urlscan.io logo urlscan.io
SecurityTrails logo

papervalleymodelrailroad.org Open in urlscan Pro
2606:4700:3037::ac43:a9d2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/5W95HA4kOn
Effective URL: https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketin...
Submission: On October 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3037::ac43:a9d2, located in United States and belongs to CLOUDFLARENET, US. The main domain is papervalleymodelrailroad.org.
TLS certificate: Issued by E1 on September 28th 2022. Valid for: 3 months.
This is the only time papervalleymodelrailroad.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 1 2600:9000:205... 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2
Apex Domain
Subdomains		 Transfer
4 papervalleymodelrailroad.org
papervalleymodelrailroad.org
68 KB
1 app.link
6mydp.app.link
603 B
1 t.co
t.co — Cisco Umbrella Rank: 550
570 B
5 3
Domain Requested by
4 papervalleymodelrailroad.org t.co
papervalleymodelrailroad.org
1 6mydp.app.link 1 redirects
1 t.co
5 3

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.papervalleymodelrailroad.org
E1		 2022-09-28 -
2022-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
Frame ID: 9D6FE4F81AE70F5274B4E020EC750CC4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Document

Page URL History Show full URLs

  1. https://t.co/5W95HA4kOn Page URL
  2. https://6mydp.app.link/a5jpDVc6Xtb?/UIGYIIO HTTP 307
    https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269... Page URL

Page Statistics

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

69 kB
Transfer

141 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/5W95HA4kOn Page URL
  2. https://6mydp.app.link/a5jpDVc6Xtb?/UIGYIIO HTTP 307
    https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5W95HA4kOn
t.co/ 		285 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/5W95HA4kOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
198
content-type
text/html; charset=utf-8
date
Mon, 10 Oct 2022 14:34:10 GMT
expires
Mon, 10 Oct 2022 14:39:10 GMT
perf
7626143928
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
226c4032faa1c86ef28f540e3fdc986c9ca510abc429b37905ffbb988be8839e
x-response-time
117
x-transaction-id
4be3bf8422cd6d4f
x-xss-protection
0
Primary Request /
papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/
Redirect Chain
  • https://6mydp.app.link/a5jpDVc6Xtb?/UIGYIIO
  • https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWT...
389 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
Requested by
Host: t.co
URL: https://t.co/5W95HA4kOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea771cbf42a69918c0f50d76bf7b318ea505715f81dcd60e6b264967ea488793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/5W95HA4kOn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7580134a2ff68fd7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 10 Oct 2022 14:34:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKtwisJh6D70jPmlmN7KFOzNh4UK3Re4Gna%2B%2BnCHt4cNZAAyFJbEWD1K9ZgO4C4D7jsv7OL95TpBAwV2W1HJIDTm%2BdtCutBV92DjDnIFvD3a3zEyNBXi94DblAC3Hii78a1yGEzgsHcuIplaYNz57vl1XAaiouwlOQ%2BE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 10 Oct 2022 14:34:10 GMT
last-modified
Mon, 10 Oct 2022 14:34:10 GMT
location
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-id
StxInD8e0Xo3qHc3vUICybXreiDTy7KVTQFZgbSsd9X6oewLvk4EaQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
captcha.js
papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/assets/js/ 		118 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/assets/js/captcha.js
Requested by
Host: papervalleymodelrailroad.org
URL: https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7d1dc4867c2df3a57e5ab46e45d755e11eee0abbefa53a22e56219fcd89c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 14:34:11 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 08 Oct 2022 16:56:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GjW9tWsDNrvF4k%2F5mXQmEduxVr4JAzzCjnZw64Z0%2F%2FpHOK2T4V3ioDR9%2BtS%2BTzgWG3TbMH%2F11Ikj1Vg6HJS8cQ5oLHEl68UjaeJXXG0%2B9iQ%2BVnAzl4swTGJku9GiD2GtBc0wtPximZMGgdadMqk6AVaidRn%2Bm2rmpcb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7580134b39ad8fd7-FRA
expires
Wed, 09 Nov 2022 14:34:09 GMT
captcha.png
papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/captcha.png?_1665412453151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad74ddc90219914650e1297b1f2acd76205e4c02d376a7ecdef65ebe9dc444f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 14:34:13 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Mon, 10 Oct 2022 14:34:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycIzihtRFO2mBZrYHnH26Hh6ff3KLt7PgftpP8gWdfOGLYO3LxFNEHZJ4NknOYFj0PMSIP4T8IFcDYUJtRwi7G0lxQgmY59Zd%2FmEetcPtFYcAe2CFBHj2q4cb29ehRLSXAY21kGawrbLuCiSyhuNXLgtHC5GUb6b73EQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
cf-ray
758013584d31bbeb-FRA
expires
Fri, 09 Dec 2022 14:34:12 GMT
2134651.png
papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/2134651.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1cee41c4e9c9e02bf8bb1a9f0fb4949d799017113518380fcff3927ba70fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://papervalleymodelrailroad.org/deiv/newrepnceo1/newrepnceo/?%2FUIGYIIO&_branch_match_id=1108027004402884269&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN8utTCnQSywo0MvJzMvWTzTNKnAJSzaLKEkCAL0lPC8iAAAA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 14:34:13 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17754
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Sat, 08 Oct 2022 16:56:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw50gopWNzwISPNkesi5txTtRCyIUIpb%2FV6ZpWsY%2BpOrMYwRI9Z4uFJSbVx%2BqEQBL2I3CFOHQqGa8%2FKzOsLosql8Df%2BYSdx6kl6BVO7nxOug%2BjBUwiNrZGS5diz%2FIGQSABOr%2BogFFnhfKUEXDMSJhPmO2OfmEBt2zsGJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
758013584d34bbeb-FRA
expires
Fri, 09 Dec 2022 14:34:11 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| setImmediate function| clearImmediate function| Vue

3 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: b61420a0-6b48-404f-8636-071b31247de6
.app.link/ Name: _s
Value: 0MfUvJi0OeXoQUuc7tvg02BTzfFnuVLTrykwZAIUMHqtu3Ks2iFF9FpelWqIxGq2
papervalleymodelrailroad.org/ Name: cazanova
Value: fa47a87038ff3680d4131c266aefbba2c0df054a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0