oungukroftu.com Open in urlscan Pro
104.21.33.240  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response oungukroftu.com/	7 KB 3 KB	150ms 92ms	Document text/html	104.21.33.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.33.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 60ebda73fb888fe79124bbb14fcb5ff1d652d462d09b375bb233bf182c83ddc0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87bb9f5a9e6b2bb0-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 29 Apr 2024 01:47:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTYqFC6i1tf5Xa311Acd31KCUQrI1nwG0LbVPJL4%2Fmf3hZlO5zvrnDZ%2BJ6a2OYnhXxtIJ3BlEQ0XjFsY9y7gFPuY5x6%2Fx3KDDDsRztPll3pI7ZYcP7Cq64crgFGo1HV2JSE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	bg.jpg littlecdn.com/apps/templates/_static/robot-test-ggl/src/	11 KB 12 KB	148ms 49ms	Image image/jpeg	2606:4700:10::6816:1974 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://littlecdn.com/apps/templates/_static/robot-test-ggl/src/bg.jpg Requested by Host: oungukroftu.com URL: https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18e7d9e381beb2aed1efe3a7fafed0d6df4e47533f83b9a074fe3812bfa12454 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 01:47:10 GMT cf-cache-status HIT age 606 content-length 11724 cf-bgj h2pri last-modified Sat, 27 Apr 2024 09:07:56 GMT server cloudflare etag "662cc06c-2dcc" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/jpeg access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 accept-ranges bytes cf-ray 87bb9f5bc8eea5f9-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	verif.jpg littlecdn.com/apps/templates/_static/robot-test-ggl/src/	12 KB 13 KB	152ms 53ms	Image image/jpeg	2606:4700:10::6816:1974 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://littlecdn.com/apps/templates/_static/robot-test-ggl/src/verif.jpg Requested by Host: oungukroftu.com URL: https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b591d8ab38bc817f74920749ff72cc5405e054c46ec518155cb813d44ec91ea7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 01:47:10 GMT cf-cache-status HIT age 606 content-length 12751 cf-bgj h2pri last-modified Sat, 27 Apr 2024 09:07:56 GMT server cloudflare etag "662cc06c-31cf" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/jpeg access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 accept-ranges bytes cf-ray 87bb9f5bc8efa5f9-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	micro.tag.min.js Show response facevideosc.com/	26 KB 11 KB	156ms 52ms	Script application/javascript	2606:4700:20::ac43:4741 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://facevideosc.com/micro.tag.min.js?z=6350625&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Requested by Host: oungukroftu.com URL: https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4741 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 01:47:10 GMT content-encoding br cf-cache-status HIT last-modified Mon, 31 Jul 2023 21:58:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2921284 etag W/"64c82e80-689b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0aChF6FVwpUQBocrCrrtjxWX6ZWayxkhFVpHQLOTHP71afn4Ug%2FCYUo9%2B7jiJjvnl3nwmS6cYkE5aiSBavo34HjpIJERpXGODp8gV3jiwsKkQIXTbCTSkO2qyYVj3%2B%2FRdfvPUzxF%2BNACdvdcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 87bb9f5bec425d49-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	sw-check-permissions-local-5137789.js oungukroftu.com/	0 942 B	65ms 65ms	Other application/javascript	104.21.33.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oungukroftu.com/sw-check-permissions-local-5137789.js?var=null&ymid=null Requested by Host: facevideosc.com URL: https://facevideosc.com/micro.tag.min.js?z=6350625&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.33.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 01:47:10 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=568 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 27 Apr 2024 09:07:56 GMT server cloudflare etag W/"662cc06c-238" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmlwaE5RVYDAL7%2B83g%2BkJDQrmM3cSfyhjRN1Nh0mezKL4883dj5EIfXc2bOOI8PIIm7zF5AXIeOdlZsVAmKafH1m60yhWXdHB6E2659O0IE98c5pid0DBJVcFmkVHrwBhT4%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=86400 cf-ray 87bb9f5c4f2e2bb0-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
POST H2	200	zone ddtvskish.com/	0 369 B	155ms 50ms	Ping text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ddtvskish.com/zone?&pub=0&zone_id=6350625&is_mobile=false&domain=oungukroftu.com&var=null&ymid=null&var_3=&var_4=&dsig=&action=prerequest Requested by Host: facevideosc.com URL: https://facevideosc.com/micro.tag.min.js?z=6350625&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-trace-id 004a47e48897930401c9efcc73f9cecc date Mon, 29 Apr 2024 01:47:10 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model access-control-allow-origin https://oungukroftu.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 0
GET H3	204	favicon.ico oungukroftu.com/	0 413 B	48ms 48ms	Other text/plain	104.21.33.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://oungukroftu.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.33.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 01:47:10 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6161 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPWgoB9YA61dYtQ0Pmxa%2Bnm1KIuI55N7AQHt1v9oTkptRWsUVtvbUMrqo0Mrq%2BigYChAWW5HoNHrbNHUaCLYXCtwUk9Iu%2B2c05yrp30tEZwvc4ydtGTE73gohEo7RKML%2BrE%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 cf-ray 87bb9f5c5f342bb0-FRA alt-svc h3=":443"; ma=86400
GET H2	200	gid.js Show response my.rtmark.net/	65 B 544 B	151ms 49ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6350625&checkDuplicate=true&ymid=null&var=null Requested by Host: facevideosc.com URL: https://facevideosc.com/micro.tag.min.js?z=6350625&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3310071fa65ba8f4783ea07ff5a982ac03f801d16321a5e506e193c99d4be2d8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 01:47:10 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://oungukroftu.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone Show response ddtvskish.com/	903 B 1 KB	141ms 50ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ddtvskish.com/zone?&pub=0&zone_id=6350625&is_mobile=false&domain=oungukroftu.com&var=null&ymid=null&var_3=&var_4=&dsig=&action=settings Requested by Host: facevideosc.com URL: https://facevideosc.com/micro.tag.min.js?z=6350625&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 0d09257c7a15e4f95f638934f3bfb183ec1259e1573bd5f057bf4a22829b0ffb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://oungukroftu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-trace-id b3351f42b277a46bef1e31d85ff8e7b7 date Mon, 29 Apr 2024 01:47:10 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://oungukroftu.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 903

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| url object| pci object| ppi object| pzParam string| dom object| s undefined| pushTagDomain undefined| mtSameDomain number| click_id number| zone_id string| lParam object| tbParam object| rdLimitParam string| tbZone string| limitCounters number| counter_url object| zfgformats

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oungukroftu.com/	1970-01-20 20:12:38	Name: reverse Value: a3Rb_RvMsTIqLS8iBs9k-hE_UDXCSk23lAqhHg9DShU
			oungukroftu.com/	1970-01-21 05:48:35	Name: OAID Value: 9df12c84a830402ac473e4d4a717d5c5
			oungukroftu.com/	1970-01-21 05:48:35	Name: oaidts Value: 1714355229
			my.rtmark.net/	1970-01-21 04:58:11	Name: ID Value: 08004d577f3341c5e6857bdc9d0fe7ad

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://oungukroftu.com/?l=zboMD5XqhlhCmPx&s=808627034564866430&z=7151137&pz=6418807&tb=6418808# Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ddtvskish.com
facevideosc.com
littlecdn.com
my.rtmark.net
oungukroftu.com
104.21.33.240
139.45.195.8
139.45.197.250
2606:4700:10::6816:1974
2606:4700:20::ac43:4741
0d09257c7a15e4f95f638934f3bfb183ec1259e1573bd5f057bf4a22829b0ffb
18e7d9e381beb2aed1efe3a7fafed0d6df4e47533f83b9a074fe3812bfa12454
243c48bee24c3cf6d83aa582a417b6d2012310147215146b4427d5c8a617ec6e
3310071fa65ba8f4783ea07ff5a982ac03f801d16321a5e506e193c99d4be2d8
60ebda73fb888fe79124bbb14fcb5ff1d652d462d09b375bb233bf182c83ddc0
b591d8ab38bc817f74920749ff72cc5405e054c46ec518155cb813d44ec91ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855