rithi.ebert.ink Open in urlscan Pro
2a02:4780:13:1676:0:1f28:7cf2:2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rithi.ebert.ink/
Effective URL:
https://rithi.ebert.ink/login
Submission: On November 30 via api (November 30th 2024, 6:56:23 am UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2a02:4780:13:1676:0:1f28:7cf2:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER Hostinger International Limited, CY. The main domain is rithi.ebert.ink.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 30th 2024. Valid for: 3 months.

This is the only time rithi.ebert.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a02:4780:13:... 2a02:4780:13:1676:0:1f28:7cf2:2	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
6	195.200.3.167 195.200.3.167	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
2	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

2 2a02:4780:13:1676:0:1f28:7cf2:2 (São Paulo, Brazil) 1 redirects

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

rithi.ebert.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.200.3.167 (Germany)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

rithi.ebert.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ebert.ink 1 redirects rithi.ebert.ink	156 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 740	129 KB
9	2

	Domain	Requested by
8	rithi.ebert.ink	1 redirects rithi.ebert.ink
2	unpkg.com	rithi.ebert.ink unpkg.com
9	2

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com

Subject Issuer	Validity	Valid
rithi.ebert.ink ZeroSSL RSA Domain Secure Site CA	`2024-11-30` - `2025-02-28`	3 months	crt.sh
unpkg.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rithi.ebert.ink/login
Frame ID: FBEA889415B01A41DA80D15FAA1FB005
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Rithi

Page URL History Show full URLs

https://rithi.ebert.ink/ HTTP 302
https://rithi.ebert.ink/login Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

285 kB
Transfer

815 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=5548991348266&text=Ol%C3%A1,%20preciso%20de%20ajuda%20com%20o%20login%20no%20painel.%0a%0aDom%C3%ADnio:%20rithi.ebert.ink
Title: WhatsApp: (48) 99134-8266

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rithi.ebert.ink/ HTTP 302
https://rithi.ebert.ink/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
rithi.ebert.ink/
Redirect Chain

https://rithi.ebert.ink/
https://rithi.ebert.ink/login

3 KB
1 KB

334ms
334ms

Document
text/html

2a02:4780:13:1676:0:1f28:7cf2:2
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1676:0:1f28:7cf2:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.2.19

Resource Hash

984c26e5965e834ef71a331ecf8f605d8ed59580af8fa5c60d721d627aead174

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 1251
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 06:56:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
panel: hpanel
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.19

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 06:56:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://rithi.ebert.ink/login
panel: hpanel
platform: hostinger
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/8.2.19

GET
H3 200 boot.css
rithi.ebert.ink/shared/styles/ 5 KB
2 KB 263ms
262ms Stylesheet
text/css 195.200.3.167
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/shared/styles/boot.css?v=1.5.5

Requested by

Host: rithi.ebert.ink
URL: https://rithi.ebert.ink/login

Protocol

Security

QUIC, , AES_128_GCM

Server

195.200.3.167 , Germany, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

63d35f59a0ec5da3f049641ffb40d222cd6a0f8eadcdf4df145bddacef88a130

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/login

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "1304-673fe72e-ff7941982328da2f;br"
expires: Sat, 07 Dec 2024 06:56:18 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1410
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 02:06:38 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H3 200 login.css
rithi.ebert.ink/themes/admin/assets/css/login/ 3 KB
736 B 265ms
264ms Stylesheet
text/css 195.200.3.167
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/themes/admin/assets/css/login/login.css?v=1.5.5

Requested by

Host: rithi.ebert.ink
URL: https://rithi.ebert.ink/login

Protocol

Security

QUIC, , AES_128_GCM

Server

195.200.3.167 , Germany, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

36ef2aaaae3e0a753121762085d66eab4d771de379e2dcd8a5db73c4c64bd205

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/login

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "c22-673fe72e-74373a76c76ef2fe;br"
expires: Sat, 07 Dec 2024 06:56:18 GMT
accept-ranges: bytes
content-length: 683
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 02:06:38 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.1.4/css/ 66 KB
16 KB 125ms
46ms Stylesheet
text/css 2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css

Requested by

Host: rithi.ebert.ink
URL: https://rithi.ebert.ink/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "109bc-IH/O3L/2oFuyFxGxc9h5/AQWzS0"
age: 186902
x-content-type-options: nosniff
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDRBEEAXMYSD4GWT8BXZQ4AS-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ea8efd33e57d3bd-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery.min.js Show response
rithi.ebert.ink/shared/scripts/ 87 KB
29 KB 721ms
720ms Script
application/x-javascript 195.200.3.167
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/shared/scripts/jquery.min.js

Requested by

Host: rithi.ebert.ink
URL: https://rithi.ebert.ink/login

Protocol

Security

QUIC, , AES_128_GCM

Server

195.200.3.167 , Germany, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/login

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "15d9c-673fe72e-82eb3d654c5eb682;br"
expires: Sat, 07 Dec 2024 06:56:18 GMT
accept-ranges: bytes
content-length: 30019
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: application/x-javascript
last-modified: Fri, 22 Nov 2024 02:06:38 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H3 200 jquery-ui.js Show response
rithi.ebert.ink/shared/scripts/ 533 KB
118 KB 268ms
268ms Script
application/x-javascript 195.200.3.167
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/shared/scripts/jquery-ui.js

Requested by

Host: rithi.ebert.ink
URL: https://rithi.ebert.ink/login

Protocol

Security

QUIC, , AES_128_GCM

Server

195.200.3.167 , Germany, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

69ec7ca41b07c06a9d7718e4a05b80d9237b4fed33066edac3dc765e5a5b3d53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/login

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "85213-673fe72e-2689c1a9d30dd2be;br"
expires: Sat, 07 Dec 2024 06:56:18 GMT
accept-ranges: bytes
content-length: 120602
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: application/x-javascript
last-modified: Fri, 22 Nov 2024 02:06:38 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H3 200 login.js Show response
rithi.ebert.ink/themes/admin/assets/js/login/ 891 B
524 B 720ms
720ms Script
application/x-javascript 195.200.3.167
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/themes/admin/assets/js/login/login.js?v=1.5.5

Requested by

Host: rithi.ebert.ink
URL: https://rithi.ebert.ink/login

Protocol

Security

QUIC, , AES_128_GCM

Server

195.200.3.167 , Germany, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4133dba85e12897e6cc40d8542e55c562eba94038debf8c70d20cdf32aacc4f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/login

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "37b-673fe72e-b43a0b4eb94ffc40;br"
expires: Sat, 07 Dec 2024 06:56:18 GMT
accept-ranges: bytes
content-length: 293
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: application/x-javascript
last-modified: Fri, 22 Nov 2024 02:06:38 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 boxicons.woff2
unpkg.com/boxicons@2.1.4/fonts/ 113 KB
113 KB 123ms
47ms Font
font/woff2 2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.1.4/fonts/boxicons.woff2

Requested by

Host: unpkg.com
URL: https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b87cbc74f3ffaf08314a5d81b501be6fc36f553dbe446ef5a4b29f0138ba0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rithi.ebert.ink
Referer: https://unpkg.com/boxicons@2.1.4/css/boxicons.min.css

Response headers

cf-cache-status: HIT
etag: "1c3e0-dYYItuOc1CPdme7DmA+Oiq4NlrA"
age: 104505
x-content-type-options: nosniff
date: Sat, 30 Nov 2024 06:56:18 GMT
content-type: font/woff2
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JDTT0XF4J4VXXSFGMP2WD5MQ-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8ea8efd4ef92d2c3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115680
server: cloudflare

GET
H3 200 favicon.png
rithi.ebert.ink/themes/admin/assets/images/ 4 KB
4 KB 237ms
236ms Other
image/png 195.200.3.167
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://rithi.ebert.ink/themes/admin/assets/images/favicon.png?v=1.5.5

Protocol

Security

QUIC, , AES_128_GCM

Server

195.200.3.167 , Germany, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b3c179b0f1d1b790f0e86d12fcdbc5779ddee25cbb12d0976933e50fbf77a3b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rithi.ebert.ink/login

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "1060-673fe72e-cb3cbd7be176f31;;;"
expires: Sat, 07 Dec 2024 06:56:19 GMT
accept-ranges: bytes
content-length: 4192
date: Sat, 30 Nov 2024 06:56:19 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 02:06:38 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rithi.ebert.ink/	1969-12-31 23:59:59	Name: PHPSESSID Value: ihed4uopu1aedmt1pir07jdhfj

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://rithi.ebert.ink/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rithi.ebert.ink
unpkg.com
195.200.3.167
2606:4700::6811:f5cb
2a02:4780:13:1676:0:1f28:7cf2:2
36ef2aaaae3e0a753121762085d66eab4d771de379e2dcd8a5db73c4c64bd205
4133dba85e12897e6cc40d8542e55c562eba94038debf8c70d20cdf32aacc4f3
4b87cbc74f3ffaf08314a5d81b501be6fc36f553dbe446ef5a4b29f0138ba0b0
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
63d35f59a0ec5da3f049641ffb40d222cd6a0f8eadcdf4df145bddacef88a130
69ec7ca41b07c06a9d7718e4a05b80d9237b4fed33066edac3dc765e5a5b3d53
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
984c26e5965e834ef71a331ecf8f605d8ed59580af8fa5c60d721d627aead174
b3c179b0f1d1b790f0e86d12fcdbc5779ddee25cbb12d0976933e50fbf77a3b6

rithi.ebert.ink Open in urlscan Pro 2a02:4780:13:1676:0:1f28:7cf2:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

3 Countries

285 kBTransfer

815 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

rithi.ebert.ink Open in urlscan Pro
2a02:4780:13:1676:0:1f28:7cf2:2 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

285 kB
Transfer

815 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions