app.twinaribdemor.tk Open in urlscan Pro
2606:4700:3030::ac43:94a3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://app.twinaribdemor.tk/
Submission: On November 19 via api (November 19th 2020, 9:06:24 am UTC) from BR

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3030::ac43:94a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.twinaribdemor.tk.

This is the only time app.twinaribdemor.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::ac43:94a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.72.16 192.0.72.16	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	104.106.216.219 104.106.216.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	94.126.171.2 94.126.171.2	33876 (FLESK-AS) (FLESK-AS)
1	143.204.201.81 143.204.201.81	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:170... 2a02:26f0:1700:1a3::19fe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
13	10

1 2606:4700:3030::ac43:94a3 (United States)

ASN13335 (CLOUDFLARENET, US)

app.twinaribdemor.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.16 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

abrilmdemulher.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.106.216.219 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)

gente.ig.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.126.171.2 (Seixal, Portugal)

ASN33876 (FLESK-AS, PT)

www.salaschat.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)

img.elo7.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:1a3::19fe (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

images-americanas.b2w.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	youtube.com www.youtube.com
2	gstatic.com fonts.gstatic.com	57 KB
2	ig.com.br 1 redirects gente.ig.com.br	193 KB
1	pinimg.com i.pinimg.com	45 KB
1	b2w.io images-americanas.b2w.io	44 KB
1	elo7.com.br img.elo7.com.br	165 KB
1	salaschat.com.br www.salaschat.com.br	12 KB
1	wordpress.com abrilmdemulher.files.wordpress.com	42 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	twinaribdemor.tk app.twinaribdemor.tk	16 KB
13	10

	Domain	Requested by
3	www.youtube.com	app.twinaribdemor.tk
2	fonts.gstatic.com	fonts.googleapis.com
2	gente.ig.com.br	1 redirects app.twinaribdemor.tk
1	i.pinimg.com	app.twinaribdemor.tk
1	images-americanas.b2w.io	app.twinaribdemor.tk
1	img.elo7.com.br	app.twinaribdemor.tk
1	www.salaschat.com.br	app.twinaribdemor.tk
1	abrilmdemulher.files.wordpress.com	app.twinaribdemor.tk
1	fonts.googleapis.com	app.twinaribdemor.tk
1	app.twinaribdemor.tk
13	10

This site contains no links.

Subject Issuer	Validity	Valid
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
*.ig.com.br DigiCert SHA2 Secure Server CA	`2020-07-14` - `2021-10-13`	a year	crt.sh
www.clubecupido.com Let's Encrypt Authority X3	`2020-09-19` - `2020-12-18`	3 months	crt.sh
*.img.elo7.com.br Amazon	`2020-03-13` - `2021-04-13`	a year	crt.sh
b2wdigital.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2021-07-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.pinimg.com DigiCert SHA2 High Assurance Server CA	`2020-05-28` - `2021-06-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://app.twinaribdemor.tk/
Frame ID: D336634518ACEBAF88FDAF09BDE69826
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UybGw37WbuY
Frame ID: 2649879750D7CCCB4A1B5BE6F573C00E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/n_trxXfNNoc
Frame ID: C8BE1CB871370CB5D49D2F59C7584C02
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kQOpkOofSXo
Frame ID: 34B3D7448886143A6D0A2A62A7F6378E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

69 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

576 kB
Transfer

614 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://gente.ig.com.br/images/110/110/9/8433443.william_416_499.jpg HTTP 301
https://gente.ig.com.br/images/110/110/9/8433443.william_416_499.jpg

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
app.twinaribdemor.tk/ 51 KB
16 KB 59ms
35ms Document
text/html 2606:4700:3030::ac43:94a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://app.twinaribdemor.tk/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:94a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12244ef25691079a57092fbfcabd5adf7df3033d40035edbd695b7f2c149ee68

Request headers

Host: app.twinaribdemor.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 09:06:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1e95b0f7641b94d6ab03871d2d00763f1605776766; expires=Sat, 19-Dec-20 09:06:06 GMT; path=/; domain=.twinaribdemor.tk; HttpOnly; SameSite=Lax ch1c=b
CF-Cache-Status: DYNAMIC
cf-request-id: 06815a0f7000002484d48fe000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SSva5MM9FXOkxT6y2gUx3uiDMeD8tx1ISIpRZ4eT%2FpKKDzSYWBm0JW4opUAqperSdMcHBamdSN4URMIUejoFAYLi23LV82PCo9iiKN7Qrla4i%2F4NGOBcoSbj%2BpmhNuoOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5f48c5f8b8922484-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 21ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

286d54b08df1ef7661c20fe4e151f3c2bf9d7205869cf1a14318ac1199dcc8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 09:06:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Nov 2020 09:06:06 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 19 Nov 2020 09:06:06 GMT

GET
H2 200 william-kate-oficial-2.jpg
abrilmdemulher.files.wordpress.com/2016/10/ 42 KB
42 KB 495ms
438ms Image
image/webp 192.0.72.16
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abrilmdemulher.files.wordpress.com/2016/10/william-kate-oficial-2.jpg?quality=90&strip=info&w=620

Requested by

Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.16 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a90952c54eb41896564545aaf9f8973618ec64f0faaa9524d42d66d49f347188

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS hhn 16 np
date: Thu, 19 Nov 2020 09:06:07 GMT
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Fri, 28 Oct 2016 03:31:55 GMT
server: nginx
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://abrilmdemulher.wordpress.com
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 42970
access-control-allow-credentials: true
expires: Thu, 17 Dec 2020 22:21:30 GMT

GET
H2

200

8433443.william_416_499.jpg
gente.ig.com.br/images/110/110/9/
Redirect Chain

http://gente.ig.com.br/images/110/110/9/8433443.william_416_499.jpg
https://gente.ig.com.br/images/110/110/9/8433443.william_416_499.jpg

193 KB
193 KB

552ms
274ms

Image
image/jpeg

104.106.216.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gente.ig.com.br/images/110/110/9/8433443.william_416_499.jpg

Requested by

Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.106.216.219 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

547e88ae45b698539362f229413dd7b17f947638f974f60e872e6526a153cb46

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-encoding: gzip
last-modified: Sat, 25 May 2013 06:26:14 GMT
access-control-allow-origin: *
etag: "2ec195e-302a9-4dd84fe1211fe"
vary: Accept-Encoding
content-type: image/jpeg
x-url: /images/110/110/9/8433443.william_416_499.jpg
cache-control: max-age=60
date: Thu, 19 Nov 2020 09:06:07 GMT
accept-ranges: bytes
content-length: 196940
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 2020 09:07:07 GMT

Redirect headers

Location: https://gente.ig.com.br/images/110/110/9/8433443.william_416_499.jpg
Date: Thu, 19 Nov 2020 09:06:07 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 chatimagem.php
www.salaschat.com.br/ 12 KB
12 KB 301ms
112ms Image
image/jpeg 94.126.171.2
FLESK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.salaschat.com.br/chatimagem.php?file=zc7LkoNqZHuom5ddlY6VmYtpbICukc6gyw==&s=83
Requested by: Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.126.171.2 Seixal, Portugal, ASN33876 (FLESK-AS, PT),
Reverse DNS
Software: Server02 /
Resource Hash: be9e2a716e5ddce06625c1ac4f08ae1181888bb60e3733dc1401aae28db3660f

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 09:06:07 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: Server02
content-type: image/jpeg

GET
H2 200 par-de-alianca-grossa-em-prata-pura-para-namoro-garantia-da-alianca.jpg
img.elo7.com.br/product/zoom/27E5CFD/ 164 KB
165 KB 90ms
35ms Image
image/jpg 143.204.201.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.elo7.com.br/product/zoom/27E5CFD/par-de-alianca-grossa-em-prata-pura-para-namoro-garantia-da-alianca.jpg
Requested by: Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1572d2ccdaab71e23a87bfacf347cebeaa5715acefc4f022d47d639acd730f61

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 09:03:27 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jun 2019 16:22:46 GMT
server: AmazonS3
age: 160
x-amz-meta-author: aerryk
etag: "d830abd29cd9b8b33439fdbe96c86a6b"
x-cache: Hit from cloudfront
x-amz-version-id: ZgmLZiL0CS0LwQWm3lwis9QeAaZGHqoK
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: image/jpg
content-length: 168040
x-amz-cf-id: ZF9m-i3OVYNLXDUeqIxB77ryMbi2asua42Nvm7vDUg24nltoS1gwJQ==

GET
H2 200 1250136496_1GG.jpg
images-americanas.b2w.io/produtos/01/00/img/1250136/4/ 43 KB
44 KB 38ms
19ms Image
image/webp 2a02:26f0:1700:1a3::19fe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-americanas.b2w.io/produtos/01/00/img/1250136/4/1250136496_1GG.jpg
Requested by: Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:1a3::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: BIS /
Resource Hash: 9631a415be0ae672f118ed71793c27d694a85935193283ab7f1e6126aa78ad4f

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 09:06:06 GMT
last-modified: Wed, 18 Nov 2020 11:45:35 GMT
server: BIS
etag: 940661cef8c63f76daf75d7c83291bae39307d46cb2dff1fb5ab6b990f8dd633
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control: public, max-age=604800
warning: 46960
content-disposition: inline; filename="1250136496_1GG.webp"
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length: 43998
x-request-id: OZixwMdTcxmh2a-nHTPEQ
expires: Thu, 26 Nov 2020 09:06:06 GMT

GET
H2 200 UybGw37WbuY
www.youtube.com/embed/ Frame 2649 0
0 114ms
95ms Document
text/html 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UybGw37WbuY

Requested by

Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/UybGw37WbuY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://app.twinaribdemor.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://app.twinaribdemor.tk/

Response headers

expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 19948
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Thu, 19 Nov 2020 09:06:06 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=YRSc0Pe12Ck; path=/; domain=.youtube.com; secure; expires=Tue, 18-May-2021 09:06:06 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=YRSc0Pe12Ck; path=/; domain=.youtube.com; secure; expires=Tue, 18-May-2021 09:06:06 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 19-Nov-2020 09:36:06 GMT YSC=X_iRyB_LfF8; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 n_trxXfNNoc
www.youtube.com/embed/ Frame C8BE 0
0 118ms
100ms Document
text/html 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/n_trxXfNNoc

Requested by

Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/n_trxXfNNoc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://app.twinaribdemor.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://app.twinaribdemor.tk/

Response headers

expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-length: 20246
strict-transport-security: max-age=31536000
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 19 Nov 2020 09:06:06 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=xSWJdYXl1Wo; path=/; domain=.youtube.com; secure; expires=Tue, 18-May-2021 09:06:06 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=xSWJdYXl1Wo; path=/; domain=.youtube.com; secure; expires=Tue, 18-May-2021 09:06:06 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 19-Nov-2020 09:36:06 GMT YSC=JIGd1tBE2os; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 kQOpkOofSXo
www.youtube.com/embed/ Frame 34B3 0
0 123ms
106ms Document
text/html 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/kQOpkOofSXo

Requested by

Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/kQOpkOofSXo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://app.twinaribdemor.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://app.twinaribdemor.tk/

Response headers

p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-length: 20149
content-encoding: br
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 19 Nov 2020 09:06:06 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=_2G54iDmdXY; path=/; domain=.youtube.com; secure; expires=Tue, 18-May-2021 09:06:06 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 19-Nov-2020 09:36:06 GMT VISITOR_INFO1_LIVE=_2G54iDmdXY; path=/; domain=.youtube.com; secure; expires=Tue, 18-May-2021 09:06:06 GMT; httponly; samesite=None YSC=iwqLRb1vCFk; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 327927db1de4b47f3855710ef8053b09.jpg
i.pinimg.com/originals/32/79/27/ 45 KB
45 KB 134ms
118ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/32/79/27/327927db1de4b47f3855710ef8053b09.jpg
Requested by: Host: app.twinaribdemor.tk
URL: http://app.twinaribdemor.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4503122c8d4959ef05c917cd84cfebdb2d469e68217c97896747b571d0e3e6d

Request headers

Referer: http://app.twinaribdemor.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 09:06:07 GMT
cf-bgj: h2pri
x-cdn: cloudflare
etag: "83ce4315344535a98e035ad5b3d21ce7"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5f48c5f91ce92b89-FRA
content-length: 45931
cf-request-id: 06815a0faf00002b8978071000000001
server: cloudflare

GET
H/1.1 200
OK jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v6/ 27 KB
27 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/librefranklin/v6/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca038fe1e21c8c9a0409b1752eaa3d729bef79d9a53f1e5d674400ff9b972b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://app.twinaribdemor.tk
Referer: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 22:41:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:02:30 GMT
Server: sffe
Age: 555892
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 27260
X-XSS-Protection: 0
Expires: Fri, 12 Nov 2021 22:41:14 GMT

GET
H/1.1 200
OK jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2
fonts.gstatic.com/s/librefranklin/v6/ 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/librefranklin/v6/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjnTLgNs.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921d7c33bffec98c073a1a53b0a332bb2e97856129999c90adecc41b18d7d06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://app.twinaribdemor.tk
Referer: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 15 Nov 2020 01:05:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:02:45 GMT
Server: sffe
Age: 374422
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30524
X-XSS-Protection: 0
Expires: Mon, 15 Nov 2021 01:05:44 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: iwqLRb1vCFk
.youtube.com/	1970-01-19 18:22:08	Name: VISITOR_INFO1_LIVE Value: _2G54iDmdXY
app.twinaribdemor.tk/	1969-12-31 23:59:59	Name: ch1c Value: b
.twinaribdemor.tk/	1970-01-19 14:46:08	Name: __cfduid Value: d1e95b0f7641b94d6ab03871d2d00763f1605776766

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abrilmdemulher.files.wordpress.com
app.twinaribdemor.tk
fonts.googleapis.com
fonts.gstatic.com
gente.ig.com.br
i.pinimg.com
images-americanas.b2w.io
img.elo7.com.br
www.salaschat.com.br
www.youtube.com
104.106.216.219
143.204.201.81
192.0.72.16
2606:4700:3030::ac43:94a3
2606:4700::6812:eb0
2a00:1450:4001:808::200a
2a00:1450:4001:819::2003
2a00:1450:4001:825::200e
2a02:26f0:1700:1a3::19fe
94.126.171.2
12244ef25691079a57092fbfcabd5adf7df3033d40035edbd695b7f2c149ee68
1572d2ccdaab71e23a87bfacf347cebeaa5715acefc4f022d47d639acd730f61
286d54b08df1ef7661c20fe4e151f3c2bf9d7205869cf1a14318ac1199dcc8c7
547e88ae45b698539362f229413dd7b17f947638f974f60e872e6526a153cb46
921d7c33bffec98c073a1a53b0a332bb2e97856129999c90adecc41b18d7d06c
9631a415be0ae672f118ed71793c27d694a85935193283ab7f1e6126aa78ad4f
a90952c54eb41896564545aaf9f8973618ec64f0faaa9524d42d66d49f347188
be9e2a716e5ddce06625c1ac4f08ae1181888bb60e3733dc1401aae28db3660f
c4503122c8d4959ef05c917cd84cfebdb2d469e68217c97896747b571d0e3e6d
eca038fe1e21c8c9a0409b1752eaa3d729bef79d9a53f1e5d674400ff9b972b3

app.twinaribdemor.tk Open in urlscan Pro 2606:4700:3030::ac43:94a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

69 %HTTPS

60 %IPv6

10 Domains

10 Subdomains

10 IPs

4 Countries

576 kBTransfer

614 kBSize

4 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

4 Cookies

Indicators

app.twinaribdemor.tk Open in urlscan Pro
2606:4700:3030::ac43:94a3 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

69 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

576 kB
Transfer

614 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions