palingcuan.click Open in urlscan Pro
203.161.44.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://palingcuan.click/
Submission: On July 23 via api (July 23rd 2024, 12:04:46 am UTC) from US — Scanned from GB

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 17 HTTP transactions. The main IP is 203.161.44.171, located in United States and belongs to NAMECHEAP-NET, US. The main domain is palingcuan.click.
TLS certificate: Issued by R11 on July 21st 2024. Valid for: 3 months.

This is the only time palingcuan.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.161.44.171 203.161.44.171	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	43.131.10.207 43.131.10.207	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:14::b856:fb5a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2404:2280:107... 2404:2280:107:0:3::7f8	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
17	9

1 203.161.44.171 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: tractrix-balminess.vpsrdns.web-hosting.com

palingcuan.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.131.10.207 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:14::b856:fb5a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:107:0:3::7f8 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

s2-11187.ap4r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953	1 MB
2	mythad.com ads.mythad.com — Cisco Umbrella Rank: 20347	260 B
2	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	75 KB
1	ap4r.com s2-11187.ap4r.com — Cisco Umbrella Rank: 31410	77 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	kwai.net s1.kwai.net — Cisco Umbrella Rank: 18592	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	977 B
1	palingcuan.click palingcuan.click	5 KB
0	kwai-pro.com Failed logsdk.kwai-pro.com Failed
17	9

	Domain	Requested by
5	blogger.googleusercontent.com	palingcuan.click
2	ads.mythad.com	s1.kwai.net s2-11187.ap4r.com
2	cdn.ampproject.org	palingcuan.click cdn.ampproject.org
1	s2-11187.ap4r.com	s1.kwai.net
1	fonts.gstatic.com	fonts.googleapis.com
1	s1.kwai.net	palingcuan.click
1	fonts.googleapis.com	palingcuan.click
1	palingcuan.click
0	logsdk.kwai-pro.com Failed	s2-11187.ap4r.com
17	9

This site contains links to these domains. Also see Links.

Domain
cutt.ly

Subject Issuer	Validity	Valid
palingcuan.click R11	`2024-07-21` - `2024-10-19`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
*.ap4r.com GlobalSign GCC R3 DV TLS CA 2020	`2024-05-23` - `2025-06-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://palingcuan.click/
Frame ID: B9234C2E501476A226DA04EFFD8FB41A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

B200M | Situs Gaming Paling Sensasional Dan Terviral Abad Ini

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

17
Requests

82 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

1205 kB
Transfer

1642 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cutt.ly/link-b200m
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://cutt.ly/link-b200m-2
Title: LOGIN

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
palingcuan.click/ 14 KB
5 KB 971ms
321ms Document
text/html 203.161.44.171
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://palingcuan.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.161.44.171 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: tractrix-balminess.vpsrdns.web-hosting.com
Software: nginx /
Resource Hash: 13094fe3159b896515036cc2a176b9b81e25e7c97272dd3c7e9a480f6f04ca85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 23 Jul 2024 00:04:39 GMT
last-modified: Mon, 22 Jul 2024 00:40:27 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 257ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: palingcuan.click
URL: https://palingcuan.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 00:04:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 00:04:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
977 B 216ms
63ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: palingcuan.click
URL: https://palingcuan.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jul 2024 00:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 23:18:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jul 2024 00:04:39 GMT

GET
H2 200 logo_77b02fc3-f42d-49fd-a822-2282e2e4ee33_1702903923670.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSz7E6Hm_JKZiITBRosxJjsJb5XXm67gG1HAkUc-xiYaJXFP_IVJ9FaLNx9pBnsuzSVqPeH0hyphenhyphenzyeQ3jZRZSpiaAZQlFgkoLPirrqrBHbfH4zvlG5221dtOfxacIPOPbhN1OfyjC... 14 KB
14 KB 979ms
818ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSz7E6Hm_JKZiITBRosxJjsJb5XXm67gG1HAkUc-xiYaJXFP_IVJ9FaLNx9pBnsuzSVqPeH0hyphenhyphenzyeQ3jZRZSpiaAZQlFgkoLPirrqrBHbfH4zvlG5221dtOfxacIPOPbhN1OfyjCimB9ad6gnYU-xHs3guQGEEv8IpyltC5BjwZyow8P_yXg3sl4jPsqE/s1600/logo_77b02fc3-f42d-49fd-a822-2282e2e4ee33_1702903923670.png

Requested by

Host: palingcuan.click
URL: https://palingcuan.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

168c50c2b4cad3f1e7870bee7c302c27ca85940b9a291c01bec7a345c8b25763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 00:04:40 GMT
x-content-type-options: nosniff
server: fife
etag: "vb3"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo_77b02fc3-f42d-49fd-a822-2282e2e4ee33_1702903923670.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14010
x-xss-protection: 0
expires: Wed, 24 Jul 2024 00:04:40 GMT

GET
H2 200 B111.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJJ7zUefWH_PqHkH2NanjgQAT0EqIvvhW2OsrxoJ9nbIbqcgpU0DUj0kNCkr8g5btrbiXyR5Mr7CFqzKt6Ic3YpCvMc84l8NIV2AuO2LwdfYegPrRFtzQ0fSBiuo882rbdv2_eVc4xYIoVLol3... 990 KB
991 KB 1120ms
960ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJJ7zUefWH_PqHkH2NanjgQAT0EqIvvhW2OsrxoJ9nbIbqcgpU0DUj0kNCkr8g5btrbiXyR5Mr7CFqzKt6Ic3YpCvMc84l8NIV2AuO2LwdfYegPrRFtzQ0fSBiuo882rbdv2_eVc4xYIoVLol3Fg21I_hIP8V6UdFp03JKcer3hM4oTSSS7D2Lks3JryE/s1680/B111.jpg

Requested by

Host: palingcuan.click
URL: https://palingcuan.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

96c704fe63cfbd1757e14c97a7c14a505f621a323d00b02fbea3ae47a1deb80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 00:04:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v17d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B111.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1014072
x-xss-protection: 0
expires: Wed, 24 Jul 2024 00:04:40 GMT

GET
H2 200 daftar.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY2Z657Seb3vx-x6evDVVLWPraR17fgmSoWsKqwph4X-cWdFbsrLxJCo8cC8yLRIZlctsYiIiapnFRnIE4hq-U1eUTjGro3xkNuvB_f40NppDb3t2L6SyxJQBN4AMlGYwysjkEvedU9Bk1zWGK... 5 KB
5 KB 384ms
255ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY2Z657Seb3vx-x6evDVVLWPraR17fgmSoWsKqwph4X-cWdFbsrLxJCo8cC8yLRIZlctsYiIiapnFRnIE4hq-U1eUTjGro3xkNuvB_f40NppDb3t2L6SyxJQBN4AMlGYwysjkEvedU9Bk1zWGKopZn6TlxNMwsfTq5_8vgtRGiMWDH-8HSiVW6z4Ly0sM/s320/daftar.webp

Requested by

Host: palingcuan.click
URL: https://palingcuan.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5c5a05202a9e39350365d6cf290513f9ca03f59acbc398067de2d7253a4d6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 00:04:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v377"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="daftar.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5090
x-xss-protection: 0
expires: Wed, 24 Jul 2024 00:04:39 GMT

GET
H2 200 login.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4Nzvj0NMUB5JWdPrLQrwMzS4DTmNLWUyBAwWXEjjg-wldgy19W7VqBJlQebRGrAvo64G6JWWv-587iVOjcy3M4O7sdJUcybKOnMBdHzEvAsfmovJPoWyqQFOiFKw6MtwZKmkSVYD6XPFqwKE4... 17 KB
17 KB 692ms
563ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4Nzvj0NMUB5JWdPrLQrwMzS4DTmNLWUyBAwWXEjjg-wldgy19W7VqBJlQebRGrAvo64G6JWWv-587iVOjcy3M4O7sdJUcybKOnMBdHzEvAsfmovJPoWyqQFOiFKw6MtwZKmkSVYD6XPFqwKE4CE-zDYJcFPFVodfYfhIJX9LvA9yWgsc4j7KKKWni0CU/s320/login.png

Requested by

Host: palingcuan.click
URL: https://palingcuan.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b825afae728e51753beb062793fed906343ab0df51d7e8c94a8efb24ab087a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 00:04:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v378"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="login.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17343
x-xss-protection: 0
expires: Wed, 24 Jul 2024 00:04:40 GMT

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 1363ms
61ms Script
application/javascript 43.131.10.207
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=252410956815655&lib=kwaiq
Requested by: Host: palingcuan.click
URL: https://palingcuan.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.131.10.207 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ks-client-ip: 194.74.212.110
Date: Fri, 21 Jun 2024 13:53:35 GMT
Content-Encoding: gzip
x-oss-request-id: 667585DF8481863436A01AF8
X-Cache-Lookup: Cache Hit
Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign: NULL
Connection: keep-alive
Content-Length: 3744
X-Ks-Request-ID: 979049758644246476
X-Ks-Cache: Hit from 43.131.10.207
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Server: Lego Server
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 979049758644246476
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13562747518461854989
x-oss-server-time: 42
Expires: Sun, 21 Jul 2024 13:53:35 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
13 KB 532ms
58ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://palingcuan.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 10:13:24 GMT
x-content-type-options: nosniff
age: 568276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 10:13:24 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
3 KB 247ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
Origin: https://palingcuan.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jul 2024 11:47:33 GMT
age: 562627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Jul 2025 11:47:33 GMT

POST
H3 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 274 B
260 B 333ms
209ms XHR
application/json 2a02:26f0:1700:14::b856:fb5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=252410956815655&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7973290ba1150e900a8f1823c4a548955b12773a3b203d2d485afbbee23ce058

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 23 Jul 2024 00:04:41 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://palingcuan.click
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 241
quic-version: 0x00000001

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 0
0 384ms
219ms Preflight 2a02:26f0:1700:14::b856:fb5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://palingcuan.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://palingcuan.click
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Tue, 23 Jul 2024 00:04:41 GMT

GET
H2 200 favicon_77b02fc3-f42d-49fd-a822-2282e2e4ee33_1702903923670.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs9clLATrzrAkLHtQwdGyxvB7zaN7nQt2zU6-JQf7XgzEeTI_6CnFkUfVhjH7S9OMYJBR8MZRJUYVIXECLQ62UecQRoMPIkub2TUhkocjwB10C1h0-sVB3z6sB6_UJ9b29KbrARXlwU-ox2EY8... 2 KB
2 KB 474ms
471ms Other
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs9clLATrzrAkLHtQwdGyxvB7zaN7nQt2zU6-JQf7XgzEeTI_6CnFkUfVhjH7S9OMYJBR8MZRJUYVIXECLQ62UecQRoMPIkub2TUhkocjwB10C1h0-sVB3z6sB6_UJ9b29KbrARXlwU-ox2EY8q9TY3jOX-w6VDyZhbjSQ280dQVJdwp8N3yXsCQwiyig/s1600/favicon_77b02fc3-f42d-49fd-a822-2282e2e4ee33_1702903923670.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b715860535142dc8d82e1eee7dc09008057e220a0f11ac14022ca81c7ee7ab80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 00:04:41 GMT
x-content-type-options: nosniff
server: fife
etag: "vb4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favicon_77b02fc3-f42d-49fd-a822-2282e2e4ee33_1702903923670.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2235
x-xss-protection: 0
expires: Wed, 24 Jul 2024 00:04:41 GMT

GET
H2 200 core.8bd2ca4559d3f8cd.js Show response
s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/ 291 KB
77 KB 1721ms
367ms Script
application/javascript 2404:2280:107:0:3::7f8
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-11187.ap4r.com/kos/s101/nlav11187/pixel/graySdk/core.8bd2ca4559d3f8cd.js?sdkid=252410956815655&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=252410956815655&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:107:0:3::7f8 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a21102dc1ae4aa467f052f60ac51326e46e35ccd5de2e9489be63b4b358fc10f

Request headers

Referer: https://palingcuan.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ks-client-ip: 2a00:2381:5374:1d::110
date: Tue, 25 Jun 2024 12:05:14 GMT
content-encoding: gzip
via: cache26.l2hk5[0,0,200-0,H], cache4.l2hk5[1,0], ens-cache23.hk34[0,0,200-0,H], ens-cache1.hk34[0,0]
x-oss-request-id: 667AB27A52F2323233AF17F8
content-md5: 4XZ4t4vSykVZ0/jNUFPwsg==
age: 2375969
x-swift-cachetime: 30417436
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 03 Jul 2024 10:47:58 GMT
content-length: 78072
x-ks-cache: HIT From 2404:2280:107:0:3::7f8
x-oss-object-type: Normal
last-modified: Tue, 25 Jun 2024 11:59:31 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1719317114
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 14604453638594700644
eagleid: a3b5239517216930831732647e
x-oss-server-time: 5
expires: Thu, 25 Jul 2024 12:05:14 GMT

POST radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 0
0

GET getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: logsdk.kwai-pro.com
URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel

Domain: logsdk.kwai-pro.com
URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel

Domain: ads.mythad.com
URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=252410956815655&pageId=pageId-1721693084263-1109856762935

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
blogger.googleusercontent.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
logsdk.kwai-pro.com
palingcuan.click
s1.kwai.net
s2-11187.ap4r.com
ads.mythad.com
logsdk.kwai-pro.com
203.161.44.171
2404:2280:107:0:3::7f8
2a00:1450:4001:810::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:829::200a
2a02:26f0:1700:14::b856:fb5a
43.131.10.207
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
13094fe3159b896515036cc2a176b9b81e25e7c97272dd3c7e9a480f6f04ca85
168c50c2b4cad3f1e7870bee7c302c27ca85940b9a291c01bec7a345c8b25763
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
7973290ba1150e900a8f1823c4a548955b12773a3b203d2d485afbbee23ce058
96c704fe63cfbd1757e14c97a7c14a505f621a323d00b02fbea3ae47a1deb80d
a21102dc1ae4aa467f052f60ac51326e46e35ccd5de2e9489be63b4b358fc10f
b715860535142dc8d82e1eee7dc09008057e220a0f11ac14022ca81c7ee7ab80
c5c5a05202a9e39350365d6cf290513f9ca03f59acbc398067de2d7253a4d6a7
f2b825afae728e51753beb062793fed906343ab0df51d7e8c94a8efb24ab087a

palingcuan.click Open in urlscan Pro 203.161.44.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

75 %IPv6

9 Domains

9 Subdomains

9 IPs

3 Countries

1205 kBTransfer

1642 kBSize

0 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

0 Cookies

Indicators

palingcuan.click Open in urlscan Pro
203.161.44.171 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

1205 kB
Transfer

1642 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions