urlscan.io logo urlscan.io
SecurityTrails logo

uberbooksjx.cf Open in urlscan Pro
2606:4700:3034::681f:4218  Public Scan

Go To Rescan Add Verdict Report
URL: https://uberbooksjx.cf/
Submission: On July 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3034::681f:4218, located in United States and belongs to CLOUDFLARENET, US. The main domain is uberbooksjx.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.
This is the only time uberbooksjx.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:3034::681f:4218 (United States)

ASN13335 (CLOUDFLARENET, US)
uberbooksjx.cf
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    13.224.89.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-36.zrh50.r.cloudfront.net
dcbah9jiuom4o.cloudfront.net
1    104.198.108.243 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 243.108.198.104.bc.googleusercontent.com
aantonop.com
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtube.com
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:3035::ac43:c09d (United States)

ASN13335 (CLOUDFLARENET, US)
www.tech4d.it
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    13.224.102.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-128.zrh50.r.cloudfront.net
www.aranzulla.it
1    199.34.228.135 (San Francisco, United States)

ASN27647 (WEEBLY, US)
PTR: pages-custom-40.weebly.com
www.freekidstories.org
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
2.gravatar.com
2    151.101.14.152 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
imgv2-2-f.scribdassets.com
imgv2-1-f.scribdassets.com
1    2a02:2350:5:103:55:6876:d60e:fb27 (Copenhagen, Denmark)

ASN51468 (ONECOM, DK)
www.scolasticando.it
1    2606:4700::6812:638 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pewtrusts.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
www.aranzulla.it
DigiCert SHA2 Secure Server CA		 2020-02-13 -
2021-02-17		 a year crt.sh
www.freekidstories.org
Let's Encrypt Authority X3		 2020-06-20 -
2020-09-18		 3 months crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-06 -
2020-09-05		 2 years crt.sh
*.scribdassets.com
Let's Encrypt Authority X3		 2020-06-21 -
2020-09-19		 3 months crt.sh
*.scolasticando.it
Let's Encrypt Authority X3		 2020-05-19 -
2020-08-17		 3 months crt.sh
www.pewtrusts.org
Starfield Secure Certificate Authority - G2		 2020-06-03 -
2022-06-03		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://uberbooksjx.cf/
Frame ID: A7792396481EED2CAA19E41B960D8F08
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZG1LKDYEhS8?rel=0
Frame ID: 009321BF0CE16D6592F1443B97DD7573
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+gravatar\.com\/avatar\//i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

93 %
HTTPS

57 %
IPv6

13
Domains

15
Subdomains

12
IPs

4
Countries

1974 kB
Transfer

2021 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://dcbah9jiuom4o.cloudfront.net/wp-content/themes/reddle/images/ihurjmmrholn.png HTTP 301
  • http://aantonop.com/wp-content/themes/reddle/images/ihurjmmrholn.png
Request Chain 4
  • https://youtube.com/embed/ZG1LKDYEhS8?rel=0 HTTP 301
  • https://www.youtube.com/embed/ZG1LKDYEhS8?rel=0

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uberbooksjx.cf/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uberbooksjx.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:4218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d9fe699cac4e60563bebe38f615a3d69954f348c3bf7eaf1a5f4cb1f9ff63a

Request headers

:method
GET
:authority
uberbooksjx.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 18 Jul 2020 14:48:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d192030c3d707029257f2dd4df1c416871595083681; expires=Mon, 17-Aug-20 14:48:01 GMT; path=/; domain=.uberbooksjx.cf; HttpOnly; SameSite=Lax
expires
Sat, 25 Jul 2020 14:48:02 GMT
cache-control
max-age=691200
cf-cache-status
MISS
cf-request-id
0403fe8814000096e66280d200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5b4d00535aa196e6-FRA
content-encoding
br
style.css
uberbooksjx.cf/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uberbooksjx.cf/style.css
Requested by
Host: uberbooksjx.cf
URL: https://uberbooksjx.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:4218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6effa2afe2383e9486f908a056bb3c6ebace1502dc808bbb42171688499ce5

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:02 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
max-age=691200
cf-ray
5b4d0054dc0596e6-FRA
cf-request-id
0403fe890a000096e662821200000001
expires
Sat, 25 Jul 2020 14:48:02 GMT
jquery.min.js
uberbooksjx.cf/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uberbooksjx.cf/js/jquery.min.js
Requested by
Host: uberbooksjx.cf
URL: https://uberbooksjx.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:4218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa8285c6d8dee80558926f3041109dadc760e809c47061e79ef0da549d7f2f4

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jul 2020 14:48:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 18 Jul 2020 14:48:02GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=604800
cf-ray
5b4d0054dc0796e6-FRA
cf-request-id
0403fe890a000096e662822200000001
expires
Sat, 25 Jul 2020 14:48:02 GMT
DQv2rSM.gif
i.imgur.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DQv2rSM.gif
Requested by
Host: uberbooksjx.cf
URL: https://uberbooksjx.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:02 GMT
x-content-type-options
nosniff
age
6883168
x-cache
HIT, HIT
status
200
content-length
16770
x-served-by
cache-bwi5148-BWI, cache-fra19146-FRA
last-modified
Wed, 31 Oct 2018 22:38:45 GMT
server
cat factory 1.0
x-timer
S1595083682.119231,VS0,VE1
etag
"a3e34b4775ae5409b5b84ff56f7676c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
ihurjmmrholn.png
aantonop.com/wp-content/themes/reddle/images/
Redirect Chain
  • https://dcbah9jiuom4o.cloudfront.net/wp-content/themes/reddle/images/ihurjmmrholn.png
  • http://aantonop.com/wp-content/themes/reddle/images/ihurjmmrholn.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aantonop.com/wp-content/themes/reddle/images/ihurjmmrholn.png
Requested by
Host: uberbooksjx.cf
URL: https://uberbooksjx.cf/
Protocol
HTTP/1.1
Server
104.198.108.243 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.108.198.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Sat, 18 Jul 2020 14:48:02 GMT
Via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
ZRH50-C1
X-Cache
Miss from cloudfront
Content-Type
text/html
Location
http://aantonop.com/wp-content/themes/reddle/images/ihurjmmrholn.png
Connection
keep-alive
Content-Length
162
X-Amz-Cf-Id
lFM4IW4IzoR3idmoaJVQxRgj0D3xa7KLTt5w9K6m2g5HTi6FDc5jqA==
ZG1LKDYEhS8
www.youtube.com/embed/ Frame 0093
Redirect Chain
  • https://youtube.com/embed/ZG1LKDYEhS8?rel=0
  • https://www.youtube.com/embed/ZG1LKDYEhS8?rel=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ZG1LKDYEhS8?rel=0
Requested by
Host: uberbooksjx.cf
URL: https://uberbooksjx.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ZG1LKDYEhS8?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://uberbooksjx.cf/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://uberbooksjx.cf/

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
expires
Tue, 27 Apr 1971 19:44:06 GMT
cache-control
no-cache
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
content-length
10198
date
Sat, 18 Jul 2020 14:48:02 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=nzgoycKW61c; path=/; domain=.youtube.com; secure; expires=Thu, 14-Jan-2021 14:48:02 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=nzgoycKW61c; path=/; domain=.youtube.com; secure; expires=Thu, 14-Jan-2021 14:48:02 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 18-Jul-2020 15:18:02 GMT YSC=ny1_rnthBfY; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
301
strict-transport-security
max-age=31536000; includeSubDomains; preload
location
https://www.youtube.com/embed/ZG1LKDYEhS8?rel=0
content-length
0
date
Sat, 18 Jul 2020 14:48:02 GMT
content-type
text/html
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
w3-300x226.jpg
www.tech4d.it/wp-content/uploads/2018/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tech4d.it/wp-content/uploads/2018/06/w3-300x226.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c09d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c51f0fcee48d661d678abf95c0740c4579e9310b3a3f5915d001a713b1fd0c5

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:03 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Mar 2020 05:36:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
status
200
cache-control
max-age=16070400
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
5b4d005aebf2c290-FRA
content-length
9886
cf-request-id
0403fe8cd10000c2907634f200000001
expires
max-age=A10368000, public
Manifesto+del+19+settembre+FP+Pensionati+Scuola+Universit%C3%A070x100.jpg
1.bp.blogspot.com/-CoqwFz7lXC8/UFIVci0nfAI/AAAAAAAAASQ/71ETx2gDTMk/s1600/ 		401 KB
402 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-CoqwFz7lXC8/UFIVci0nfAI/AAAAAAAAASQ/71ETx2gDTMk/s1600/Manifesto+del+19+settembre+FP+Pensionati+Scuola+Universit%C3%A070x100.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
269722e67f7ee5fae39e819e15dcb8b045505a5905127911e4332a2d0c3715b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:03 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="Manifesto del 19 settembre FP Pensionati Scuola Universit_70x100.jpg";filename*=UTF-8''Manifesto%20del%2019%20settembre%20FP%20Pensionati%20Scuola%20Universit%C3%A070x100.jpg
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
410537
x-xss-protection
0
server
fife
etag
"v937"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Jul 2020 14:48:03 GMT
xscribd-prezzo.jpg.pagespeed.ic.NhzoPfoU3g.jpg
www.aranzulla.it/wp-content/contenuti/2018/01/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aranzulla.it/wp-content/contenuti/2018/01/xscribd-prezzo.jpg.pagespeed.ic.NhzoPfoU3g.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.102.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-128.zrh50.r.cloudfront.net
Software
awselb/2.0 /
Resource Hash
441861f721afd30e4c5aea05a544513884fb6ce14062520daff2acb8aab1f559

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:03 GMT
via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
ZRH50-C1
vary
X-WebP-Support
x-cache
Error from cloudfront
content-type
text/html
status
404
cache-control
no-store
content-length
15
x-amz-cf-id
8n-zkJOEYVety-RznfVCRhdMpWc9oze35XlF-ErSTds7wokbB96cQA==
732coloringpagemealswithjesusthelastsupper-171018062447-1_2_orig.jpg
www.freekidstories.org/uploads/7/0/5/8/7058908/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freekidstories.org/uploads/7/0/5/8/7058908/732coloringpagemealswithjesusthelastsupper-171018062447-1_2_orig.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.135 San Francisco, United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-40.weebly.com
Software
nginx /
Resource Hash
e0cb699517099cfd92d5d8715aab51b30bc9c5862ff81a7a2d7b82dea94fd119

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 18 Jul 2020 14:48:03 GMT
X-Storage-Object
e0cb699517099cfd92d5d8715aab51b30bc9c5862ff81a7a2d7b82dea94fd119
Last-Modified
Mon, 03 Feb 2020 07:03:25 GMT
Server
nginx
x-amz-request-id
tx000000000000000cf0405-005eaaaf15-1100fc6-las
ETag
"64ab2bd0aae2272bfc38ba0182e36184"
Content-Type
image/jpeg
Connection
keep-alive
X-Host
pages32.sf2p.intern.weebly.net
X-Storage-Bucket
ze0cb
Accept-Ranges
bytes
Content-Length
90323
bb0fb6b7edbda45891e3a6c65f8f3500
2.gravatar.com/avatar/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.gravatar.com/avatar/bb0fb6b7edbda45891e3a6c65f8f3500?s=300&d=mm&r=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47196664990de7f2d84a92a84d73a3f58f4ac0396ec064bb2b7a1a3e2ade4426

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Sat, 18 Jul 2020 14:48:03 GMT
last-modified
Fri, 31 Dec 2010 05:28:30 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="bb0fb6b7edbda45891e3a6c65f8f3500.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/bb0fb6b7edbda45891e3a6c65f8f3500?s=300&d=mm&r=g>; rel="canonical"
content-length
4211
expires
Sat, 18 Jul 2020 14:53:03 GMT
1552844850
imgv2-2-f.scribdassets.com/img/document/402163264/149x198/6b88fe482c/ 		912 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgv2-2-f.scribdassets.com/img/document/402163264/149x198/6b88fe482c/1552844850?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.152 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9efc2dcc7fa8aa9f8e47b1609d67bb2d8c3b861c19ba8d3e426d224121985fd

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:03 GMT
via
1.1 varnish, 1.1 varnish
age
354176
x-scribd-default-image
false
x-cache
HIT, MISS
fastly-io-info
ifsz=1764 idim=149x198 ifmt=png ofsz=912 odim=149x198 ofmt=webp
status
200
fastly-stats
io=1
content-length
912
x-served-by
cache-dfw18637-DFW, cache-fra19137-FRA
server
nginx
x-timer
S1595083683.071715,VS0,VE119
etag
"ltFbSIjlAFpHGSFkerGpCcN5pkktYW6u7WTIhI9sv/Y"
vary
Accept
content-type
image/webp
cache-control
max-age=864000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
1, 0
1543627799
imgv2-1-f.scribdassets.com/img/document/311023063/149x198/c678fe8381/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgv2-1-f.scribdassets.com/img/document/311023063/149x198/c678fe8381/1543627799?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.152 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36700ef7d4b01652a6f8c29e44f67e264acfe6db09194f0e39a8d0b993764014

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:03 GMT
via
1.1 varnish, 1.1 varnish
age
354176
x-scribd-default-image
false
x-cache
HIT, MISS
fastly-io-info
ifsz=2080 idim=149x198 ifmt=png ofsz=1066 odim=149x198 ofmt=webp
status
200
fastly-stats
io=1
content-length
1066
x-served-by
cache-dfw18652-DFW, cache-fra19148-FRA
server
nginx
x-timer
S1595083683.070787,VS0,VE121
etag
"0FemHarTml4of3AW3gOLLznK+Xgo6Ka76zbzGvAtvr8"
vary
Accept
content-type
image/webp
cache-control
max-age=864000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
1, 0
gn.jpg
www.scolasticando.it/wp-content/uploads/2018/01/ 		565 KB
565 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scolasticando.it/wp-content/uploads/2018/01/gn.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:2350:5:103:55:6876:d60e:fb27 Copenhagen, Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
Apache /
Resource Hash
ef8cacf5b13ef34cc4f422ebda95aa5432db5bc4eb55da2aa9f1674291864f8b

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:47:55 GMT
via
1.1 varnish (Varnish/6.4)
last-modified
Sat, 27 Jan 2018 17:20:29 GMT
server
Apache
age
7
etag
"8d237-563c53ac916d5"
x-varnish
329501157 327532144
status
200
accept-ranges
bytes
content-type
image/jpeg
content-length
578103
eif_theeconomiccycle_infographic_web_sp_990px.jpg
www.pewtrusts.org/-/media/data-visualizations/infographics/2018/01/ 		865 KB
867 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pewtrusts.org/-/media/data-visualizations/infographics/2018/01/eif_theeconomiccycle_infographic_web_sp_990px.jpg?la=es&hash=2C3735082FEB2B8BCEA0C34E2B78768CDBD2E161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4619b910a21411b8411dd396cfc13778d9dad6e7607cba6177d8fcab94c40469

Request headers

Referer
https://uberbooksjx.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 14:48:03 GMT
cf-cache-status
MISS
status
200
content-disposition
inline; filename="EIF_TheEconomicCycle_Infographic_Web_SP_990px.jpg"
content-length
886139
cf-request-id
0403fe8d100000c2907c059200000001
last-modified
Thu, 29 Mar 2018 15:04:03 GMT
server
cloudflare
etag
ce3f4336ab71437487b14720b2584763
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5b4d005b4cb8c290-FRA
expires
Sat, 25 Jul 2020 14:48:03 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| q string| t string| s object| dWJ string| ref

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: ny1_rnthBfY
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nzgoycKW61c
.uberbooksjx.cf/ Name: __cfduid
Value: d192030c3d707029257f2dd4df1c416871595083681

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.gravatar.com
aantonop.com
dcbah9jiuom4o.cloudfront.net
i.imgur.com
imgv2-1-f.scribdassets.com
imgv2-2-f.scribdassets.com
uberbooksjx.cf
www.aranzulla.it
www.freekidstories.org
www.pewtrusts.org
www.scolasticando.it
www.tech4d.it
www.youtube.com
youtube.com
104.198.108.243
13.224.102.128
13.224.89.36
151.101.12.193
151.101.14.152
199.34.228.135
2606:4700:3034::681f:4218
2606:4700:3035::ac43:c09d
2606:4700::6812:638
2a00:1450:4001:801::2001
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::200e
2a02:2350:5:103:55:6876:d60e:fb27
2a04:fa87:fffe::c000:4902
0c51f0fcee48d661d678abf95c0740c4579e9310b3a3f5915d001a713b1fd0c5
269722e67f7ee5fae39e819e15dcb8b045505a5905127911e4332a2d0c3715b3
36700ef7d4b01652a6f8c29e44f67e264acfe6db09194f0e39a8d0b993764014
441861f721afd30e4c5aea05a544513884fb6ce14062520daff2acb8aab1f559
4619b910a21411b8411dd396cfc13778d9dad6e7607cba6177d8fcab94c40469
47196664990de7f2d84a92a84d73a3f58f4ac0396ec064bb2b7a1a3e2ade4426
7a6effa2afe2383e9486f908a056bb3c6ebace1502dc808bbb42171688499ce5
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
99d9fe699cac4e60563bebe38f615a3d69954f348c3bf7eaf1a5f4cb1f9ff63a
a9efc2dcc7fa8aa9f8e47b1609d67bb2d8c3b861c19ba8d3e426d224121985fd
e0cb699517099cfd92d5d8715aab51b30bc9c5862ff81a7a2d7b82dea94fd119
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa8285c6d8dee80558926f3041109dadc760e809c47061e79ef0da549d7f2f4
ef8cacf5b13ef34cc4f422ebda95aa5432db5bc4eb55da2aa9f1674291864f8b