urlscan.io logo urlscan.io
SecurityTrails logo

paper.matutempcha.gq Open in urlscan Pro
2a06:98c1:3120::c  Public Scan

Go To Rescan Add Verdict Report
URL: http://paper.matutempcha.gq/
Submission: On January 18 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is paper.matutempcha.gq.
This is the only time paper.matutempcha.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 176.117.58.29 48635 (CLDIN-NL TWS)
1 2.16.123.178 16625 (AKAMAI-AS)
1 2a01:7c8:ec:0... 20857 (TRANSIP-A...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
9 7
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
paper.matutempcha.gq
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    176.117.58.29 (Netherlands)

ASN48635 (CLDIN-NL TWS, NL)
PTR: ns2.v26207-2is.nl
www.beatrixschoolnieuwegein.nl
1    2.16.123.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-123-178.deploy.static.akamaitechnologies.com
media-cdn.tripadvisor.com
1    2a01:7c8:ec:0:149:210:196:43 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
stable.nl
2    2a02:26f0:6c00::210:ba63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
images2.persgroep.net
images4.persgroep.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
2 gstatic.com
fonts.gstatic.com
58 KB
2 persgroep.net
images2.persgroep.net — Cisco Umbrella Rank: 59247
images4.persgroep.net — Cisco Umbrella Rank: 77999
112 KB
1 stable.nl
stable.nl
902 KB
1 tripadvisor.com
media-cdn.tripadvisor.com — Cisco Umbrella Rank: 11083
58 KB
1 beatrixschoolnieuwegein.nl
www.beatrixschoolnieuwegein.nl
9 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 matutempcha.gq
paper.matutempcha.gq
13 KB
9 7
Domain Requested by
2 fonts.gstatic.com fonts.googleapis.com
1 images4.persgroep.net paper.matutempcha.gq
1 images2.persgroep.net paper.matutempcha.gq
1 stable.nl paper.matutempcha.gq
1 media-cdn.tripadvisor.com paper.matutempcha.gq
1 www.beatrixschoolnieuwegein.nl paper.matutempcha.gq
1 fonts.googleapis.com paper.matutempcha.gq
1 paper.matutempcha.gq
9 8

This site contains no links.

Subject Issuer Validity Valid
beatrixschoolnieuwegein.nl
Sectigo RSA Domain Validation Secure Server CA		 2022-11-11 -
2023-12-08		 a year crt.sh
media.tacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-22 -
2023-04-22		 a year crt.sh
*.stable.nl
R3		 2022-12-22 -
2023-03-22		 3 months crt.sh
*.persgroep.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-07 -
2023-08-08		 a year crt.sh

This page contains 1 frames:

Primary Page: http://paper.matutempcha.gq/
Frame ID: 1BBE518A8E44EB7B7679FAE5DF70A730
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kansen & zekerheden. Dat is het Oosterlicht.

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

56 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

10049 kB
Transfer

10072 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paper.matutempcha.gq/ 		43 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paper.matutempcha.gq/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fad686edbdf0d0aab62e46d008046b55bd32aee316eeed69c7753e69288679b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
78b52b3b7d029b2b-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Jan 2023 06:10:40 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDRtaNGXSXVD9ehHxAKX%2BxxGVpdVIV0ptYL60xCKJoIYZ%2Bdg4wPYzfdJUpJxSZ%2FTsH5zElNm8%2FVL4RMZ1FteubiNuejoep0AUbexf%2BQkTlnZUj%2BjQAH%2FtfF10MNC6Jk7QaanjdxdgUpV%2BnNYDFe6dyF7iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: paper.matutempcha.gq
URL: http://paper.matutempcha.gq/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
629b012c851f4242e4e12f5f51c9e02609423e89cafee41bc838631114ac9455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://paper.matutempcha.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 06:10:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 18 Jan 2023 06:10:40 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 18 Jan 2023 06:10:40 GMT
Wijkersloot-e1567068367586.png
www.beatrixschoolnieuwegein.nl/wp-content/uploads/2017/01/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.beatrixschoolnieuwegein.nl/wp-content/uploads/2017/01/Wijkersloot-e1567068367586.png
Requested by
Host: paper.matutempcha.gq
URL: http://paper.matutempcha.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.117.58.29 , Netherlands, ASN48635 (CLDIN-NL TWS, NL),
Reverse DNS
ns2.v26207-2is.nl
Software
nginx / PleskLin
Resource Hash
d1727ad1ac673c0609c7f9c86eefd08277fa17241096599a970e07be74a0767d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://paper.matutempcha.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:10:40 GMT
last-modified
Thu, 29 Aug 2019 08:46:12 GMT
server
nginx
etag
"5d6790d4-8afb12"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
9108242
rosada.jpg
media-cdn.tripadvisor.com/media/photo-s/12/84/2b/c5/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.tripadvisor.com/media/photo-s/12/84/2b/c5/rosada.jpg
Requested by
Host: paper.matutempcha.gq
URL: http://paper.matutempcha.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.123.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-123-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cefba86cc6e529259733d0bf3d25354a51b96aee4c32461dcf7a457e4c6961c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://paper.matutempcha.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 06:10:40 GMT
x-media-cdn
94353317
last-modified
Mon, 02 Apr 2018 17:57:22 GMT
etag
"27c8abfb7a0836c8d417dea9be9bdcb9"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2259774
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
content-length
58550
Rosada18.jpg
stable.nl/wp-content/uploads/2018/08/ 		901 KB
902 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stable.nl/wp-content/uploads/2018/08/Rosada18.jpg
Requested by
Host: paper.matutempcha.gq
URL: http://paper.matutempcha.gq/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7c8:ec:0:149:210:196:43 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
Apache /
Resource Hash
30bc7e0ba0d1bb99f13fbc3a106a1a7d7e58ea56c15785eeb4833f4e9a0078ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://paper.matutempcha.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 06:10:40 GMT
X-TransIP-Balancer
balancer0
X-TransIP-Backend
web227
Last-Modified
Mon, 11 Jul 2022 13:39:21 GMT
Server
Apache
ETag
"e15a7-5e387ade367d9"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
923047
/
images2.persgroep.net/rcs/UCrBB2Namu2qN9dsRkwbogvrXlU/diocontent/176926623/_focus/0.49/0.23/_fill/732/549/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images2.persgroep.net/rcs/UCrBB2Namu2qN9dsRkwbogvrXlU/diocontent/176926623/_focus/0.49/0.23/_fill/732/549/?appId=21791a8992982cd8da851550a453bd7f&quality=0.7
Requested by
Host: paper.matutempcha.gq
URL: http://paper.matutempcha.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6113732e07c37436bae49c3b80114c05275a94d133a2744637a9d07115e09a28
Security Headers
Name Value
Content-Security-Policy script-src 'none';
Strict-Transport-Security max-age=3600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://paper.matutempcha.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=3600 ; includeSubDomains
content-security-policy
script-src 'none';
x-content-type-options
nosniff
date
Wed, 18 Jan 2023 06:10:40 GMT
cache-state
HIT
x-frame-options
DENY
access-control-allow-methods
GET,HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
trace-id
0d897b87-c5db-41a9-9128-64e27cffff91
access-control-allow-headers
*
content-length
65762
x-xss-protection
1; mode=block
/
images4.persgroep.net/rcs/tjCKSsoGS4BTZDiKQ7M_X9hE79I/diocontent/173059725/_fitwidth/694/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images4.persgroep.net/rcs/tjCKSsoGS4BTZDiKQ7M_X9hE79I/diocontent/173059725/_fitwidth/694/?appId=21791a8992982cd8da851550a453bd7f&quality=0.8
Requested by
Host: paper.matutempcha.gq
URL: http://paper.matutempcha.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4704da4d53d042f1a5e06e2238f3f789e36a1e8b43265c3fa24ea0a57e4495ee
Security Headers
Name Value
Content-Security-Policy script-src 'none';
Strict-Transport-Security max-age=3600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://paper.matutempcha.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=3600 ; includeSubDomains
content-security-policy
script-src 'none';
x-content-type-options
nosniff
date
Wed, 18 Jan 2023 06:10:40 GMT
cache-state
HIT
x-frame-options
DENY
access-control-allow-methods
GET,HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31535999
accept-ranges
bytes
trace-id
99bafddd-53b0-407e-975d-9413cceb1e28
access-control-allow-headers
*
content-length
48247
x-xss-protection
1; mode=block
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://paper.matutempcha.gq
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 18:57:30 GMT
X-Content-Type-Options
nosniff
Age
40390
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
27268
X-XSS-Protection
0
Last-Modified
Mon, 11 Jul 2022 18:56:23 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 17 Jan 2024 18:57:30 GMT
jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/librefranklin/v13/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efe16fd64edb961d670fd35ee4a211ec22cb9e2fa6850cbbf13464dace1b39e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://paper.matutempcha.gq
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 14:05:43 GMT
X-Content-Type-Options
nosniff
Age
57897
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30628
X-XSS-Protection
0
Last-Modified
Mon, 11 Jul 2022 18:55:36 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 17 Jan 2024 14:05:43 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
paper.matutempcha.gq/ Name: ch1c
Value: b