uberphotoaet.cf Open in urlscan Pro
2606:4700:3036::ac43:b402 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uberphotoaet.cf/
Submission: On July 22 via automatic, source certstream-suspicious (July 22nd 2020, 6:04:25 pm UTC)

Summary HTTP 11 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::ac43:b402, located in United States and belongs to CLOUDFLARENET, US. The main domain is uberphotoaet.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.

This is the only time uberphotoaet.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3036::ac43:b402	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:c0:40e::fe1 2a02:c0:40e::fe1	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
11	6

3 2606:4700:3036::ac43:b402 (United States)

ASN13335 (CLOUDFLARENET, US)

uberphotoaet.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:c0:40e::fe1 (Sweden)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

download.hardware.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gstatic.com fonts.gstatic.com	42 KB
3	uberphotoaet.cf uberphotoaet.cf	50 KB
2	youtube.com 1 redirects youtube.com www.youtube.com	320 B
1	hardware.no download.hardware.no
1	imgur.com i.imgur.com	17 KB
1	googleapis.com fonts.googleapis.com	1 KB
11	6

	Domain	Requested by
4	fonts.gstatic.com	uberphotoaet.cf
3	uberphotoaet.cf	uberphotoaet.cf
1	download.hardware.no
1	www.youtube.com	uberphotoaet.cf
1	youtube.com	1 redirects
1	i.imgur.com	uberphotoaet.cf
1	fonts.googleapis.com	uberphotoaet.cf
11	7

This site contains links to these domains. Also see Links.

Domain
promudpetin.tk
sickcycarvio.gq
gfachofunle.ml
viegelosseo.tk
izfedijus.cf
healthnecknorro.tk
thoulongkarlzig.ml
granpartdisczer.tk
otsahava.gq
viperlocatch.tk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-22` - `2021-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
intraforum.hardware.no Let's Encrypt Authority X3	`2020-05-25` - `2020-08-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://uberphotoaet.cf/
Frame ID: DF5CDE6AB8B1E37347D0FEBE016B40B4
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6XMuUVw7TOM?rel=0
Frame ID: B5577132F794E0B76F8CED7D96AABE1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

110 kB
Transfer

300 kB
Size

4
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://promudpetin.tk/come-scaricare-app-dallo-store-windows-10.aspx
Title: https://promudpetin.tk/come-scaricare-app-dallo-store-windows-10.aspx

Search URL Search Domain Scan URL

URL: https://sickcycarvio.gq/telecharger-on-ai-tous-debout.php
Title: https://sickcycarvio.gq/telecharger-on-ai-tous-debout.php

Search URL Search Domain Scan URL

URL: https://gfachofunle.ml/cut-saison-1-episode-55-streaming.xhtm
Title: https://gfachofunle.ml/cut-saison-1-episode-55-streaming.xhtm

Search URL Search Domain Scan URL

URL: https://viegelosseo.tk/come-trasferire-i-file-scaricati-da-emule.phtm
Title: https://viegelosseo.tk/come-trasferire-i-file-scaricati-da-emule.phtm

Search URL Search Domain Scan URL

URL: https://izfedijus.cf/comment-telecharger-video-a-partir-de-youtube.cgi
Title: https://izfedijus.cf/comment-telecharger-video-a-partir-de-youtube.cgi

Search URL Search Domain Scan URL

URL: https://healthnecknorro.tk/serie-en-streaming-vk-gratuit.shtml
Title: https://healthnecknorro.tk/serie-en-streaming-vk-gratuit.shtml

Search URL Search Domain Scan URL

URL: https://thoulongkarlzig.ml/zone-telechargement-de-musique.php
Title: https://thoulongkarlzig.ml/zone-telechargement-de-musique.php

Search URL Search Domain Scan URL

URL: https://granpartdisczer.tk/scarico-bos-ktm-1290-super-adventure.php
Title: https://granpartdisczer.tk/scarico-bos-ktm-1290-super-adventure.php

Search URL Search Domain Scan URL

URL: https://otsahava.gq/come-si-fa-a-scaricare-video-ds-youtube.xhtml
Title: https://otsahava.gq/come-si-fa-a-scaricare-video-ds-youtube.xhtml

Search URL Search Domain Scan URL

URL: https://viperlocatch.tk/scarica-podcast-mp3.xhtml
Title: https://viperlocatch.tk/scarica-podcast-mp3.xhtml

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://youtube.com/embed/6XMuUVw7TOM?rel=0 HTTP 301
https://www.youtube.com/embed/6XMuUVw7TOM?rel=0

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uberphotoaet.cf/ 9 KB
3 KB 477ms
439ms Document
text/html 2606:4700:3036::ac43:b402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uberphotoaet.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d8adf4eaa6727111b0cc470e3e03b3e9cb59c6bce56f0b6b5f527809bce0435

Request headers

:method: GET
:authority: uberphotoaet.cf
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 22 Jul 2020 18:04:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d019d43b4b455790e1ea29dbe4f3c3d001595441047; expires=Fri, 21-Aug-20 18:04:07 GMT; path=/; domain=.uberphotoaet.cf; HttpOnly; SameSite=Lax
expires: Wed, 29 Jul 2020 18:04:08 GMT
cache-control: max-age=691200
cf-cache-status: MISS
cf-request-id: 04194b8087000007462a19c200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5b6f15140d0b0746-FRA
content-encoding: br

GET
H2 200 style.css
uberphotoaet.cf/ 206 KB
44 KB 108ms
107ms Stylesheet
text/css 2606:4700:3036::ac43:b402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uberphotoaet.cf/style.css
Requested by: Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb60ea302163b8f86fb78b0e9efca16963b5b1de377b0d3d60440b4afe5e480

Request headers

Referer: https://uberphotoaet.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 18:04:08 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: max-age=691200
cf-ray: 5b6f1516dcea0746-FRA
cf-request-id: 04194b8244000007462a1cc200000001
expires: Wed, 29 Jul 2020 18:04:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%2C300%2C700%2C400italic%2C300italic%2C700italic%2C900%2C900italic%3Alatin%7COxygen%3A300%2C400%2C700&subset=latin%2Clatin-ext

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd8eaa8250e649ec2c0ed2be9ce3d8746d7f03feaacb0fd4e7e5981b08f83ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://uberphotoaet.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jul 2020 18:04:08 GMT
server: ESF
date: Wed, 22 Jul 2020 18:04:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jul 2020 18:04:08 GMT

GET
H2 200 jquery.min.js Show response
uberphotoaet.cf/js/ 9 KB
3 KB 77ms
76ms Script
text/html 2606:4700:3036::ac43:b402
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uberphotoaet.cf/js/jquery.min.js
Requested by: Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ff93b0983db7041c147ea5f9b9c839836ce64451b7db9150f0e4eaad33d813

Request headers

Referer: https://uberphotoaet.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jul 2020 18:04:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Jul 2020 18:04:08GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=691200
cf-ray: 5b6f1516dcee0746-FRA
cf-request-id: 04194b8244000007462a1cd200000001
expires: Wed, 29 Jul 2020 18:04:08 GMT

GET
H2 200 HJSsmLP.gif
i.imgur.com/ 16 KB
17 KB 172ms
58ms Image
image/gif 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/HJSsmLP.gif

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uberphotoaet.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 18:04:08 GMT
x-content-type-options: nosniff
age: 4628977
x-cache: HIT, HIT
status: 200
content-length: 16770
x-served-by: cache-bwi5150-BWI, cache-fra19142-FRA
last-modified: Wed, 31 Oct 2018 22:50:27 GMT
server: cat factory 1.0
x-timer: S1595441048.277255,VS0,VE1
etag: "a3e34b4775ae5409b5b84ff56f7676c0"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2

200

6XMuUVw7TOM
www.youtube.com/embed/ Frame B557
Redirect Chain

https://youtube.com/embed/6XMuUVw7TOM?rel=0
https://www.youtube.com/embed/6XMuUVw7TOM?rel=0

0
0

165ms
153ms

Document
text/html

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6XMuUVw7TOM?rel=0

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/6XMuUVw7TOM?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uberphotoaet.cf/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://uberphotoaet.cf/

Response headers

status: 200
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 10700
x-content-type-options: nosniff
date: Wed, 22 Jul 2020 18:04:08 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=qwBpj0IWBNk; path=/; domain=.youtube.com; secure; expires=Mon, 18-Jan-2021 18:04:08 GMT; httponly; samesite=None YSC=zYR3zdPRyTo; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 22-Jul-2020 18:34:08 GMT VISITOR_INFO1_LIVE=qwBpj0IWBNk; path=/; domain=.youtube.com; secure; expires=Mon, 18-Jan-2021 18:04:08 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
location: https://www.youtube.com/embed/6XMuUVw7TOM?rel=0
date: Wed, 22 Jul 2020 18:04:08 GMT
content-type: text/html
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C300%2C700%2C400italic%2C300italic%2C700italic%2C900%2C900italic%3Alatin%7COxygen%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://uberphotoaet.cf

Response headers

date: Wed, 15 Jul 2020 22:11:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:29 GMT
server: sffe
age: 589970
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10280
x-xss-protection: 0
expires: Thu, 15 Jul 2021 22:11:18 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCJW8zaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDcZG1Wl4LcnbuCJW8zaGW5Kb8VZA.woff2

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16b1379eb980b45b6943b22c5d2ec7f39a6e05d7c4247a47732ea98fccbf149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C300%2C700%2C400italic%2C300italic%2C700italic%2C900%2C900italic%3Alatin%7COxygen%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://uberphotoaet.cf

Response headers

date: Thu, 11 Jun 2020 16:20:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:05 GMT
server: sffe
age: 3548648
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10376
x-xss-protection: 0
expires: Fri, 11 Jun 2021 16:20:00 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v21/ 12 KB
12 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v21/u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C300%2C700%2C400italic%2C300italic%2C700italic%2C900%2C900italic%3Alatin%7COxygen%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://uberphotoaet.cf

Response headers

date: Thu, 09 Jul 2020 01:31:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:32 GMT
server: sffe
age: 1182755
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12000
x-xss-protection: 0
expires: Fri, 09 Jul 2021 01:31:33 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
fonts.gstatic.com/s/oxygen/v9/ 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v9/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2

Requested by

Host: uberphotoaet.cf
URL: https://uberphotoaet.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C300%2C700%2C400italic%2C300italic%2C700italic%2C900%2C900italic%3Alatin%7COxygen%3A300%2C400%2C700&subset=latin%2Clatin-ext
Origin: https://uberphotoaet.cf

Response headers

date: Tue, 14 Jul 2020 12:25:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:18 GMT
server: sffe
age: 711518
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10332
x-xss-protection: 0
expires: Wed, 14 Jul 2021 12:25:30 GMT

GET
H/1.1 404
Not Found 1.jpg
download.hardware.no/tester/hovedkort/aopen_i975xa-ydg/ 0
0 314ms
33ms Image
text/html 2a02:c0:40e::fe1
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.hardware.no/tester/hovedkort/aopen_i975xa-ydg/1.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:c0:40e::fe1 , Sweden, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uberphotoaet.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 11:10:42	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zYR3zdPRyTo
.youtube.com/	1970-01-19 15:29:53	Name: VISITOR_INFO1_LIVE Value: qwBpj0IWBNk
.uberphotoaet.cf/	1970-01-19 11:53:53	Name: __cfduid Value: d019d43b4b455790e1ea29dbe4f3c3d001595441047

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

download.hardware.no
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
uberphotoaet.cf
www.youtube.com
youtube.com
151.101.12.193
2606:4700:3036::ac43:b402
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a02:c0:40e::fe1
1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718
3d8adf4eaa6727111b0cc470e3e03b3e9cb59c6bce56f0b6b5f527809bce0435
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
7bb60ea302163b8f86fb78b0e9efca16963b5b1de377b0d3d60440b4afe5e480
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
a4ff93b0983db7041c147ea5f9b9c839836ce64451b7db9150f0e4eaad33d813
bd8eaa8250e649ec2c0ed2be9ce3d8746d7f03feaacb0fd4e7e5981b08f83ebd
d16b1379eb980b45b6943b22c5d2ec7f39a6e05d7c4247a47732ea98fccbf149
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

uberphotoaet.cf Open in urlscan Pro 2606:4700:3036::ac43:b402 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

86 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

110 kBTransfer

300 kBSize

4 Cookies

10 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

4 Cookies

Indicators

uberphotoaet.cf Open in urlscan Pro
2606:4700:3036::ac43:b402 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

110 kB
Transfer

300 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions