pencilandpaper.xyz Open in urlscan Pro
2606:4700:3037::6815:1f0a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
Effective URL:
https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source...
Submission: On June 11 via manual (June 11th 2024, 7:49:55 am UTC) from GB — Scanned from GB

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::6815:1f0a, located in and belongs to . The main domain is pencilandpaper.xyz.
TLS certificate: Issued by WE1 on June 8th 2024. Valid for: 3 months.

This is the only time pencilandpaper.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	71.6.132.224 71.6.132.224	10439 (CARINET) (CARINET)
1 1	2606:4700:303... 2606:4700:3036::ac43:9763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::6815:4327	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700:303... 2606:4700:3037::6815:1f0a	() ()
25	3

3 71.6.132.224 (United States)

ASN10439 (CARINET, US)

glxmt.tattoosrus.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9763 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.yarrostrk.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4327 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.red1rectback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3037::6815:1f0a (None, ) 1 redirects

ASN- ()

pencilandpaper.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	pencilandpaper.xyz 1 redirects pencilandpaper.xyz	35 KB
3	tattoosrus.co.uk glxmt.tattoosrus.co.uk	1 KB
1	red1rectback.com 1 redirects www.red1rectback.com	874 B
1	yarrostrk.club 1 redirects www.yarrostrk.club	801 B
0	fontawesome.com Failed use.fontawesome.com Failed
25	5

	Domain	Requested by
8	pencilandpaper.xyz	1 redirects glxmt.tattoosrus.co.uk pencilandpaper.xyz
3	glxmt.tattoosrus.co.uk	glxmt.tattoosrus.co.uk
1	www.red1rectback.com	1 redirects
1	www.yarrostrk.club	1 redirects
0	use.fontawesome.com Failed	pencilandpaper.xyz
25	5

This site contains no links.

Subject Issuer	Validity	Valid
pencilandpaper.xyz WE1	`2024-06-08` - `2024-09-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Frame ID: F13767D69EF265E3A17E956F8A95E704
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 HTTP 307
https://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 HTTP 307
http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 Page URL
http://glxmt.tattoosrus.co.uk/t/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 Page URL
https://www.yarrostrk.club/25HQBZSB/7BNGQFFK/?sub1=17&sub2=1017-11176&sub3=14319-32922-14599 HTTP 302
https://www.red1rectback.com/2W1Q1KK/23W3ZLHD/?sub1=14b80b056a7b46acb2fb80b599a8fe39&source_id=20061&sub5... HTTP 302
https://pencilandpaper.xyz/K8ayXHmW2C/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2... HTTP 302
http://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub... HTTP 307
https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub... Page URL

Page Statistics

25
Requests

28 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

36 kB
Transfer

154 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 HTTP 307
https://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 HTTP 307
http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 Page URL
http://glxmt.tattoosrus.co.uk/t/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 Page URL
https://www.yarrostrk.club/25HQBZSB/7BNGQFFK/?sub1=17&sub2=1017-11176&sub3=14319-32922-14599 HTTP 302
https://www.red1rectback.com/2W1Q1KK/23W3ZLHD/?sub1=14b80b056a7b46acb2fb80b599a8fe39&source_id=20061&sub5=100320 HTTP 302
https://pencilandpaper.xyz/K8ayXHmW2C/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com HTTP 302
http://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com HTTP 307
https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 HTTP 307
https://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 HTTP 307
http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 Show response
glxmt.tattoosrus.co.uk/
Redirect Chain

http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
https://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17

458 B
711 B

170ms
170ms

Document
text/html

71.6.132.224
CARINET

General

Check archive.org

Show headers Download Go to

Full URL: http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
Protocol: HTTP/1.1
Server: 71.6.132.224 , United States, ASN10439 (CARINET, US),
Reverse DNS
Software: /
Resource Hash: 0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 458
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Jun 2024 07:50:01 GMT
X-Address: gin_throttle_mw_360000000000_194.74.212.113
X-Ratelimit-Limit: 10
X-Ratelimit-Remaining: 9
X-Ratelimit-Reset: 1718095801

Redirect headers

Location: http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 404
Not Found favicon.ico
glxmt.tattoosrus.co.uk/ 0
259 B 174ms
170ms Other
text/plain 71.6.132.224
CARINET

General

Check archive.org

Show headers Download Go to

Full URL: http://glxmt.tattoosrus.co.uk/favicon.ico
Protocol: HTTP/1.1
Server: 71.6.132.224 , United States, ASN10439 (CARINET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 11 Jun 2024 07:50:02 GMT
X-Address: gin_throttle_mw_360000000000_194.74.212.113
X-Ratelimit-Reset: 1718095801
X-Ratelimit-Limit: 10
Content-Length: 0
X-Ratelimit-Remaining: 8
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK 4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17 Show response
glxmt.tattoosrus.co.uk/t/ 310 B
563 B 554ms
554ms Document
text/html 71.6.132.224
CARINET

General

Check archive.org

Show headers Download Go to

Full URL: http://glxmt.tattoosrus.co.uk/t/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
Requested by: Host: glxmt.tattoosrus.co.uk
URL: http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
Protocol: HTTP/1.1
Server: 71.6.132.224 , United States, ASN10439 (CARINET, US),
Reverse DNS
Software: /
Resource Hash: e4e656202414e88ae5e33a6cca001e52666255df6b9902d029d342f38752bf71

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://glxmt.tattoosrus.co.uk/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 310
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Jun 2024 07:50:03 GMT
X-Address: gin_throttle_mw_360000000000_194.74.212.113
X-Ratelimit-Limit: 10
X-Ratelimit-Remaining: 7
X-Ratelimit-Reset: 1718095801

GET
H3

200

Primary Request / Show response
pencilandpaper.xyz/
Redirect Chain

https://www.yarrostrk.club/25HQBZSB/7BNGQFFK/?sub1=17&sub2=1017-11176&sub3=14319-32922-14599
https://www.red1rectback.com/2W1Q1KK/23W3ZLHD/?sub1=14b80b056a7b46acb2fb80b599a8fe39&source_id=20061&sub5=100320
https://pencilandpaper.xyz/K8ayXHmW2C/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1re...
http://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com

30 KB
5 KB

79ms
78ms

Document
text/html

2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to

Full URL

https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com

Requested by

Host: glxmt.tattoosrus.co.uk
URL: http://glxmt.tattoosrus.co.uk/t/4WvKzN11176Mhbm1017ghmoxpwyov14319XHUZAYPQVUXMUSH32922MBCP14599E17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9d1f09c61eab59d60c18a6109f903c92bcc9229b8ab68ae90c3163591fc6b35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://glxmt.tattoosrus.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 892001da5be79483-LHR
content-encoding: br
content-type: text/html
date: Tue, 11 Jun 2024 07:49:54 GMT
expires: Tue, 11 Jun 2024 07:49:53 GMT
last-modified: Sun, 02 Jun 2024 18:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p47GJFR%2BmwXS25nDICIpaKgyg4x88ZtYTFb%2B6Nj8pIS7QFX3axz6wMGQY1eQGBalyA%2B71fj%2BJoXw1JVj9vvqehpNx30clihjQbBFQKNzm9vmpCLBWq%2Fr%2FiFkhkvg9HqKnxNYBNCYf4ncCcZMn1z6cZA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Non-Authoritative-Reason: HSTS

GET
H3 200 style.css
pencilandpaper.xyz/css/ 16 KB
4 KB 59ms
59ms Stylesheet
text/css 2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to

Full URL

https://pencilandpaper.xyz/css/style.css

Requested by

Host: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3e40783022e9abf4f58aaa64ab6f2c1f592a1b49cec22836a3a60268426c8b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 18:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cb8ec-3f7f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37MvlxIzJkdAtmX5VfoH%2F319mr3TB5BIe0A8TI0vqE%2Bkqg6Pd6UTZscJT%2Bc0Ef%2BMsqaUm9kCCtTwJCk13ZVWIlVeShynr659t2K6jRG1widW1EU6IbIhLJqVNbQoTC9qdFng10MG1BCKByuyh1E6Z1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 892001db6d379483-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 07:49:54 GMT

GET
H3 200 animate.min.css
pencilandpaper.xyz/css/ 70 KB
6 KB 62ms
60ms Stylesheet
text/css 2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to

Full URL

https://pencilandpaper.xyz/css/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 18:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cb8ec-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOgbaCdLrLeliiqIjb6xf5tJUeSpE%2FoN9Wed%2FpsdaDEgRgUo8HMjwYcnF5dCugNbnVhVo1yiekeYgtoIZ29OXkITnZASzKRqyMd%2FJEVsN1QlOf0vxiZhnucV7bjvTX9KfZIkXp0o3dqEFhGTzYk0mSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 892001db6d389483-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 07:49:54 GMT

GET all.js
use.fontawesome.com/releases/v5.15.4/js/ 0
0

GET
H3 200 datehead.js Show response
pencilandpaper.xyz/js/ 2 KB
1 KB 92ms
91ms Script
application/javascript 2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to

Full URL

https://pencilandpaper.xyz/js/datehead.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

90af081bb8a5cc3d0733c8c2221f91f002a212abc0b0e79f44e0a74278a33c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 02 Jun 2024 18:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665cb8ec-6d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOEBiKQ%2BLlM40A%2Fh8T16q6JOqIpdFwgMlNgpbEApTlF2uE59hRmEXW8Zf8og8TSdYctHzrkwi06cfD4NoZndPl9g4E1PNDhh9FYgSHiPNHSf%2Brnv4yel9QkuKY%2BCSpqXeGq6XwHBcfhlkh4qIfNCiEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 892001db6d399483-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 07:49:54 GMT

GET
H3 200 logo.png
pencilandpaper.xyz/images/ 14 KB
14 KB 68ms
67ms Image
image/png 2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pencilandpaper.xyz/images/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

37ab2a39c92ad0ee5cde816483df3c7214cde9e4331bdeef037d4880b27494fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13842
last-modified: Sun, 02 Jun 2024 18:24:45 GMT
server: cloudflare
etag: "665cb8ed-3612"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8fzIuTEQA6YCwMN9Yrwy7XAZ7Ju7rSDlO9ETKvTkKBcK1uAuJIuPPl%2FtZzt6gzeOnhZFNVDLSmggcKzcAZsGm%2BlNytNqF7NFeqtkGFetUPTMv4DSrfrOxa3Dzisze6Qd7j2djXIipOkIdHti6Q%2FUJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 892001db6d3a9483-LHR
expires: Tue, 11 Jun 2024 07:49:54 GMT

GET
H3 200 flaglogo.png
pencilandpaper.xyz/images/ 4 KB
4 KB 93ms
92ms Image
image/png 2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pencilandpaper.xyz/images/flaglogo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7efe3233a8511d2101e189628413af3f29eaa8ac39bb75dcff1c9ccaa18905c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3964
last-modified: Sun, 02 Jun 2024 18:24:45 GMT
server: cloudflare
etag: "665cb8ed-f7c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rh1wnYMTEgY8uf%2FAcVu4BWemJvaOyKPDMHyhfUOPGAxKaFp8vAz2QrxJWeMH4zBkuvL6Rz2IYpUJ8IEQK%2BzVpl06nBJBC3hwoc9ju9cLvD8OElzRl3NFXZLUsOgaNOr%2Bgt90B9f6NsncqU9jfRUtcKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 892001db6d3b9483-LHR
expires: Tue, 11 Jun 2024 07:49:54 GMT

GET product.png
pencilandpaper.xyz/images/ 0
0

GET
H3 200 loadingBL.gif
pencilandpaper.xyz/images/ 18 KB
0 90ms
88ms Image
image/gif 2606:4700:3037::6815:1f0a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pencilandpaper.xyz/images/loadingBL.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f0a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pencilandpaper.xyz/?encoded_value=223GDT1&sub1=14b80b056a7b46acb2fb80b599a8fe39&sub2=&sub3=&sub4=&sub5=17443&source_id=20061&ip=2a00%3A2381%3A5374%3A1b%3A%3A113&domain=www.red1rectback.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 07:49:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 124659
last-modified: Sun, 02 Jun 2024 18:24:44 GMT
server: cloudflare
etag: "665cb8ec-1e6f3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBo1twHD8Bcp8FysVQz75QJooSXEX%2Bgx37%2BGvh3XDAK7F9M%2FxsXrdqjQ1MiJYyDrRTPBexw4JeiAXtl4UYUhDdiL9dvT%2BsR7CuDr1jSG3wmUCZZDgfFXU2sUoyaNfhQeP5AOs7Qc8FWR1qtMuAxdTRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 892001dc0ded9483-LHR
expires: Tue, 11 Jun 2024 07:49:54 GMT

GET prize1.png
pencilandpaper.xyz/images/ 0
0

GET 1.jpg
pencilandpaper.xyz/images/ 0
0

GET 2.jpg
pencilandpaper.xyz/images/ 0
0

GET comm_pic_1.jpg
pencilandpaper.xyz/images/ 0
0

GET 3.jpg
pencilandpaper.xyz/images/ 0
0

GET 4.jpg
pencilandpaper.xyz/images/ 0
0

GET comm_pic_2.jpg
pencilandpaper.xyz/images/ 0
0

GET 5.jpg
pencilandpaper.xyz/images/ 0
0

GET f_guarantee.png
pencilandpaper.xyz/images/ 0
0

GET f_secure_1.png
pencilandpaper.xyz/images/ 0
0

GET logo2.png
pencilandpaper.xyz/images/ 0
0

GET script.js
pencilandpaper.xyz/js/ 0
0

GET bg.png
pencilandpaper.xyz/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/product.png

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/prize1.png

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/1.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/2.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/comm_pic_1.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/3.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/4.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/comm_pic_2.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/5.jpg

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/f_guarantee.png

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/f_secure_1.png

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/logo2.png

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/js/script.js

Domain: pencilandpaper.xyz
URL: https://pencilandpaper.xyz/images/bg.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yarrostrk.club/	1970-01-20 21:16:18	Name: uniqueClick_7BNGQFFK Value: 061d6efe-a451-4fb2-9c40-2b389caf5466:1718092194
www.yarrostrk.club/	1970-01-20 23:24:28	Name: transaction_id Value: 14b80b056a7b46acb2fb80b599a8fe39
www.red1rectback.com/	1970-01-20 21:16:18	Name: uniqueClick_23W3ZLHD Value: 575bf674-c2c7-4556-a43c-89d5d33d0189:1718092194
www.red1rectback.com/	1970-01-20 23:24:28	Name: transaction_id Value: b743529b4f284d03a62431e5d93edd87

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://glxmt.tattoosrus.co.uk/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

glxmt.tattoosrus.co.uk
pencilandpaper.xyz
use.fontawesome.com
www.red1rectback.com
www.yarrostrk.club
pencilandpaper.xyz
use.fontawesome.com
2606:4700:3034::6815:4327
2606:4700:3036::ac43:9763
2606:4700:3037::6815:1f0a
71.6.132.224
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
37ab2a39c92ad0ee5cde816483df3c7214cde9e4331bdeef037d4880b27494fe
3e40783022e9abf4f58aaa64ab6f2c1f592a1b49cec22836a3a60268426c8b28
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
7efe3233a8511d2101e189628413af3f29eaa8ac39bb75dcff1c9ccaa18905c8
90af081bb8a5cc3d0733c8c2221f91f002a212abc0b0e79f44e0a74278a33c4b
9d1f09c61eab59d60c18a6109f903c92bcc9229b8ab68ae90c3163591fc6b35f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e656202414e88ae5e33a6cca001e52666255df6b9902d029d342f38752bf71

pencilandpaper.xyz Open in urlscan Pro 2606:4700:3037::6815:1f0a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

28 %HTTPS

75 %IPv6

5 Domains

5 Subdomains

3 IPs

1 Countries

36 kBTransfer

154 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

pencilandpaper.xyz Open in urlscan Pro
2606:4700:3037::6815:1f0a Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

28 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

36 kB
Transfer

154 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions