payung57amp.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f7e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payung57amp.pages.dev/
Submission: On September 30 via automatic, source certstream-suspicious (September 30th 2024, 7:42:41 am UTC) — Scanned from GB

Summary HTTP 25 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:310c::ac42:2f7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is payung57amp.pages.dev.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.

This is the only time payung57amp.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:310... 2606:4700:310c::ac42:2f7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:197a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:310... 2606:4700:310c::ac42:2f82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	6

3 2606:4700:310c::ac42:2f7e (United States)

ASN13335 (CLOUDFLARENET, US)

payung57amp.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-viva88athenae-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:197a (United States)

ASN13335 (CLOUDFLARENET, US)

img.viva88athenae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:310c::ac42:2f82 (United States)

ASN13335 (CLOUDFLARENET, US)

py57.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	viva88athenae.com img.viva88athenae.com — Cisco Umbrella Rank: 23279	220 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 476 img-viva88athenae-com.cdn.ampproject.org — Cisco Umbrella Rank: 331549	139 KB
5	pages.dev payung57amp.pages.dev py57.pages.dev	315 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
25	4

	Domain	Requested by
13	img.viva88athenae.com	payung57amp.pages.dev
5	cdn.ampproject.org	payung57amp.pages.dev cdn.ampproject.org
3	payung57amp.pages.dev	payung57amp.pages.dev
2	py57.pages.dev	payung57amp.pages.dev
1	img-viva88athenae-com.cdn.ampproject.org	payung57amp.pages.dev
1	fonts.googleapis.com	payung57amp.pages.dev
25	6

This site contains links to these domains. Also see Links.

Domain
p57.biz
biolink.co.id

Subject Issuer	Validity	Valid
payung57amp.pages.dev WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
img.viva88athenae.com E6	`2024-08-24` - `2024-11-22`	3 months	crt.sh
py57.pages.dev WE1	`2024-08-25` - `2024-11-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://payung57amp.pages.dev/
Frame ID: CDC1170C281609E5696A8E5C7B3A267B
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payung57 Official » Winrate Terbaik Tanpa Batas

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

25
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

676 kB
Transfer

937 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://p57.biz/ampmember
Title: Masuk

Search URL Search Domain Scan URL

URL: https://biolink.co.id/rtp-payung57
Title: RTP Slot Terupdate

Search URL Search Domain Scan URL

URL: https://biolink.co.id/apk-payung57

Search URL Search Domain Scan URL

URL: https://biolink.co.id/payung57-01
Title: Payung57 Login

Search URL Search Domain Scan URL

URL: https://biolink.co.id/payung57-02
Title: Payung57 Daftar

Search URL Search Domain Scan URL

URL: https://biolink.co.id/payung57-03
Title: Payung57 Terpercaya

Search URL Search Domain Scan URL

URL: https://biolink.co.id/wa-payung57
Title: WHATSAPP

Search URL Search Domain Scan URL

URL: https://biolink.co.id/lc-payung57
Title: LIVECHAT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
payung57amp.pages.dev/ 21 KB
5 KB 192ms
77ms Document
text/html 2606:4700:310c::ac42:2f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payung57amp.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f786451f6618cd3774b45d5487f1482722a585061cca3cdd45b7de5a95aac30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8cb293b2e8719562-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 30 Sep 2024 07:42:33 GMT
link: <https://cdn.ampproject.org/v0.js>; rel="preload"; as=script, <https://fonts.googleapis.com>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbLk%2FUH5YiTr%2BMzH3doYwtSbil0%2FLSnZMJt0EEL5%2B31Z2kbwpnkgrEPni9jFXesdw%2Blehzu8%2BcFSDLtcU6bKEPJZ%2FBBbgVz0SHcxdDWEi0DZPEsPyS7QsU3KkcEZGuIwtpzMmqcjomfB8xs7cxKDeN7sOK4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 speculation
payung57amp.pages.dev/cdn-cgi/ 2 B
424 B 35ms
34ms Other
application/speculationrules+json 2606:4700:310c::ac42:2f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payung57amp.pages.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://payung57amp.pages.dev
Referer: https://payung57amp.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obbjfRruLixt7XobAG54lVnqwAGnrY46oNKUVFo%2B%2FpQeGd%2BTVKafAmn90pbMWDRHKnJwzCMytF3F7HQFPIbqbDLN6bPQ8dBrWQMagrtIRXA8W%2BbcsLLca61lFYQr5pmIEqkZK21J8yzbXcZOauLUZjK5ULo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cb293b369359562-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: application/speculationrules+json
vary: Accept-Encoding
server: cloudflare

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 227ms
69ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7d76aeef0cb64e19a31483f7f6153456b8180c55ee12ad380fcbaca99e07e71

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

content-encoding: br
etag: "5846ec59b3b09ded"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 07:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73183
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
2 KB 219ms
66ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap

Requested by

Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2b713cc874cc7bea45b80ce9c7380cb53758f2075a0393b2cf26435cae80642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 07:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 30 Sep 2024 06:14:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 216ms
78ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1b867739d2a635307139b4d2af84b0173be770074d61696ed6b6334ad6ef02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

content-encoding: br
etag: "61283da51e082fa7"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 07:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2476
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 201ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5232a9119f039770f14a1902af49613ca8125daccfab8238b9a418418bf8fcb0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

content-encoding: br
etag: "dd5d6fe51ddd47b8"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 07:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 11519
x-xss-protection: 0
server: sffe

GET
H3 200 payung57-logo.png
payung57amp.pages.dev/img/ 134 KB
135 KB 80ms
78ms Image
image/png 2606:4700:310c::ac42:2f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payung57amp.pages.dev/img/payung57-logo.png

Requested by

Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0092b402ffcc2c2f365bced5c17775393cca83dbbc93e619b6d554588d2a148a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "dda8b543e08129703c68e10948a4f024"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEAf9ykwEY6rEhmeNche5VsNREDUgePojixX6Ild70Y4i6lMGk95%2Fa0U7iJO%2FQIhXU2QhM7awe8HKB1b5K%2BCoK3SuWE%2B1%2BKd41MgArtaR50Ur07F8XGMSetq%2Bziek4KkXXkx50DF9QuTaYc1M7KPbSVfFtw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cb293b55b129562-LHR
access-control-allow-origin: *
content-length: 137545
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-togel.png
img.viva88athenae.com/ 3 KB
3 KB 181ms
68ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/icon-togel.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d105d965179a934f1447883827264f0ff2740608a8f50561f4ea374c45d07463

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6084263c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3175
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-slot.png
img.viva88athenae.com/ 3 KB
3 KB 182ms
69ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/icon-slot.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088a588c0f5a3551734d03c5a41176deb134c2484684575eaad7ace6cd1f0647

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6084463c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3134
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-live.png
img.viva88athenae.com/ 3 KB
4 KB 156ms
44ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/icon-live.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b4d75adeec840ce7be86ff9226c8726eb903fba6088d4a263bee088510b764

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1229
cf-ray: 8cb293b6084863c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3265
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-sport.png
img.viva88athenae.com/ 3 KB
3 KB 162ms
49ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/icon-sport.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ae05302345e344232a74b0e3930ca7d570394218de23aa16eaf243a1196dd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6084b63c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2886
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Wed, 19 Apr 2023 10:27:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-fishing.png
img.viva88athenae.com/ 4 KB
4 KB 182ms
70ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/icon-fishing.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b568b0424fc1304378d8d83c4a079f5f4801d305c12c36f65772164a001ea1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6084d63c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4057
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Mon, 22 May 2023 11:27:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon-sabung.png
img.viva88athenae.com/ 1 KB
2 KB 182ms
70ms Image
image/webp 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/icon-sabung.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c9dc87b20eeeb920089f52a31b056e9398ad2218702278df70b4906fcec95d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8cb293b6084e63c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=2668
alt-svc: h3=":443"; ma=86400
content-length: 1448
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/webp
content-disposition: inline; filename="icon-sabung.webp"
vary: Accept
last-modified: Wed, 19 Apr 2023 10:27:47 GMT

GET
H3 200 mobile-opus.jpg
img.viva88athenae.com/pop/ 166 KB
167 KB 406ms
295ms Image
image/jpeg 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pop/mobile-opus.jpg
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89aff5cd9857ff29af36b3cb449b66d654d8302c236cfb6ebdd39cc7b8c0cd1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 8cb293b6085063c7-LHR
expires: Mon, 30 Sep 2024 11:42:34 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 170095
date: Mon, 30 Sep 2024 07:42:34 GMT
content-type: image/jpeg
last-modified: Sat, 14 Oct 2023 10:38:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 beranda.png
img.viva88athenae.com/ 2 KB
2 KB 184ms
73ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/beranda.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4dc272e0387675bfb5df8e7f6b23e6483627b4170c277f1afaa7072e4bd2f21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1229
cf-ray: 8cb293b6085263c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2053
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Tue, 18 Apr 2023 09:33:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 promosi.png
img.viva88athenae.com/ 7 KB
7 KB 155ms
45ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/promosi.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db95e015783ebbfb32e093a1a6ff18926e4bf03e37b0855a44f29a172c4ab09b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6085563c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6991
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Tue, 18 Apr 2023 09:33:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 events.png
img.viva88athenae.com/ 7 KB
7 KB 205ms
94ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/events.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fe5008616e838a60a64d1ed4b29f02cb5afe616e435d51c3c4ee71287bb7b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6085463c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6850
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Wed, 21 Jun 2023 06:13:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 whatsapp.png
img.viva88athenae.com/ 5 KB
6 KB 185ms
74ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/whatsapp.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5994d89da3f3ffefbf89dffd5b487798fa5bc4b0ebc70a14a3427373875b904d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1229
cf-ray: 8cb293b6085363c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 5411
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Tue, 18 Apr 2023 09:47:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 livechat.png
img.viva88athenae.com/ 1 KB
2 KB 181ms
70ms Image
image/png 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/livechat.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7452d9f2b38703bfe10f89ad9df59de88ee8a35629a7aecae996a02037fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1231
cf-ray: 8cb293b6085163c7-LHR
expires: Mon, 30 Sep 2024 11:42:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1402
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/png
last-modified: Tue, 18 Apr 2023 09:33:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mproviders.png
img-viva88athenae-com.cdn.ampproject.org/ii/AW/s/img.viva88athenae.com/ 45 KB
45 KB 84ms
66ms Image
image/avif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-viva88athenae-com.cdn.ampproject.org/ii/AW/s/img.viva88athenae.com/mproviders.png

Requested by

Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f35def1a1369641e54e746029fb8f6e06286b7b6e7b129ee00ec4a3ae2f59a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

report-to: {"group":"amphtml-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-eng"}]}
x-content-type-options: nosniff
expires: Mon, 30 Sep 2024 07:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Sep 2024 07:42:33 GMT
last-modified: Sat, 28 Sep 2024 14:20:16 GMT
content-type: image/avif
vary: Accept, Origin
content-disposition: attachment
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-eng"
content-length: 46209
x-xss-protection: 0
server: sffe

GET
H3 200 guidelines.png
img.viva88athenae.com/ 9 KB
10 KB 51ms
50ms Image
image/webp 2606:4700::6812:197a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/guidelines.png
Requested by: Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:197a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20844f08a31cfdafe5d9f37c919d2fa81dc0f92837f3e797db0fcec3cdc9992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1229
expires: Mon, 30 Sep 2024 11:42:33 GMT
cf-polished: origFmt=png, origSize=17843
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Sep 2024 07:42:33 GMT
content-type: image/webp
content-disposition: inline; filename="guidelines.webp"
vary: Accept
last-modified: Mon, 18 Dec 2023 06:19:03 GMT
cache-control: public, max-age=14400
cf-ray: 8cb293b648af63c7-LHR
accept-ranges: bytes
content-length: 9478
server: cloudflare

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 8 KB
3 KB 178ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf473f2f11676b2657c90fe8f2e6068e44c80a88674a25dd581c1ab7eaaee48

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://payung57amp.pages.dev
Referer: https://payung57amp.pages.dev/

Response headers

content-encoding: br
etag: "d9cc2a27db9b3ac9"
age: 392807
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 18:35:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 18:35:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2975
x-xss-protection: 0
server: sffe

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 12 KB
4 KB 174ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b51317cfc1ccef120163b29cbd142cea97884cca9d72934c1ded052f3ced0c28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://payung57amp.pages.dev
Referer: https://payung57amp.pages.dev/

Response headers

content-encoding: br
etag: "f441db9793c71801"
age: 385748
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 20:33:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 20:33:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3937
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 payung57-winrate-m.jpg
py57.pages.dev/ 164 KB
165 KB 372ms
255ms Image
image/jpeg 2606:4700:310c::ac42:2f82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://py57.pages.dev/payung57-winrate-m.jpg

Requested by

Host: payung57amp.pages.dev
URL: https://payung57amp.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302334c257d83f9f1757a5e00eb8b1d13651be3037dcde29efe8e1f3e2a605e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "11c06785280a19e4b79da5f79fae716f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsbewKkw46pickqFAETMjMUjyPCdO5xOIS7%2BT3QTKEti%2BwPR5xQ5WvaeFZgMjkxASvzgMEvS%2BAa81XFK2eayXgezT%2BagPjv5%2B0BI0PRG4EUIkB7V0EyuP6X7l9oCMYZpHxcn4l5QFVJF2pvb%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cb293b649929498-LHR
access-control-allow-origin: *
content-length: 168150
date: Mon, 30 Sep 2024 07:42:34 GMT
content-type: image/jpeg
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon.png
py57.pages.dev/ 9 KB
10 KB 55ms
54ms Other
image/png 2606:4700:310c::ac42:2f82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://py57.pages.dev/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d6e860caac74898bd0ecb4fcfed1f57dbcfaf8a822504240f1ac446f9378cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://payung57amp.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "863479519232d1aab90c4c87888bffa0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bTIEXjV%2FMe7MQA2l0rpD2QizAUhNFBLqBPOmIhD6M5TqliNls3zFU2CK2HacFd67a%2BIJHNV1Awfv7%2BPTYPqC51L8WxhSMaieZ2g903DY%2Bv4onue7L2goIrGe86gIK5Axv3dvCNcozPylATDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8cb293b89c0a9498-LHR
access-control-allow-origin: *
content-length: 9422
date: Mon, 30 Sep 2024 07:42:34 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.viva88athenae.com/	1970-01-20 23:54:43	Name: __cf_bm Value: hvZziSdMN1J2F.URNhaXpIXaP9C36q1Nw1MwYkGa.UA-1727682154-1.0.1.1-i0msUuAWEuVX7If8f73KUBLhmqbUSDWMTRvfPY.ATUCAhiDNbz9C09pkc4piObv6tJ2ZhaTjXzvDGn4VM6SfuQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
img-viva88athenae-com.cdn.ampproject.org
img.viva88athenae.com
payung57amp.pages.dev
py57.pages.dev
2606:4700:310c::ac42:2f7e
2606:4700:310c::ac42:2f82
2606:4700::6812:197a
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2001
0092b402ffcc2c2f365bced5c17775393cca83dbbc93e619b6d554588d2a148a
088a588c0f5a3551734d03c5a41176deb134c2484684575eaad7ace6cd1f0647
1cf473f2f11676b2657c90fe8f2e6068e44c80a88674a25dd581c1ab7eaaee48
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2b1b867739d2a635307139b4d2af84b0173be770074d61696ed6b6334ad6ef02
2b568b0424fc1304378d8d83c4a079f5f4801d305c12c36f65772164a001ea1a
302334c257d83f9f1757a5e00eb8b1d13651be3037dcde29efe8e1f3e2a605e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47c9dc87b20eeeb920089f52a31b056e9398ad2218702278df70b4906fcec95d
5232a9119f039770f14a1902af49613ca8125daccfab8238b9a418418bf8fcb0
55b4d75adeec840ce7be86ff9226c8726eb903fba6088d4a263bee088510b764
5994d89da3f3ffefbf89dffd5b487798fa5bc4b0ebc70a14a3427373875b904d
82fe5008616e838a60a64d1ed4b29f02cb5afe616e435d51c3c4ee71287bb7b9
89aff5cd9857ff29af36b3cb449b66d654d8302c236cfb6ebdd39cc7b8c0cd1b
9d6e860caac74898bd0ecb4fcfed1f57dbcfaf8a822504240f1ac446f9378cbc
a2b713cc874cc7bea45b80ce9c7380cb53758f2075a0393b2cf26435cae80642
af7452d9f2b38703bfe10f89ad9df59de88ee8a35629a7aecae996a02037fe6e
b51317cfc1ccef120163b29cbd142cea97884cca9d72934c1ded052f3ced0c28
d105d965179a934f1447883827264f0ff2740608a8f50561f4ea374c45d07463
d20844f08a31cfdafe5d9f37c919d2fa81dc0f92837f3e797db0fcec3cdc9992
d7d76aeef0cb64e19a31483f7f6153456b8180c55ee12ad380fcbaca99e07e71
db95e015783ebbfb32e093a1a6ff18926e4bf03e37b0855a44f29a172c4ab09b
e3ae05302345e344232a74b0e3930ca7d570394218de23aa16eaf243a1196dd3
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f4dc272e0387675bfb5df8e7f6b23e6483627b4170c277f1afaa7072e4bd2f21
f5f35def1a1369641e54e746029fb8f6e06286b7b6e7b129ee00ec4a3ae2f59a
f786451f6618cd3774b45d5487f1482722a585061cca3cdd45b7de5a95aac30f

payung57amp.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2f7e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

100 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

676 kBTransfer

937 kBSize

1 Cookies

8 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

payung57amp.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f7e Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

676 kB
Transfer

937 kB
Size

1
Cookies

25 HTTP transactions
2 data transactions