pikpak.a1316563150.workers.dev Open in urlscan Pro
172.67.210.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pikpak.a1316563150.workers.dev/
Submission: On January 19 via api (January 19th 2024, 12:04:48 am UTC) from US — Scanned from US

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 172.67.210.195, located in United States and belongs to CLOUDFLARENET, US. The main domain is pikpak.a1316563150.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on December 31st 2023. Valid for: 3 months.

This is the only time pikpak.a1316563150.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.210.195 172.67.210.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.87.116 104.21.87.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.16.126.175 104.16.126.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	4

2 172.67.210.195 (United States)

ASN13335 (CLOUDFLARENET, US)

pikpak.a1316563150.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.87.116 (None, )

ASN13335 (CLOUDFLARENET, US)

paperkiteidleplus.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.126.175 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 867	131 KB
2	paperkiteidleplus.top paperkiteidleplus.top	292 KB
2	workers.dev pikpak.a1316563150.workers.dev	2 KB
0	imgdb.cn Failed pic.imgdb.cn Failed
8	4

	Domain	Requested by
4	unpkg.com	2 redirects pikpak.a1316563150.workers.dev
2	paperkiteidleplus.top	pikpak.a1316563150.workers.dev
2	pikpak.a1316563150.workers.dev	unpkg.com
0	pic.imgdb.cn Failed	pikpak.a1316563150.workers.dev paperkiteidleplus.top
8	4

This site contains links to these domains. Also see Links.

Domain
paperkiteblog.xyz

Subject Issuer	Validity	Valid
a1316563150.workers.dev GTS CA 1P5	`2023-12-31` - `2024-03-30`	3 months	crt.sh
paperkiteidleplus.top GTS CA 1P5	`2024-01-12` - `2024-04-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pikpak.a1316563150.workers.dev/
Frame ID: 81C4817B560CF05D4B07C391DC2EE54A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

425 kB
Transfer

1514 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://paperkiteblog.xyz/
Title: 点此进入

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@1.6.5/dist/axios.min.js

Request Chain 2

https://unpkg.com/vue@3/dist/vue.global.js HTTP 302
https://unpkg.com/vue@3.4.15/dist/vue.global.js

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pikpak.a1316563150.workers.dev/ 3 KB
2 KB 373ms
28ms Document
text/html 172.67.210.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pikpak.a1316563150.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.210.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc2b1d916a088e4672328182ac6cff22ef9a3ac03eb4b1b3906b17a37814f6b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 847ad25bebf6c336-EWR
content-encoding: br
content-type: text/html
date: Fri, 19 Jan 2024 00:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAuRDzZiRuTmrd8nwS5F6Rz8Pnpby9ANcDB1HECu0sGyS4n3EE3zopIZHx3UlTXBoIj6jLpUVKpZC9HDrU71qgHOg6lGXnL3Y1KUawk6kbAnUS3mXqGJPJk2O8PKjh3UYYExXsKoupNLPXWPKjqwNnw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.css
paperkiteidleplus.top/pikpak/ 5 KB
2 KB 1313ms
862ms Stylesheet
text/css 104.21.87.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paperkiteidleplus.top/pikpak/index.css
Requested by: Host: pikpak.a1316563150.workers.dev
URL: https://pikpak.a1316563150.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.87.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff38eed81a347dfc7a6c43fdbb5cd0caeb5e22383dc1d0ab335872b28098c36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pikpak.a1316563150.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:04:42 GMT
content-encoding: br
cf-cache-status: STALE
last-modified: Thu, 18 Jan 2024 13:44:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27686
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta8tzdzCNONWaVWoVaj3uWnBJwhHkRqtwOqFTMB13BD2z%2FngbLqc3765%2Fl7KGZ2WcVCNHdxk3topOyGtm0WXT370LwFwKwVFBMxTeRtEu0JqpMh2tz8Bs2uDM3kE6h%2FbexzyIUxXkNQ%3D"}],"group":"cf-nel","max_age":604800}
x-cache: MISS from kangle web server
content-type: text/css
cache-control: max-age=14400
cf-ray: 847ad25f0b2a42e9-EWR
alt-svc: h3=":443"; ma=86400

GET
H2

200

axios.min.js Show response
unpkg.com/axios@1.6.5/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@1.6.5/dist/axios.min.js

33 KB
13 KB

37ms
36ms

Script
application/javascript

104.16.126.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@1.6.5/dist/axios.min.js

Requested by

Host: pikpak.a1316563150.workers.dev
URL: https://pikpak.a1316563150.workers.dev/

Protocol

Server

104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad11a265acf7060a7d86dabc6ae0f3b32f135f096a6e35be748a001393d71541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pikpak.a1316563150.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1137900
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HKDKBENGNSYDSRM2XJ5CGZWM-lga
server: cloudflare
etag: W/"8377-sJR9VQcibeO0sE4OfGCP6SP7nGs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 847ad25f3956429a-EWR

Redirect headers

date: Fri, 19 Jan 2024 00:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HMFG664HXKA19NV1XVJJMGFB-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 368
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /axios@1.6.5/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 847ad25f0939429a-EWR

GET
H2

200

vue.global.js Show response
unpkg.com/vue@3.4.15/dist/
Redirect Chain

https://unpkg.com/vue@3/dist/vue.global.js
https://unpkg.com/vue@3.4.15/dist/vue.global.js

505 KB
118 KB

37ms
37ms

Script
application/javascript

104.16.126.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.4.15/dist/vue.global.js

Requested by

Host: pikpak.a1316563150.workers.dev
URL: https://pikpak.a1316563150.workers.dev/

Protocol

Server

104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba0605e02708808ef97633e9e25e83784631b31f1b415851831e7356b389e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pikpak.a1316563150.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 37697
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HMECJYYXKA184X392E236938-lga
server: cloudflare
etag: W/"7e562-dA4C5QGfG1LBHqa5HXaOR7heMI8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 847ad25f4967429a-EWR

Redirect headers

date: Fri, 19 Jan 2024 00:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HMFGD2DN41D34QFH61YBJ8XA-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 143
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /vue@3.4.15/dist/vue.global.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 847ad25f093a429a-EWR

GET 6524101cc458853aef6953d4.jpg
pic.imgdb.cn/item/ 0
0

GET
H2 200 indexEncrypt.js Show response
paperkiteidleplus.top/pikpak/ 967 KB
290 KB 1383ms
934ms Script
application/x-javascript 104.21.87.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paperkiteidleplus.top/pikpak/indexEncrypt.js
Requested by: Host: pikpak.a1316563150.workers.dev
URL: https://pikpak.a1316563150.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.87.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3806649a613a2e47a11fc339e05d3e439e74612ba6eb44b786556eb8394b643

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pikpak.a1316563150.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:04:42 GMT
content-encoding: br
cf-cache-status: STALE
last-modified: Thu, 18 Jan 2024 13:44:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27686
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oi2HSPa%2F6VpSs%2FuJRGi%2BKsYBfoT%2FBJ66nh7bgPttwfB8Vp6jJLlISqn1LRg1jCmNGsPyJnayAigDhzNEfXRi4Z9WqRRpaGep59VxvUZkXTODo63NoDdrHz%2F4jC%2BMCq1mVdVjYd9TZk4%3D"}],"group":"cf-nel","max_age":604800}
x-cache: MISS from kangle web server
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 847ad25f0b2b42e9-EWR
alt-svc: h3=":443"; ma=86400

GET 65a2d159871b83018a26d5f1.jpg
pic.imgdb.cn/item/ 0
0

GET
H2 200 checkServer.php Show response
pikpak.a1316563150.workers.dev/php/ 15 B
330 B 753ms
752ms XHR
text/plain 172.67.210.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pikpak.a1316563150.workers.dev/php/checkServer.php
Requested by: Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.210.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c473351557dd55bf32afc3612788bc5c7926534349743617aa6b30d39e59c941

Request headers

Accept: application/json, text/plain, */*
Referer: https://pikpak.a1316563150.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3k5IvMBZM7oCx%2Bu9VFXawadAdclKsL2xxjU1iiMO7ldAbQV%2FDCn6m%2FPoEu5YER5%2BbyDJa87AhEawNj4a3BS7DKjVvnbnnvN9ljm5ipXKcpveOvrxoPrw2qluHKV526rHsxXtVug0aczdG9yzA94AIRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cf-ray: 847ad2683914c336-EWR
alt-svc: h3=":443"; ma=86400
content-length: 15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pic.imgdb.cn
URL: https://pic.imgdb.cn/item/6524101cc458853aef6953d4.jpg

Domain: pic.imgdb.cn
URL: https://pic.imgdb.cn/item/65a2d159871b83018a26d5f1.jpg

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paperkiteidleplus.top
pic.imgdb.cn
pikpak.a1316563150.workers.dev
unpkg.com
pic.imgdb.cn
104.16.126.175
104.21.87.116
172.67.210.195
7ff38eed81a347dfc7a6c43fdbb5cd0caeb5e22383dc1d0ab335872b28098c36
ad11a265acf7060a7d86dabc6ae0f3b32f135f096a6e35be748a001393d71541
c473351557dd55bf32afc3612788bc5c7926534349743617aa6b30d39e59c941
d3806649a613a2e47a11fc339e05d3e439e74612ba6eb44b786556eb8394b643
dc2b1d916a088e4672328182ac6cff22ef9a3ac03eb4b1b3906b17a37814f6b3
fba0605e02708808ef97633e9e25e83784631b31f1b415851831e7356b389e7a

pikpak.a1316563150.workers.dev Open in urlscan Pro 172.67.210.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

50 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

425 kBTransfer

1514 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

pikpak.a1316563150.workers.dev Open in urlscan Pro
172.67.210.195 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

425 kB
Transfer

1514 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions