iyfbodn.com Open in urlscan Pro
208.91.196.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://twinksformoney.com/
Effective URL:
https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I
Submission: On September 04 via automatic, source certstream-suspicious (September 4th 2024, 4:16:50 pm UTC) — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 208.91.196.46, located in Virgin Islands (British) and belongs to CONFLUENCE-NETWORK-INC, VG. The main domain is iyfbodn.com. The Cisco Umbrella rank of the primary domain is 388202.
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.

This is the only time iyfbodn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	207.244.67.214 207.244.67.214	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
5	199.59.243.226 199.59.243.226	16509 (AMAZON-02) (AMAZON-02)
1	142.250.65.196 142.250.65.196	15169 (GOOGLE) (GOOGLE)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
2	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
11	6

2 207.244.67.214 (New Castle, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

twinksformoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.59.243.226 (United States)

ASN16509 (AMAZON-02, US)

ww1.twinksformoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

syndicatedsearch.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

iyfbodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	twinksformoney.com 1 redirects twinksformoney.com ww1.twinksformoney.com	43 KB
2	iyfbodn.com iyfbodn.com — Cisco Umbrella Rank: 388202	2 KB
1	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 6209
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5754	596 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	55 KB
11	5

	Domain	Requested by
5	ww1.twinksformoney.com	twinksformoney.com ww1.twinksformoney.com
2	iyfbodn.com	ww1.twinksformoney.com
2	twinksformoney.com	1 redirects
1	syndicatedsearch.goog	www.google.com
1	partner.googleadservices.com	www.google.com
1	www.google.com	ww1.twinksformoney.com
11	6

This site contains no links.

Subject Issuer	Validity	Valid
twinksformoney.com R10	`2024-09-04` - `2024-12-03`	3 months	crt.sh
www.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.googleadservices.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
syndicatedsearch.goog WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
iyfbodn.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I
Frame ID: 0EDEA566B29857375C54DDD96BA218B7
Requests: 10 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol465%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=http%3A%2F%2Fww1.twinksformoney.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=5891725466603242&num=0&output=afd_ads&domain_name=ww1.twinksformoney.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1725466603243&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=667606770&rurl=http%3A%2F%2Fww1.twinksformoney.com%2F
Frame ID: B452AD80CBCCE6AD094CD24917167354
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://twinksformoney.com/ Page URL
https://twinksformoney.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
http://ww1.twinksformoney.com/ HTTP 307
https://ww1.twinksformoney.com/ HTTP 307
http://ww1.twinksformoney.com/ Page URL
http://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT... HTTP 307
https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT... Page URL

Detected technologies

Wink (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:_base/js/base|wink).*\.js

Page Statistics

11
Requests

55 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

99 kB
Transfer

191 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://twinksformoney.com/ Page URL
https://twinksformoney.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyNTQ3MzgwMSwiaWF0IjoxNzI1NDY2NjAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydnAxZGVxdnI1dHVvZ2dkZWswNXZkc2UiLCJuYmYiOjE3MjU0NjY2MDEsInRzIjoxNzI1NDY2NjAxMjU5MDIwfQ.4wrKM7R8ClL2thXauqD0Z9dadzrje_TwoQ57UUD79Fc&sid=11e71478-6ad9-11ef-b66a-24477aa8d60f HTTP 302
http://ww1.twinksformoney.com/ HTTP 307
https://ww1.twinksformoney.com/ HTTP 307
http://ww1.twinksformoney.com/ Page URL
http://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I HTTP 307
https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://twinksformoney.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyNTQ3MzgwMSwiaWF0IjoxNzI1NDY2NjAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydnAxZGVxdnI1dHVvZ2dkZWswNXZkc2UiLCJuYmYiOjE3MjU0NjY2MDEsInRzIjoxNzI1NDY2NjAxMjU5MDIwfQ.4wrKM7R8ClL2thXauqD0Z9dadzrje_TwoQ57UUD79Fc&sid=11e71478-6ad9-11ef-b66a-24477aa8d60f HTTP 302
http://ww1.twinksformoney.com/ HTTP 307
https://ww1.twinksformoney.com/ HTTP 307
http://ww1.twinksformoney.com/

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
twinksformoney.com/ 480 B
763 B 417ms
268ms Document
text/html 207.244.67.214
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://twinksformoney.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.244.67.214 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
content-length: 480
content-type: text/html; charset=utf-8
date: Wed, 04 Sep 2024 16:16:40 GMT
server: Cowboy

GET
H/1.1

200
OK

/ Show response
ww1.twinksformoney.com/
Redirect Chain

https://twinksformoney.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcyNTQ3MzgwMSwiaWF0IjoxNzI1NDY2NjAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydnAxZGVxdnI1dHVvZ2dk...
http://ww1.twinksformoney.com/
https://ww1.twinksformoney.com/
http://ww1.twinksformoney.com/

1 KB
2 KB

24ms
17ms

Document
text/html

199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.twinksformoney.com/
Requested by: Host: twinksformoney.com
URL: https://twinksformoney.com/
Protocol: HTTP/1.1
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7cc8c7632c01437b5fe71771efe28c80ed45d58b48607a35a65daf1ea3e101d

Request headers

Referer: https://twinksformoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-prefers-color-scheme
cache-control: no-store, max-age=0
content-length: 1066
content-type: text/html; charset=utf-8
critical-ch: sec-ch-prefers-color-scheme
date: Wed, 04 Sep 2024 16:16:42 GMT
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_TAUA4wJGpYO7RBOCU34cYLR5lpO9qS4hFCwCeKZPUxr8X49XxJsSbPdv++GZFze2pbjoSzRK3a/N6YKIWD4t0w==
x-request-id: 6329ff32-b1b7-4731-855d-bd335f553a06

Redirect headers

Location: http://ww1.twinksformoney.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK bNQIdjaHP.js Show response
ww1.twinksformoney.com/ 33 KB
34 KB 11ms
10ms Script
application/javascript 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.twinksformoney.com/bNQIdjaHP.js
Requested by: Host: ww1.twinksformoney.com
URL: http://ww1.twinksformoney.com/
Protocol: HTTP/1.1
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c086565f8e810e3cfb83078238b3effe264225d2ca7428ddeb493fb7cc1d55a2

Request headers

Referer: http://ww1.twinksformoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 16:16:42 GMT
content-length: 34193
x-request-id: 6700c525-2569-4f44-a19a-26ebc8f06759
content-type: application/javascript; charset=utf-8

POST
H/1.1 200
OK _fd Show response
ww1.twinksformoney.com/ 5 KB
5 KB 17ms
17ms Fetch
application/json 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.twinksformoney.com/_fd
Requested by: Host: ww1.twinksformoney.com
URL: http://ww1.twinksformoney.com/bNQIdjaHP.js
Protocol: HTTP/1.1
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9955ad388ba93b77592e65f157374a85b3daf6c5f3bfd460dee97fb3511e44e8

Request headers

Accept: application/json
Referer: http://ww1.twinksformoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Sep 2024 16:16:42 GMT
content-length: 5193
x-request-id: 161f721a-1d9b-4658-be4a-ea12ca0fa57d
content-type: application/json; charset=utf-8

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 150 KB
55 KB 353ms
22ms Script
text/javascript 142.250.65.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Requested by

Host: ww1.twinksformoney.com
URL: http://ww1.twinksformoney.com/bNQIdjaHP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.196 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f4.1e100.net

Software

sffe /

Resource Hash

82ddd046f3ee9bf0ad9f0820d9bdcad6aa783ec0c30cd7e2e1bb50790cb0f17d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ww1.twinksformoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 16:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "13124766774017435736"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Wed, 04 Sep 2024 16:16:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 390 B
596 B 694ms
20ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww1.twinksformoney.com&client=partner-dp-bodis30_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

b6bc9215764b7d614c63f54a92f21a62adce26652eea804667ad557b19063e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ww1.twinksformoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 16:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0

GET
H2 200 ads
syndicatedsearch.goog/afs/ Frame B452 0
0 722ms
88ms Document
text/html 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol316%2Cpid-bodis-gcontrol465%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol215&client=dp-bodis30_3ph&r=m&hl=en&ivt=1&rpbu=http%3A%2F%2Fww1.twinksformoney.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2898040491288658&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3&nocache=5891725466603242&num=0&output=afd_ads&domain_name=ww1.twinksformoney.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-600&dt=1725466603243&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=667606770&rurl=http%3A%2F%2Fww1.twinksformoney.com%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-4xaHDfrO5BbS20WDjPUmoA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: http://ww1.twinksformoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 622
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-4xaHDfrO5BbS20WDjPUmoA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Wed, 04 Sep 2024 16:16:43 GMT
expires: Wed, 04 Sep 2024 16:16:43 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

POST
H/1.1 200
OK _zc
ww1.twinksformoney.com/ 181 B
661 B 91ms
89ms Fetch
text/html 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.twinksformoney.com/_zc
Requested by: Host: ww1.twinksformoney.com
URL: http://ww1.twinksformoney.com/bNQIdjaHP.js
Protocol: HTTP/1.1
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: http://ww1.twinksformoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-version: 2.124.0
date: Wed, 04 Sep 2024 16:16:43 GMT
content-encoding: gzip
pragma: no-cache
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 178
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _tr
ww1.twinksformoney.com/ 2 B
281 B 12ms
10ms Fetch
application/json 199.59.243.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.twinksformoney.com/_tr
Requested by: Host: ww1.twinksformoney.com
URL: http://ww1.twinksformoney.com/bNQIdjaHP.js
Protocol: HTTP/1.1
Server: 199.59.243.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: application/json
Referer: http://ww1.twinksformoney.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Sep 2024 16:16:43 GMT
content-length: 2
x-request-id: 1867d5a7-0bb8-403f-9144-171efa7a58fe
content-type: application/json; charset=utf-8

GET
H/1.1

403
Forbidden

Primary Request / Show response
iyfbodn.com/
Redirect Chain

http://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I
https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I

301 B
1 KB

477ms
59ms

Document
text/html

208.91.196.46
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I
Requested by: Host: ww1.twinksformoney.com
URL: http://ww1.twinksformoney.com/bNQIdjaHP.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 208.91.196.46 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash: 89f7bb7254bebe8c860c1fdc633b1959397057a2a41c46dae5ac0af3b1214134

Request headers

Referer: http://ww1.twinksformoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection: Keep-Alive
Content-Length: 301
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 Sep 2024 16:16:44 GMT
Keep-Alive: timeout=5, max=125
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Referrer-Policy: no-referrer-when-downgrade
Server: Apache

Redirect headers

Location: https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 404
Not Found favicon.ico
iyfbodn.com/ 10 B
667 B 4ms
4ms Other
text/html 208.91.196.46
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: https://iyfbodn.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 208.91.196.46 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash: c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75

Request headers

Referer: https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I
sec-ch-dpr: 1
sec-ch-viewport-height: 1200
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-device-memory: 8
sec-ch-viewport-width: 1600

Response headers

Date: Wed, 04 Sep 2024 16:16:44 GMT
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Connection: Keep-Alive
Keep-Alive: timeout=5, max=123
Content-Length: 10

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twinksformoney.com/	1970-01-21 08:53:46	Name: sid Value: 11e71478-6ad9-11ef-b66a-24477aa8d60f
ww1.twinksformoney.com/	1970-01-20 23:17:47	Name: parking_session Value: 6329ff32-b1b7-4731-855d-bd335f553a06
.twinksformoney.com/	1970-01-21 08:39:22	Name: __gsas Value: ID=54b62ff52ef62f4c:T=1725466603:RT=1725466603:S=ALNI_MbMBqqwLcSU0M_WG2Hz1memHR05tQ
.iyfbodn.com/	1970-01-21 08:53:46	Name: vsid Value: 926vr47301220477413240

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://iyfbodn.com/?dn=twinksformoney.com&pbsubid=6329ff32-b1b7-4731-855d-bd335f553a06&pid=9POT3387I Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://iyfbodn.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

iyfbodn.com
partner.googleadservices.com
syndicatedsearch.goog
twinksformoney.com
ww1.twinksformoney.com
www.google.com
142.250.65.196
142.250.65.238
142.251.40.98
199.59.243.226
207.244.67.214
208.91.196.46
82ddd046f3ee9bf0ad9f0820d9bdcad6aa783ec0c30cd7e2e1bb50790cb0f17d
89f7bb7254bebe8c860c1fdc633b1959397057a2a41c46dae5ac0af3b1214134
9955ad388ba93b77592e65f157374a85b3daf6c5f3bfd460dee97fb3511e44e8
b6bc9215764b7d614c63f54a92f21a62adce26652eea804667ad557b19063e4f
c086565f8e810e3cfb83078238b3effe264225d2ca7428ddeb493fb7cc1d55a2
c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
e7cc8c7632c01437b5fe71771efe28c80ed45d58b48607a35a65daf1ea3e101d

iyfbodn.com Open in urlscan Pro 208.91.196.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

55 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

99 kBTransfer

191 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

iyfbodn.com Open in urlscan Pro
208.91.196.46 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

55 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

99 kB
Transfer

191 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions