urlscan.io logo urlscan.io
SecurityTrails logo

hh3.pw Open in urlscan Pro
52.222.174.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://hh3.pw/dy3c
Submission: On May 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main IP is 52.222.174.78, located in United States and belongs to AMAZON-02, US. The main domain is hh3.pw.
TLS certificate: Issued by Amazon on February 3rd 2021. Valid for: a year.
This is the only time hh3.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.222.174.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-78.cdg50.r.cloudfront.net
hh3.pw
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2600:9000:21f3:b600:1f:dede:8c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1hi69exj5z4z.cloudfront.net
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    15.206.80.87 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-206-80-87.ap-south-1.compute.amazonaws.com
www.taurus.cash
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:218f:9200:c:c486:8800:21 (United States)

ASN16509 (AMAZON-02, US)
d3f6c6b0qerxuo.cloudfront.net
Domain Requested by
5 d1hi69exj5z4z.cloudfront.net hh3.pw
2 www.google-analytics.com www.googletagmanager.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 www.googletagmanager.com www.gstatic.com
www.googletagmanager.com
2 www.gstatic.com hh3.pw
1 d3f6c6b0qerxuo.cloudfront.net hh3.pw
1 www.taurus.cash hh3.pw
1 hh3.pw
16 8

This site contains no links.

Subject Issuer Validity Valid
hh3.pw
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
taurus.cash
TrustAsia TLS RSA CA		 2020-06-29 -
2021-06-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://d3f6c6b0qerxuo.cloudfront.net/temp/com.rummy.game.pro896.mkswo45m/Vungo-TeenPatti_dy3c.apk
Frame ID: C77CC3B5F87514CBE7255B11511243BB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

16
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

542 kB
Transfer

673 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dy3c
hh3.pw/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-78.cdg50.r.cloudfront.net
Software
openresty/1.13.6.2 /
Resource Hash
3e6f9ce692250668971d620f953eea1642f670b9a056aab1c7a1dc93c8ddb182
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
hh3.pw
:scheme
https
:path
/dy3c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html;charset=UTF-8
server
openresty/1.13.6.2
date
Sun, 23 May 2021 03:11:48 GMT
content-language
en
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
via
1.1 941acf135bdda975383e37976690acc7.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
l1xPj5ikxWVlxcZRQJCOGguljM-r8vnaxGR04zeY4daYl6kh-6siWA==
firebase-app.js
www.gstatic.com/firebasejs/7.14.5/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.14.5/firebase-app.js
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
312bfec0279eeedf613a8f9377c4ddcbedc08c993c61b50d9ff8fa4c6b593aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 14:25:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 May 2020 21:27:23 GMT
server
sffe
age
391559
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6581
x-xss-protection
0
expires
Wed, 18 May 2022 14:25:49 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/7.14.5/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.14.5/firebase-analytics.js
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ce06e5dbd365ac925dfaf0807c120263cc227aab1e20691559e9a753106fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 18:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 May 2020 21:27:23 GMT
server
sffe
age
462074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8636
x-xss-protection
0
expires
Tue, 17 May 2022 18:50:34 GMT
icon-rect.png
d1hi69exj5z4z.cloudfront.net/images/p/a/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1hi69exj5z4z.cloudfront.net/images/p/a/icon-rect.png
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:1f:dede:8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
6aa5a6940fdfc61914c52cb9f0cdb6d29b8be8028ae579a235d9a2fffb85491f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 10:52:38 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 09:41:26 GMT
server
openresty/1.13.6.2
age
58750
etag
"609a5146-1b21"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
6945
x-amz-cf-id
eD3KTl_BeZOrtLhTh7Xlk3kK9Lbtkl-pSEyopSihceG6lpzb3bTqSA==
pic-w.png
d1hi69exj5z4z.cloudfront.net/images/p/a/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1hi69exj5z4z.cloudfront.net/images/p/a/pic-w.png
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:1f:dede:8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
05c11741316ce63d99591e73c504e3123b3d4c0a36f0ac4f610761aea3891923
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 10:52:38 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 09:41:25 GMT
server
openresty/1.13.6.2
age
58750
etag
"609a5145-31146"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
201030
x-amz-cf-id
DSWPEuQ0kGlxYZYLrOrYgVl2Gu9qen7nG9XQ_edHJ7eYpAfYV_QOMA==
icon.png
d1hi69exj5z4z.cloudfront.net/images/p/a/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1hi69exj5z4z.cloudfront.net/images/p/a/icon.png
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:1f:dede:8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
52a4cb44452e004b5853f09f2d72a35e239a49ac8c4c73516389eab9a85adfdf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 09:57:46 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 09:41:28 GMT
server
openresty/1.13.6.2
age
62042
etag
"609a5148-1b75"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
7029
x-amz-cf-id
3yyUTe7TUKNE71R42wggk2YI4zqv0H4Wb2IGtAV8qlLXG8WFJOOw2Q==
js
www.googletagmanager.com/gtag/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.14.5/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a82f59488343f196896c32344649b5539d71f919f68fb36f21aad28b74e32ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 03:11:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31019
x-xss-protection
0
expires
Sun, 23 May 2021 03:11:48 GMT
bg-w.png
d1hi69exj5z4z.cloudfront.net/images/p/a/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1hi69exj5z4z.cloudfront.net/images/p/a/bg-w.png
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:1f:dede:8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
66b5ee7969c41054cc11f739d91edbabe7d259af58555652f3fe24a718fd19d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 14:09:43 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 09:41:26 GMT
server
openresty/1.13.6.2
age
46925
etag
"609a5146-38ccb"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
232651
x-amz-cf-id
-lS7lAxSpuvSS076L2kdaV6ussI2PJnMHxqk3WsiiCPyhMWkzJ_EqA==
down-btn.png
d1hi69exj5z4z.cloudfront.net/images/p/a/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1hi69exj5z4z.cloudfront.net/images/p/a/down-btn.png
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b600:1f:dede:8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
c33cb0be3e368343da9db95afdad714f4c64227db1f19ea8c3ccc1a2dc123663
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 10:52:39 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 09:41:26 GMT
server
openresty/1.13.6.2
age
58749
etag
"609a5146-17eb"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
6123
x-amz-cf-id
o11NK1Ak5Z0YgbZhSL-s9tcuYiOhW7AyOAs6uf-ugTUNayBBc98JfA==
stat
www.taurus.cash/bizzclient/app/promotion/ 		2 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.taurus.cash/bizzclient/app/promotion/stat?code=dy3c&source=copy&platform=default&pkg=com.rummy.game.pro896.mkswo45m
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.206.80.87 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-206-80-87.ap-south-1.compute.amazonaws.com
Software
openresty/1.13.6.2 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 May 2021 03:11:48 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
openresty/1.13.6.2
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://hh3.pw
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
installations
firebaseinstallations.googleapis.com/v1/projects/taurus-cash/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/taurus-cash/installations
Protocol
H2
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://hh3.pw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://hh3.pw
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Sun, 23 May 2021 03:11:48 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
installations
firebaseinstallations.googleapis.com/v1/projects/taurus-cash/ 		578 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/taurus-cash/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.14.5/firebase-analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e655e735ca998d8c91b03a6364ae8f7aa611b6dc91d2d76469028a07906f49ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://hh3.pw/
x-goog-api-key
AIzaSyA5YBxfRFjKvn-p4fv6DvFTG1IdvqzT8Kk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Sun, 23 May 2021 03:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hh3.pw
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
449
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CCY90W06QY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bcad465e36a81c975c62d1125d3d05e2171e81be0a8f5b90992c64737f3059c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 03:11:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39259
x-xss-protection
0
expires
Sun, 23 May 2021 03:11:48 GMT
collect
www.google-analytics.com/g/ 		0
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CCY90W06QY&gtm=2oe5c1&_p=601409136&sr=1600x1200&ul=en-us&_fid=dRQWvxCfvyG_xO1qx-gT2g&cid=375415610.1621739509&_s=1&dl=https%3A%2F%2Fhh3.pw%2Fdy3c&dt=%E2%9D%A4Install%20TeenPatti%20Vungo%20to%20get%2010Rs%20Free%E2%9D%A4&sid=1621739508&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCY90W06QY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 23 May 2021 03:11:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hh3.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Vungo-TeenPatti_dy3c.apk
d3f6c6b0qerxuo.cloudfront.net/temp/com.rummy.game.pro896.mkswo45m/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d3f6c6b0qerxuo.cloudfront.net/temp/com.rummy.game.pro896.mkswo45m/Vungo-TeenPatti_dy3c.apk
Requested by
Host: hh3.pw
URL: https://hh3.pw/dy3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:9200:c:c486:8800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash

Request headers

:method
GET
:authority
d3f6c6b0qerxuo.cloudfront.net
:scheme
https
:path
/temp/com.rummy.game.pro896.mkswo45m/Vungo-TeenPatti_dy3c.apk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://hh3.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hh3.pw/

Response headers

content-type
application/octet-stream
content-length
46323195
server
openresty/1.13.6.2
date
Sun, 23 May 2021 03:11:49 GMT
last-modified
Wed, 19 May 2021 15:54:15 GMT
etag
"60a534a7-2c2d5fb"
accept-ranges
bytes
x-cache
Miss from cloudfront
via
1.1 7945bb9729c0979279f468dfe8446e59.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
-xiYYKkyfxyB00sUKTAqb-xWA81j2soT8T-JlIY1rpjtxfsZ4h854g==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CCY90W06QY&gtm=2oe5c1&_p=601409136&sr=1600x1200&ul=en-us&_fid=dRQWvxCfvyG_xO1qx-gT2g&cid=375415610.1621739509&_s=2&dl=https%3A%2F%2Fhh3.pw%2Fdy3c&dt=%E2%9D%A4Install%20TeenPatti%20Vungo%20to%20get%2010Rs%20Free%E2%9D%A4&sid=1621739508&sct=1&seg=0&en=game_home_display_001-%E6%B8%B8%E6%88%8F%E9%A6%96%E9%A1%B5%E5%B1%95%E7%A4%BA&_et=3&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCY90W06QY&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hh3.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 23 May 2021 03:11:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hh3.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| firebase object| firebaseConfig object| analytics object| dataLayer function| gtag object| xhr function| load function| init object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.hh3.pw/ Name: _ga
Value: GA1.1.375415610.1621739509
.hh3.pw/ Name: _ga_CCY90W06QY
Value: GS1.1.1621739508.1.0.1621739508.0

1 Console Messages

Source Level URL
Text
console-api log URL: https://hh3.pw/dy3c(Line 326)
Message:
ok

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN