demo.arynews.tv Open in urlscan Pro
104.21.235.156 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/2IiBWsk
Effective URL:
https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
Submission: On December 07 via manual (December 7th 2020, 12:31:21 pm UTC) from SG

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 104.21.235.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is demo.arynews.tv.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2020. Valid for: a year.

This is the only time demo.arynews.tv was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 26	104.21.235.156 104.21.235.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	1

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.21.235.156 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

demo.arynews.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	arynews.tv 1 redirects demo.arynews.tv	112 KB
1	bit.ly 1 redirects bit.ly	258 B
25	2

	Domain	Requested by
26	demo.arynews.tv	1 redirects demo.arynews.tv
1	bit.ly	1 redirects
25	2

This site contains links to these domains. Also see Links.

Domain
www.santander.pt

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
Frame ID: 20B4BE7265FF2DB21EEDC86E7A6EBF23
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/2IiBWsk HTTP 301
https://demo.arynews.tv/.NetBanco/pt/ HTTP 302
https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

112 kB
Transfer

291 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.santander.pt/
Title:

Search URL Search Domain Scan URL

URL: https://www.santander.pt/aviso-legal-copyright
Title: © 2020 Santander - Todos os Direitos Reservados...

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/2IiBWsk HTTP 301
https://demo.arynews.tv/.NetBanco/pt/ HTTP 302
https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
demo.arynews.tv/.NetBanco/pt/particulares/signin/
Redirect Chain

https://bit.ly/2IiBWsk
https://demo.arynews.tv/.NetBanco/pt/
https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

5 KB
2 KB

179ms
178ms

Document
text/html

104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b9563afc3fe97fc4ebe45c9dd2c7dd73262773b4171ff52908ff4683f9c2bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: demo.arynews.tv
:scheme: https
:path: /.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d89ce0d037e5293cfff5163a3c7be1a351607344253; PHPSESSID=ug7p2nk8iip906dtc44krhvgt3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: BYPASS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
cf-request-id: 06dec8044f000004821f148000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Ljtn7Nzs7082QRELE5zBfwFDNf78N6k9AkiDDGbmO9T00XJZomqGadYgZwdPRZl7zlGTNhW7bVxIAAVqpOE9o3dZGmCnsAH5jWAPXhhFmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fde42b3bfe80482-CDG
content-encoding: br

Redirect headers

date: Mon, 07 Dec 2020 12:30:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d89ce0d037e5293cfff5163a3c7be1a351607344253; expires=Wed, 06-Jan-21 12:30:53 GMT; path=/; domain=.arynews.tv; HttpOnly; SameSite=Lax PHPSESSID=ug7p2nk8iip906dtc44krhvgt3; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: particulares/signin/?country.x=BE&locale.x=en_BE
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
cf-request-id: 06dec803bf0000048228172000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M%2FX1iushCwcM1u2ckhJcl4na92CehpAghSoTUIJIXN7N4%2FcgwpEPfKcoI1cHLD6MIqk16Njac%2Fx%2BwS7u1COhj6KIV6U2aj7R7SugpAukxtw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fde42b2ce040482-CDG

GET
H2 200 login_and_register.css
demo.arynews.tv/.NetBanco/pt/particulares/files/ 34 KB
6 KB 60ms
58ms Stylesheet
text/css 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/login_and_register.css?v=1606271518882

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d329fce2a310dc9197c63e45594325f829a2c176681dd56e3d017938406e9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8050d0000048254950000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vcc3sPc0Qb5Rs4JTQRRJFgb4YdKglrHS%2FmfsbZEGQ3g7O3DmZ1SHgIwTsaJ7LHBLcH%2F%2Bic0IWDJ6OW4%2B1UcLY1%2BaAHCuOx%2FCISmNIWBr5GI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5fde42b4db060482-CDG
expires: Wed, 06 Jan 2021 12:30:54 GMT

GET
H2 200 fonts.css
demo.arynews.tv/.NetBanco/pt/particulares/files/ 4 KB
714 B 58ms
57ms Stylesheet
text/css 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc8552409f73fba49e9f4693706645a96645afadc904022eab7a4cff0a62fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8050a000004825b1fc000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=40M3kyYR8Lac5lP92sSF63UPZAmLXcIhrTiF3Invx0sKEdcJArRgFZwYVYU2LGXo9I%2BzVm8P8iZ1tpI8asbaB4QntagjCP1MD5s8IRyUkZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5fde42b4db0d0482-CDG
expires: Wed, 06 Jan 2021 12:30:54 GMT

GET
H2 200 nbp_popin.css
demo.arynews.tv/.NetBanco/pt/particulares/files/ 4 KB
1 KB 77ms
76ms Stylesheet
text/css 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/nbp_popin.css?v=1606271518882

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294a4d1983d881fda56f97d4bcdfa7f7fb545cb55d1d634eff2e5b442333e7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8050a0000048265277000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82pMIvN9YEJXXQjdgAl5MjnA8v5qLhOBrfKedDT%2F9DR3X88%2F3esvHIDcCqxNhv2gvAlhoSJCSjsV8JJOt6ChrGLGMeqH2OGkXuRiXFtTLkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5fde42b4db110482-CDG
expires: Wed, 06 Jan 2021 12:30:54 GMT

GET
H2 200 nbp_jquery.js Show response
demo.arynews.tv/.NetBanco/pt/particulares/files/ 154 KB
43 KB 62ms
61ms Script
application/javascript 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/nbp_jquery.js?v=1606271518882

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abdc836b686ed0b9c9c2d3d700b557f72d853fb56c4ac239dd290d1d946873c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8050a000004826eb67000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yh3aog6lzD7q2R4At7sIUMf2RfBMqPxaewr1KEiu3bvyHGv%2FFAoeH5KwoIRRPkSEgfSGTZzaKYzhRT1WPEsoCkBEC9%2FuXcw2k9y%2FR2JFxxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5fde42b4db130482-CDG
expires: Wed, 06 Jan 2021 12:30:54 GMT

GET
H2 200 globaljs.js Show response
demo.arynews.tv/.NetBanco/pt/particulares/files/ 13 KB
4 KB 63ms
62ms Script
application/javascript 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/globaljs.js?v=20170118

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a6a96e5326bb8d4f2eb64fe95ddc949a4c82b8ce4815873b05cdc0492b2e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8050d000004821090e000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJp7zl7TuPSTYqxG9dwBrVHV3cNgdHHe5uqzHjbgdKwkVExUqrzvQDcUEQFdIEpNhMTQz0TItcmgiQi8OZniI50Sgi3fn8x36x9Eth2HuNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5fde42b4db150482-CDG
expires: Wed, 06 Jan 2021 12:30:54 GMT

GET
H2 200 navigation_component.js Show response
demo.arynews.tv/.NetBanco/pt/particulares/files/ 17 KB
5 KB 79ms
78ms Script
application/javascript 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/navigation_component.js?vs=20130626v1

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5034dab112417032f2b43748b0a83f23120f3058254f5034ba7487096e2896b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8050b0000048234094000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5%2FdB2Pg74zD0%2BC1yvgo2VxUhwBXoAucqxsujamfjI1j8JLpgGIIjvl2FAa9lpZ%2BfX1VRZVKmo3hYirresNW7xqRWiU70bRqhr8hAY%2F%2F7Nak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5fde42b4db180482-CDG
expires: Wed, 06 Jan 2021 12:30:54 GMT

GET
H2 200 santander-logo-red.svg
demo.arynews.tv/.NetBanco/pt/particulares/files/ 3 KB
2 KB 37ms
37ms Image
image/svg+xml 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/santander-logo-red.svg

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db6b0c940df7b980a50f259ab658a09d586520d7887de9d60408b54b25e2cf7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 37643
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec805590000048242be3000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2F8hHOArxYq2sU1Wjsx32oCq%2BcUqeE8nbHrsfbLKbK24wVfCJbEvgKRXBaYLVud3TSx9w0fSam5r2AUYfMKI41nK8EROT3MvLz9F9gkrt3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
cf-ray: 5fde42b55c450482-CDG
expires: Fri, 05 Feb 2021 02:03:31 GMT

GET
H2 200 login-image-0.svg
demo.arynews.tv/.NetBanco/pt/particulares/files/ 14 KB
5 KB 60ms
60ms Image
image/svg+xml 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/files/login-image-0.svg

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d11806c8bcbb0f9d07552ff2fec7c4046ccf518ca00dfb080979c2566afdf8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/signin/?country.x=BE&locale.x=en_BE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-nginx-cache-status: MISS
x-server-powered-by: Engintron
cf-request-id: 06dec8056200000482388bd000000001
pragma: public
last-modified: Sun, 29 Nov 2020 13:44:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZimRhwtjucTam3x%2Fhh98vL%2Fa0xRd1fMiIKyqsv4nJKekzJEzYmn7e4AHqu53CIm%2F%2B9hAbNYMDf26jOZPEkDnFH%2FxXw%2B9vG4J%2BOKT0W5SCxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=5184000
cf-ray: 5fde42b56c610482-CDG
expires: Fri, 05 Feb 2021 12:30:55 GMT

GET
H2 404 SantanderTextW05-Regular.woff2
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1094ms
1093ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Regular.woff2

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gS8Qmq3BFtjgSKjPOMKXVLjS%2FG1rpoY6WjCxIATMxTN7dAFPcy8Y8nWvCHGQIpdvuI9zLYey349TOCIHIdDAWHpemW3AO%2F5omB5wvUWUPeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42b58cae0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80576000004821f162000000001

GET
H2 404 eye-icon_show.svg
demo.arynews.tv/ficheros/modern/images/icons/ 44 KB
44 KB 1746ms
1745ms Image
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://demo.arynews.tv/ficheros/modern/images/icons/eye-icon_show.svg

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/login_and_register.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7ebc0823e312451a7e43433fb2b9fa2332c3bd5f9b846ae54785e8521f6d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/login_and_register.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uYl1rn5VjllEKdQU3yTiVueP4lyYracbOM0XwuJDpaeHigKZxTmfzabgofkmPR2rCKv0Bc9qyotZitbDCbA2t21zQ5tuo7QYDgeu1dbYsJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42b59cc30482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec8057c000004824c393000000001

GET
H2 404 SantanderHeadlineW05-Bold.woff2
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1720ms
1719ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderHeadlineW05-Bold.woff2

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LxknTpWrV5Vhp1wS7IuExCFFgE8K55ZhNXl5gZpXZJpKXkXpVKt5xMFTx3kO0oBcHYHwTwQ3WYz2kYWhfAWjjHjUY7RIkAMQJCrnL6PKJuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42b59cc70482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec8057d000004826337f000000001

GET
H2 404 SantanderTextW05-Italic.woff2
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1210ms
1209ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Italic.woff2

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z1AW5eDuXt0oRWCz%2BlJ5PEfZ2hmyunJZMaE8BJUZLGIDnERMYy1qwiu9kOejkpCr%2FeacfUwjdhPp%2F9AQWMldzp0nyS34VWcKbcV%2F0qEfTxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42b59ccc0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec8057e000004826eb71000000001

GET
H2 404 SantanderTextW05-Bold.woff2
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1732ms
1732ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Bold.woff2

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ceuyRf1kk5qULIQhETqAajes0Ih60sh277nkBY5RKL5HVnQ3Tsf8jHXhy5esmnWaV1hDfcCik2EsqW61nHmr%2BhqoKtMcPAJye779JkkxzYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42b59cce0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec8057e00000482680fb000000001

GET
H2 404 SantanderTextW05-BoldItalic.woff2
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1724ms
1724ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-BoldItalic.woff2

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=STeVKuEg0VtuPI4nzE8DT5DFx8cPeEjOY6F7c6H03EkcXwTcct5U32SF7sE7LrXDOTZHVErTMLOY8GdMNduVRa2vcG%2BeLv6aaEMdyxU2znY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42b5dda20482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec805ad000004826e3f3000000001

GET
H2 404 SantanderTextW05-Regular.woff
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1196ms
1195ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Regular.woff

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zb2%2BxiGXbABoM%2FTpZD7PAaus%2FcdRA6q%2FFWGsZJrKaQi2vU%2Bz3WD5UbFLmVcdy4tHaMofupKcZR6QgOhe3HgsEr0OiWafoeAEsT55narlnSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42bc6b7c0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec809bd000004821502a000000001

GET
H2 404 SantanderTextW05-Italic.woff
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1353ms
1353ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Italic.woff

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=slnvkkGX7rwpWeBUIWJ6d41MZCaw1uiR%2BhCPIssu0iALc6U0kTinNZAJUylWzKQ4hLqgM0oK2dCKggG1Yn70k%2B7NzSdZfxNUp0KyrnltfpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42bd2d210482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80a39000004827bbc7000000001

GET
H2 404 SantanderHeadlineW05-Bold.woff
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 950ms
950ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderHeadlineW05-Bold.woff

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rf9eK2SjiDfBmSbYTEp1mfiFGeXdIVzRO57lX1FwsZzor6ONyDz9RUJN3g6J8IPsSmb2gOfjrLIqj1zBOvmm%2FYSlImyfLef4ZYA4U6Sa46M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c05b820482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80c360000048230312000000001

GET
H2 404 SantanderTextW05-Bold.woff
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 960ms
960ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Bold.woff

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E%2FiSguijFHxnOxRD6ZIbXJJTNO8znhO5H%2B52iLfO2mbjqZubJVSsu5kbZ79jgSJ2l8x5bOlRd7Lb6HzV2E1KEP9LzbSWPavjufaCrVGQvlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c06bae0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80c45000004824286e000000001

GET
H2 404 SantanderTextW05-BoldItalic.woff
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 957ms
957ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-BoldItalic.woff

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UjJ4%2Fu5m0C6FobsSqxqzExDqbNwki%2Fyn6AIxXaXZzWfAfr44P2AfjQ5F2z9OFsREab8BDBX65TID5wiwMV%2BHa91OTy9HF4dBa4DC1utlQBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c0ac030482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80c68000004823910c000000001

GET
H2 404 SantanderTextW05-Regular.ttf
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1004ms
1004ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Regular.ttf

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SPhoATtD%2Bd%2FiyXRWhu68%2BYBnH4BVTWks5A5WGoKWWbyZutvvRopnpqdBF7CB6JbQoBNw9T35bPr3uW9gRJWgmaIgz3znqTIik7v6RXwXlNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c3dac10482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80e69000004827b827000000001

GET
H2 404 SantanderTextW05-Italic.ttf
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1054ms
1053ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Italic.ttf

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xwg7MGjdfLt9BooAE9jlHx%2Fkpe2mlMVtUjo28lCtpXQknI3skQnHsYtqp7JA6srY3XHm7P3JgkB1dfK9FtSOG%2B8lNXjJZbZYour2AaQjB%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c5ae4d0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80f860000048254a32000000001

GET
H2 404 SantanderHeadlineW05-Bold.ttf
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1004ms
1004ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderHeadlineW05-Bold.ttf

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FciT9BscggVf8eh6xbKuyzpnHHwPngplnQQdTIuHRPVvPFKakfeErRYvIYdxrL5kxtvqhtRjzbh08Dn9VSqToOVBJJaoTrvdhBs9t45YJME%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c64f7c0482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec80fed00000482103c3000000001

GET
H2 404 SantanderTextW05-Bold.ttf
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 1023ms
1022ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-Bold.ttf

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uw9G96sMyLw1PCLzhcvOOVTHXx%2B%2BodILL2Jr5Qvdfz0VxV8HV0zkB0qfnUfI%2F%2Fxg7jCZhstxnkGXD%2FXpl5H7dbsUeAn82ynLQHevg1%2BlR1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c66fc70482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec81004000004821987a000000001

GET
H2 404 SantanderTextW05-BoldItalic.ttf
demo.arynews.tv/.NetBanco/pt/particulares/fonts/ 0
0 924ms
923ms Font
text/html 104.21.235.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.arynews.tv/.NetBanco/pt/particulares/fonts/SantanderTextW05-BoldItalic.ttf

Requested by

Host: demo.arynews.tv
URL: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.156 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://demo.arynews.tv
Referer: https://demo.arynews.tv/.NetBanco/pt/particulares/files/fonts.css?v=1606271518882
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 12:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1ACFowzRghEDzNrCaKgkzrzWZ89TzF%2BFK0EmyEJXzpChe3aAcjz4SOmP4Hd8WC8kC2SAWWF2LdFY%2F7XU%2FWVwnXk63%2BxfnFN9FMk81x4jGv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
cf-ray: 5fde42c6a8450482-CDG
link: <https://demo.arynews.tv/wp-json/>; rel="https://api.w.org/"
cf-request-id: 06dec81026000004821987c000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			demo.arynews.tv/	1969-12-31 23:59:59	Name: PHPSESSID Value: ug7p2nk8iip906dtc44krhvgt3
			.arynews.tv/	1970-01-19 15:12:16	Name: __cfduid Value: d89ce0d037e5293cfff5163a3c7be1a351607344253

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
demo.arynews.tv
104.21.235.156
67.199.248.11
16a6a96e5326bb8d4f2eb64fe95ddc949a4c82b8ce4815873b05cdc0492b2e58
1bc8552409f73fba49e9f4693706645a96645afadc904022eab7a4cff0a62fde
294a4d1983d881fda56f97d4bcdfa7f7fb545cb55d1d634eff2e5b442333e7dc
4d329fce2a310dc9197c63e45594325f829a2c176681dd56e3d017938406e9d7
5034dab112417032f2b43748b0a83f23120f3058254f5034ba7487096e2896b3
5d11806c8bcbb0f9d07552ff2fec7c4046ccf518ca00dfb080979c2566afdf8c
9b9563afc3fe97fc4ebe45c9dd2c7dd73262773b4171ff52908ff4683f9c2bf3
abdc836b686ed0b9c9c2d3d700b557f72d853fb56c4ac239dd290d1d946873c8
db6b0c940df7b980a50f259ab658a09d586520d7887de9d60408b54b25e2cf7e
fe7ebc0823e312451a7e43433fb2b9fa2332c3bd5f9b846ae54785e8521f6d92

demo.arynews.tv Open in urlscan Pro 104.21.235.156 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

112 kBTransfer

291 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

demo.arynews.tv Open in urlscan Pro
104.21.235.156 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

112 kB
Transfer

291 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!