us7qJZp7bKXT3W21S2OldK6d07pXSumdK6V0zq66t6LKd6qKtLJY5raZ6qZbba5a56rbrna73UaWV6XbV1bb71a2cccbzz... https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5	32 KB 20 KB	251ms 205ms	Document text/html	172.67.153.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 Requested by Host: t.optzsrv.com URL: https://t.optzsrv.com/splash.php?type=8&idzone=10128 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.104 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fdb64d68fa7d83d6cc7a777724c71e852a6c0976b9fbae55db258861145a46bf` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer https://t.optzsrv.com/splash.php?type=8&idzone=10128 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-arch "x86" sec-ch-ua-bitness "64" sec-ch-ua-full-version "125.0.6422.112" sec-ch-ua-full-version-list "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0" sec-ch-ua-mobile ?0 sec-ch-ua-model "" sec-ch-ua-platform "Win32" sec-ch-ua-platform-version "10.0.0" Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 88e2d14dec8b6ee7-CDG content-encoding br content-type text/html date Mon, 03 Jun 2024 21:36:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnsE3dmc%2BpgZNfu9egfzpsFw9h7TuAyuMRv%2BJwOgwC5pha3RBmJR1zs%2BWLrNmQW6fy3PmMsdSa%2BRAUjlL%2Fqy97C3bvQ8YuDx%2BTucKdMEtAHdKZD1upexme%2BEJiIBBe%2BPKbluXijX%2F28K"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-access-token access-control-allow-origin * content-length 318 content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests content-type text/html; charset=utf-8 date Mon, 03 Jun 2024 21:36:14 GMT expect-ct max-age=0 location https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 referrer-policy no-referrer server nginx strict-transport-security max-age=15552000; includeSubDomains vary Accept x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 0
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	204	AFU1kAAPatM Show response feed.rtbadshubmy.com/v1/native/	0 421 B	330ms 290ms	Fetch	104.21.76.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feed.rtbadshubmy.com/v1/native/AFU1kAAPatM?subid=65013&uid=32bc4aa2-d3f3-4576-a239-223092954b9a&kw=download%20install&ud_tpcid=JwtCrukXSmL6bfAKZ42lg9nIO_dDZvwQ Requested by Host: realfrutimarketing.com URL: https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.76.3 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://realfrutimarketing.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 21:36:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgMI75myOG3M2WEsj2%2BGU0olaUT8aFXTfmrfOJT6F%2F9Zs5IuSS%2FOsFe6QLH2vv3Au%2Fk8KIXmcyA1oxqFux5T0inYzmymQYzYmHPk3VZr2xzin2d0iUDYVI8DQ0SHd2MhhPCxYxTQNg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 88e2d14f9be30159-CDG alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	conf.json Show response realfrutimarketing.com/hood/cmVhbGZydXRpbWFya2V0aW5nLmNvbQ==/	49 B 506 B	115ms 115ms	Fetch application/json	172.67.153.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://realfrutimarketing.com/hood/cmVhbGZydXRpbWFya2V0aW5nLmNvbQ==/conf.json Requested by Host: realfrutimarketing.com URL: https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.153.104 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `522d63c51fdb9319fff7abf84ab66b8af2d21c51c1efdb4780262b22cb4e2ed8` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform-version "10.0.0" Referer https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 sec-ch-ua-full-version-list "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0" sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 21:36:15 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 08 May 2024 12:50:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"663b7505-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFGcCPI%2Fy6IbAM4RRIgk6QRu87AOa%2BW85qlYa1L%2FsJ5meTV0lbr6AF8pM4Dcbgf2ldADUGWsEgoD4B4TjPpYMlFkicH2MkhumhF0WNd3p%2FAw4mx6CYN%2FWdGz%2BXZjo6P6%2BpYvG2CKLmG1"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 88e2d14f5dc26ee7-CDG alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	9 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	ht.js Show response sdk.ocmhood.com/sdk/	33 KB 13 KB	102ms 62ms	Script application/javascript	172.67.72.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v Requested by Host: realfrutimarketing.com URL: https://realfrutimarketing.com/XnFk8wG87W0XtVXpYswTkkRb9YnFqUg7doVPcTixvuc/?cid=665e374ec8145a3a6ea4b407&sid=615c13d6a6ad89b356eb5fe5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://realfrutimarketing.com/ Origin https://realfrutimarketing.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 21:36:15 GMT content-encoding gzip cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 12460 service-worker-allowed / last-modified Tue, 09 Apr 2024 11:24:49 GMT server cloudflare etag "66152581-30ac" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VyHwixI9bOTPJHjAov9KqvyNttN%2BhjanSQNugZH7VwLDqZHWTDn36IQTGAqAIIM1LV0WxYuTJVTpQft7MRDDRcy4gjrjNO485Is2x6cY3%2FqbA6HC7u5vj2SJpMwshwdRLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 88e2d15048efd5d5-CDG
GET H3	200	NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v.js Show response cdn.ocmtag.com/tag/	423 B 800 B	69ms 31ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v.js Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8ce71a4d6eb58aaf2ee20cab7497744138fab91cfd6f0b8f6cddf0082f2a3936` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://realfrutimarketing.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 21:36:15 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1027 alt-svc h3=":443"; ma=86400 service-worker-allowed / last-modified Fri, 03 May 2024 15:21:01 GMT server cloudflare etag W/"663500dd-1a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcmLSztNocVRmsz9av1O0N0Mw4qr1go%2BNTCmtrYpS1ZCnHayuDhd413m0xXsWbyfkw1AgheESm9mJR7aax%2FFrlkHMyWDMJQYOdCLZw5s1kaQtfoQlNnf1NUqLaMD2jqu9A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 88e2d1511b019e57-CDG
POST H3	201	activity t.ocmhood.com/v2/	0 433 B	86ms 46ms	Ping application/octet-stream	172.67.72.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://realfrutimarketing.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 03 Jun 2024 21:36:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImVa7%2BHIFYWzfALdeKzNcbsKFtBvG5unuFnhrbEXCecn7aCyywx0bsy864bzKM3X0Y5xKiYHXZ6EJsWnCTtK9vnfZfQErCNkqXYakZO%2FXNWdSHchlcPhRfdUw%2BhC6BI%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 88e2d1518e68029a-CDG alt-svc h3=":443"; ma=86400
POST H3	201	activity t.ocmhood.com/v2/	0 400 B	86ms 47ms	Ping application/octet-stream	172.67.72.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://realfrutimarketing.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 03 Jun 2024 21:36:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnBGpDFWPSMeZ6XrCZuTAQqXcPQfh9B6C30QxXh3R3%2FbVDVgE3H7RE8Y7kgDxZyFyQS1fbyQ0scQLOHcYqolS%2Br92rcTC96hj6qBBEv%2F%2Bgo%2F6rJGT1o4Zi%2Bwb2SoJks%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 88e2d1518e65029a-CDG alt-svc h3=":443"; ma=86400
POST H3	201	activity t.ocmhood.com/v2/	0 397 B	44ms 44ms	Ping application/octet-stream	172.67.72.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eXMxNDY4MjE0Nr7v Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://realfrutimarketing.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 03 Jun 2024 21:36:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZCyO2XduTb9JxqHclzW33diAelh5wm%2FF4FSoZCVbbS7xQ6kgva4SNxRXNepMv1MURFMyjg0TLAXa%2Bf45y0njEkvIqCiBxwoYtYugCBVESDEvd8E%2FUdyRu0MWn6Nwyg%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 88e2d15b0f66029a-CDG alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.optzsrv.com/	1970-01-21 06:40:10	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22665e374e535b70.18425408860625899%22%3B%7D
affcpatrk.com/	1970-01-20 21:47:22	Name: ToroAdvertising Value: j%3A%22665e374ec8145a3a6ea4b407%22
realfrutimarketing.com/	1969-12-31 23:59:59	Name: session Value: JwtCrukXSmL6bfAKZ42lg9nIO_dDZvwQ
.realfrutimarketing.com/	1970-01-21 05:49:46	Name: _ht_v Value: 1717450575.6970962702
.realfrutimarketing.com/	1970-01-20 21:04:12	Name: _ht_s Value: 1717450575.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affcpatrk.com
cdn.ocmtag.com
feed.rtbadshubmy.com
realfrutimarketing.com
sdk.ocmhood.com
t.ocmhood.com
t.optzsrv.com
torrent911a.fr
104.21.76.3
172.67.153.104
172.67.72.9
188.114.96.3
188.114.97.3
51.255.127.45
95.211.229.248
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
522d63c51fdb9319fff7abf84ab66b8af2d21c51c1efdb4780262b22cb4e2ed8
81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1
8ce71a4d6eb58aaf2ee20cab7497744138fab91cfd6f0b8f6cddf0082f2a3936
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
fdb64d68fa7d83d6cc7a777724c71e852a6c0976b9fbae55db258861145a46bf

realfrutimarketing.com Open in urlscan Pro 172.67.153.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

6 IPs

4 Countries

37 kBTransfer

78 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

5 Cookies

Indicators

realfrutimarketing.com Open in urlscan Pro
172.67.153.104 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

37 kB
Transfer

78 kB
Size

5
Cookies

9 HTTP transactions
2 data transactions