urlscan.io logo urlscan.io
SecurityTrails logo

gold.tabesebarlo.tk Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://gold.tabesebarlo.tk/
Submission: On January 10 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gold.tabesebarlo.tk.
This is the only time gold.tabesebarlo.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gold.tabesebarlo.tk
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
lookaside.fbsbx.com
2    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    168.119.41.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lx23.hoststar.hosting
www.kochkurse-salzburg.at
1    2600:9000:214f:dc00:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)
q-cf.bstatic.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
2 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 bstatic.com
q-cf.bstatic.com — Cisco Umbrella Rank: 248559
42 KB
1 kochkurse-salzburg.at
www.kochkurse-salzburg.at
95 KB
1 fbsbx.com
lookaside.fbsbx.com — Cisco Umbrella Rank: 9293
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
1 tabesebarlo.tk
gold.tabesebarlo.tk
12 KB
6 7
Domain Requested by
2 www.facebook.com 1 redirects gold.tabesebarlo.tk
1 fonts.gstatic.com fonts.googleapis.com
1 q-cf.bstatic.com gold.tabesebarlo.tk
1 www.kochkurse-salzburg.at gold.tabesebarlo.tk
1 lookaside.fbsbx.com 1 redirects
1 fonts.googleapis.com gold.tabesebarlo.tk
1 gold.tabesebarlo.tk
6 7

This site contains no links.

Subject Issuer Validity Valid
*.bstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-21 -
2023-10-11		 a year crt.sh

This page contains 1 frames:

Primary Page: http://gold.tabesebarlo.tk/
Frame ID: 0E52C70623CDF13797ED8DD52C37AC5D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dein Lieblingskino

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

6
Requests

17 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

178 kB
Transfer

210 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=3354905121228624 HTTP 302
  • https://www.facebook.com/harrer.eisdielen/photos/a.112787282107107/3354905121228624/?type=3&is_lookaside=1 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fharrer.eisdielen%2Fphotos%2Fa.112787282107107%2F3354905121228624%2F%3Ftype%3D3%26is_lookaside%3D1

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gold.tabesebarlo.tk/ 		38 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gold.tabesebarlo.tk/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fa9dd01678a459a7b538eca8b0a824f201a5bc045458357abaa49abd3c97e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7873fce9baae4196-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Jan 2023 08:19:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EYDDE3cAuQE8mlrJZTrB8gmVPNmj5BF9%2B7SyAaYqOz1%2FFzce%2B0csgPRrmS21VWdw6H40gfYwXgoJPC92hr4mm9rqHfvbngSbMtJZOc1hQqnaXnjGQ7kLvweva7RWJ3CdiqqtZBg06TPvcz9JfYf6yWi"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: gold.tabesebarlo.tk
URL: http://gold.tabesebarlo.tk/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
629b012c851f4242e4e12f5f51c9e02609423e89cafee41bc838631114ac9455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://gold.tabesebarlo.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 08:19:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 10 Jan 2023 08:05:51 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 10 Jan 2023 08:19:29 GMT
/
www.facebook.com/login/
Redirect Chain
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=3354905121228624
  • https://www.facebook.com/harrer.eisdielen/photos/a.112787282107107/3354905121228624/?type=3&is_lookaside=1
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fharrer.eisdielen%2Fphotos%2Fa.112787282107107%2F3354905121228624%2F%3Ftype%3D3%26is_lookaside%3D1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fharrer.eisdielen%2Fphotos%2Fa.112787282107107%2F3354905121228624%2F%3Ftype%3D3%26is_lookaside%3D1
Requested by
Host: gold.tabesebarlo.tk
URL: http://gold.tabesebarlo.tk/
Protocol
H2
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://gold.tabesebarlo.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 08:19:29 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
IW0ON5WJBoWoww9Qf2cOLlM5F2GgxVOaMjiuUmqIOFb0oM9dvC4QV0YVRYScwGjLCT3FT70bUCAAtz8dJQyWog==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html; charset="utf-8"
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fharrer.eisdielen%2Fphotos%2Fa.112787282107107%2F3354905121228624%2F%3Ftype%3D3%26is_lookaside%3D1
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
topfsuchtdeckel.jpg
www.kochkurse-salzburg.at/images/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.kochkurse-salzburg.at/images/topfsuchtdeckel.jpg
Requested by
Host: gold.tabesebarlo.tk
URL: http://gold.tabesebarlo.tk/
Protocol
HTTP/1.1
Server
168.119.41.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lx23.hoststar.hosting
Software
nginx /
Resource Hash
219df85bbee5a44c524eff48d24350e68f40aed1f09dcb7c8fd6c7e5f409d16e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://gold.tabesebarlo.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 08:19:29 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Sat, 24 Apr 2010 22:59:38 GMT
Server
nginx
ETag
"17a4d-485037f8a2a80"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96845
176702049.jpg
q-cf.bstatic.com/images/hotel/max500/176/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q-cf.bstatic.com/images/hotel/max500/176/176702049.jpg
Requested by
Host: gold.tabesebarlo.tk
URL: http://gold.tabesebarlo.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:dc00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
acce7dbcf8e190c21e4e6b40c195c97149020c6a14fc052e31218dd1cf3f498b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://gold.tabesebarlo.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 08:19:29 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
etag
"b5cee4cf0c98852b7c1deb721cb7f7c12f9bab88"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
vYV-huFZkNhrHut3Fp0WxTzXcqlPiBm1MD4mSz-LIPkAGQLOfvxnAQ==
content-length
43050
x-xss-protection
1; mode=block
expires
Thu, 09 Feb 2023 08:19:29 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://gold.tabesebarlo.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 07 Jan 2023 18:08:55 GMT
X-Content-Type-Options
nosniff
Age
223834
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
27268
X-XSS-Protection
0
Last-Modified
Mon, 11 Jul 2022 18:56:23 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 07 Jan 2024 18:08:55 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
gold.tabesebarlo.tk/ Name: ch1c
Value: b