papagacor55-amp.xyz Open in urlscan Pro
2606:4700:3034::6815:1ee8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://papagacor55-amp.xyz/
Effective URL:
https://papagacor55-amp.xyz/
Submission Tags: suspect
Submission: On April 30 via api (April 30th 2024, 9:02:05 pm UTC) from BR — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3034::6815:1ee8, located in United States and belongs to CLOUDFLARENET, US. The main domain is papagacor55-amp.xyz.
TLS certificate: Issued by E1 on March 29th 2024. Valid for: 3 months.

This is the only time papagacor55-amp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3034::6815:1ee8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	172.67.165.207 172.67.165.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.65 216.58.206.65	15169 (GOOGLE) (GOOGLE)
14	4

4 2606:4700:3034::6815:1ee8 (United States)

ASN13335 (CLOUDFLARENET, US)

papagacor55-amp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.165.207 (United States)

ASN13335 (CLOUDFLARENET, US)

lbstatic.winwinwin168.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.65 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	winwinwin168.net lbstatic.winwinwin168.net — Cisco Umbrella Rank: 214573	2 MB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 416	87 KB
4	papagacor55-amp.xyz papagacor55-amp.xyz	160 KB
14	3

	Domain	Requested by
6	lbstatic.winwinwin168.net	papagacor55-amp.xyz
4	cdn.ampproject.org	papagacor55-amp.xyz cdn.ampproject.org
4	papagacor55-amp.xyz	papagacor55-amp.xyz
14	3

This site contains links to these domains. Also see Links.

Domain
papagacor55.net

Subject Issuer	Validity	Valid
papagacor55-amp.xyz E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
winwinwin168.net E1	`2024-03-14` - `2024-06-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://papagacor55-amp.xyz/
Frame ID: E596E46E41F7F2E48CB542B016309BEC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PAPAGACOR55 : Situs Gacor No.1 Tahun Ini

Page URL History Show full URLs

http://papagacor55-amp.xyz/ HTTP 307
https://papagacor55-amp.xyz/ Page URL

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2035 kB
Transfer

2357 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://papagacor55.net/
Title: MASUK

Search URL Search Domain Scan URL

URL: https://papagacor55.net/register
Title: DAFTAR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://papagacor55-amp.xyz/ HTTP 307
https://papagacor55-amp.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
papagacor55-amp.xyz/
Redirect Chain

http://papagacor55-amp.xyz/
https://papagacor55-amp.xyz/

25 KB
9 KB

501ms
424ms

Document
text/html

2606:4700:3034::6815:1ee8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://papagacor55-amp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e9699b50d3d57b7a52a0fe61d1932565bf21dbdeb864569f0ea169a6dd92963

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer: https://www.google.com

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87ca78585bc265dc-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 30 Apr 2024 21:01:58 GMT
last-modified: Tue, 30 Apr 2024 21:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akQjyqeZsUj4HvahW%2FHYwbU%2FFEI98%2FjxjlkG46MIzJyYo4qwXQF0RO1Yp%2FmsxN2hEUxb23qEE5eijlyIwsDZ9yllne4A8AAue7kvjAh7LsOubDWQYQBvsycwjqhmZv82KT5fYgOQGTlKzWBKNrKYBCnn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin

Redirect headers

Location: https://papagacor55-amp.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 130ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53da1339a0555a71431c0bbfb2bf946f300ee9d5fc2e5b9e0b424c93a2506a82

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:01:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73093
x-xss-protection: 0
server: sffe
etag: "224c86d2f329f14e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Apr 2024 21:01:58 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
10 KB 120ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be07463f59242dc397373ea3929039cca1d7c3cf7cad14c9213fc356b324f59

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:01:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8937
x-xss-protection: 0
server: sffe
etag: "279148c2c8d43f1b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Apr 2024 21:01:58 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 111ms
36ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46db8c368bdeb8474bfe22e868330f405d9c37c43be84c21bc2ee744efb26af6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 21:01:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2478
x-xss-protection: 0
server: sffe
etag: "c45245a201f4ad75"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Apr 2024 21:01:58 GMT

GET
H3 200 qeoT3uZ7bHlZAPAUoMVn.png
lbstatic.winwinwin168.net/media/images/ 336 KB
336 KB 883ms
838ms Image
image/png 172.67.165.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/qeoT3uZ7bHlZAPAUoMVn.png
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f706ce25908dde426d89fe08eee0b6a4a404a52d4050e2d215abe41185a8456

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 30 Apr 2024 21:01:59 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Mar 2024 09:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebBnTr1%2FSKV6AJc63ti2coH3v6CwgahZsfV1UeOrqsLCGCFt7kTnKzxSAE18HU9FIR54AUe7dRc94V0N1gtVN4Rro4bR019nBIsHl4SemJclt0uKvB4l5qUzok3Q85SkZbTVK7ekmzs%2F4z%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87ca785b5a2c2bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 343882

GET
H3 200 DesktopBannerDefault0.png
lbstatic.winwinwin168.net/media/images/ctmzt/ 152 KB
153 KB 884ms
839ms Image
image/png 172.67.165.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/ctmzt/DesktopBannerDefault0.png
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0925e6083e2ec6200a9faf384a85e4ce030232a814de7b13486dd7c65b8c74

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 30 Apr 2024 21:01:59 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Nov 2021 13:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLsAPdpq6yAmlC1zx80QJgyYpnEHorSKPNerMRMPejfa1e5LQl7PM26aHvmuS1PC2%2BJ75aRIkdIuvK6owuHeDY04%2BFItCVIOeW3HtCYJS1Cn5NyW4bpJ8dUiib6%2B5mAeAmYVlGe3ETkqRDuT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87ca785b5a322bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 155891

GET
H3 200 78pdEXufCYKslvdvawSQ.jpg
lbstatic.winwinwin168.net/media/images/ 540 KB
541 KB 823ms
795ms Image
image/jpeg 172.67.165.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/78pdEXufCYKslvdvawSQ.jpg
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85dbcda5d7407a4d550430421dda436edc8d10f1b243edd323b901ce1b29adb3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 30 Apr 2024 21:01:59 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 03:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tb3cxYkj0SRaesVGVtE4PmJARdnOVOss0WIbgAzHPg7yMacOX6UT8RPPU8U3005SkvIpcMiw6nCXER9ZDjPBCT%2BrMsvt0PU7H278Utny1ir1%2FF004gGpcq5ezp5wsvUj3h7yV7hevcd7SIxX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87ca785b5a292bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 553000

GET
H3 200 MobileBannerDefault0.png
lbstatic.winwinwin168.net/media/images/ctmzt/ 261 KB
262 KB 844ms
816ms Image
image/png 172.67.165.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/ctmzt/MobileBannerDefault0.png
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950edb4b5e9c6fbbd5c102ac76539333cc80a72c37cb81c42d9df44bae25b8ac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 30 Apr 2024 21:01:59 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Nov 2021 13:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VP5nuetmH93%2FIKeO3%2FqTbf%2BD8GK6wQKTYRzil25mGB9oa0Cb%2BgJP2t4a2Miqkw236e7X6V2Fcv5jzV2vhQ54F1aMm5%2FYHPnpkPjUqX614VRSDzFd6nkduS0xdFVc7FlKnz%2Fl1ZtODCkN1S5d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87ca785b5a2b2bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 267612

GET
H3 200 3g1AAJ0avOgl1FSOLGrw.jpg
lbstatic.winwinwin168.net/media/images/ 421 KB
422 KB 801ms
774ms Image
image/jpeg 172.67.165.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.winwinwin168.net/media/images/3g1AAJ0avOgl1FSOLGrw.jpg
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3487548075d30e49240073065caa742189d368931e8dd85b8a8a7a8361859a36

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 30 Apr 2024 21:01:59 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 03:36:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxxZoiJtgfUbdK%2BDErf9k3QkRPdcEsEPACFPaQOygX6xtWKPgUXJsqC9nImUN4U7KAUFmEKBhjHEeM%2BvjBGS03xi9UW5Lwb2N%2FI4mAGKwLR3crb1c1pEZziRsPij8zNQQc%2BYjwlyGzxQPje8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87ca785b5a262bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 431158

GET
H2 200 bg-purpleblack-min.jpg
papagacor55-amp.xyz/template1/img/ 34 KB
34 KB 588ms
586ms Image
image/jpeg 2606:4700:3034::6815:1ee8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://papagacor55-amp.xyz/template1/img/bg-purpleblack-min.jpg
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941c3d0532f54a627ed395b0aeb29ceb8823e13b2b0e6cea549cfb854be14277

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: public
date: Tue, 30 Apr 2024 21:01:59 GMT
cf-cache-status: MISS
last-modified: Fri, 13 May 2022 04:14:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTdjVRu7Y4U0hP6Ch7E8DFag2ByFRjfD5alz5YLL1rBLwKHNjWzltXRAsIs5gBTfNUJU5LAR4UJ8aXBJW9YjBP%2FMuVV7k4t9zcDdBSOMYK0BhGizSRJq1AsZFe2c2D%2FaW7mHMllVszsAY%2F7QuDnSER4x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 87ca785b2f6565dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34433
expires: max

GET
H2 200 OpenSans-Bold.ttf
papagacor55-amp.xyz/common/font/ 102 KB
60 KB 961ms
960ms Font
font/ttf 2606:4700:3034::6815:1ee8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://papagacor55-amp.xyz/common/font/OpenSans-Bold.ttf
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8

Request headers

Referer: https://www.google.com
Origin: https://papagacor55-amp.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: public
date: Tue, 30 Apr 2024 21:01:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 May 2022 04:14:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZD2RoeOHvuPyiGmhxm6zD%2Bz1WHyZlza%2B%2FdmyT02ZPmLPImZrkKiRaiYKiIG6N3OUFjWBAwzjt6bNdfeNbiKNlE8MbWQBaPBzS5VWVOxuyM0xYjhruG4mZPnEo205AdkH2B4WPgUkXZuZPz2Ozhq2ov1"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 87ca785b3f6b65dc-FRA
alt-svc: h3=":443"; ma=86400
expires: max

GET
H2 200 OpenSans-Regular.ttf
papagacor55-amp.xyz/common/font/ 95 KB
58 KB 783ms
783ms Font
font/ttf 2606:4700:3034::6815:1ee8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://papagacor55-amp.xyz/common/font/OpenSans-Regular.ttf
Requested by: Host: papagacor55-amp.xyz
URL: https://papagacor55-amp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

Referer: https://www.google.com
Origin: https://papagacor55-amp.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: public
date: Tue, 30 Apr 2024 21:01:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 May 2022 04:14:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxYMmKtcHsRmkPDNApJHOw2aE95zebh0ag2LnT4vNoXHbQkNHTxOFi0aDxahOlSXbrQdGS5zVKr%2FxzpbQWkITGEqiNXm23tYrKz%2BRs2%2BeZTnMkjI1z25GOB%2FJ52uA%2BiesG05EoKz3ajHVBtEVGr62hGx"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 87ca785b3f6c65dc-FRA
alt-svc: h3=":443"; ma=86400
expires: max

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012404091947000/v0/ 8 KB
3 KB 61ms
20ms Script
text/javascript 216.58.206.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404091947000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

2b753b9c13fe907246062aa577f7837fbd2ffebe71dec501c4cd6de494016ac8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
Origin: https://papagacor55-amp.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 08:00:24 GMT
age: 46895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "dfcaaf971da6dba2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 08:00:24 GMT

GET
H3 200 LhnG6JrXzQiu9E22J3Xr.png
lbstatic.winwinwin168.net/media/images/ 75 KB
75 KB 778ms
777ms Other
image/png 172.67.165.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.winwinwin168.net/media/images/LhnG6JrXzQiu9E22J3Xr.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5339f4d14860b9b429f1988322905df55c072ed84f9344d456e6ebe5f3cb905

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Tue, 30 Apr 2024 21:02:01 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Mar 2024 09:43:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Q81mol%2F%2FbOVHOCNxqkI49x5%2BMdYG5taiMbmonTMSnhgwIxgIjKUGLsRKArXY2OPIFEqVWqWDdlJCqCO1VKcdTYIKWBbfRFSfhaj%2FFxtzOW%2FyYckjSBKMjFtXJwnbPqII%2BFIgEdJZAEmKZal"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87ca7863fb012bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 76339

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
lbstatic.winwinwin168.net
papagacor55-amp.xyz
172.67.165.207
216.58.206.65
2606:4700:3034::6815:1ee8
2a00:1450:4001:811::2001
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
2b753b9c13fe907246062aa577f7837fbd2ffebe71dec501c4cd6de494016ac8
3487548075d30e49240073065caa742189d368931e8dd85b8a8a7a8361859a36
46db8c368bdeb8474bfe22e868330f405d9c37c43be84c21bc2ee744efb26af6
53da1339a0555a71431c0bbfb2bf946f300ee9d5fc2e5b9e0b424c93a2506a82
5e9699b50d3d57b7a52a0fe61d1932565bf21dbdeb864569f0ea169a6dd92963
5f706ce25908dde426d89fe08eee0b6a4a404a52d4050e2d215abe41185a8456
85dbcda5d7407a4d550430421dda436edc8d10f1b243edd323b901ce1b29adb3
8be07463f59242dc397373ea3929039cca1d7c3cf7cad14c9213fc356b324f59
941c3d0532f54a627ed395b0aeb29ceb8823e13b2b0e6cea549cfb854be14277
950edb4b5e9c6fbbd5c102ac76539333cc80a72c37cb81c42d9df44bae25b8ac
9e0925e6083e2ec6200a9faf384a85e4ce030232a814de7b13486dd7c65b8c74
b5339f4d14860b9b429f1988322905df55c072ed84f9344d456e6ebe5f3cb905
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8

papagacor55-amp.xyz Open in urlscan Pro 2606:4700:3034::6815:1ee8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

2035 kBTransfer

2357 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

papagacor55-amp.xyz Open in urlscan Pro
2606:4700:3034::6815:1ee8 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2035 kB
Transfer

2357 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions