pam-group.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 103.160.37.195, located in Indonesia and belongs to IDNIC-JETORBIT-AS-ID PT Jetorbit Teknologi Indonesia, ID. The main domain is pam-group.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 11th 2023. Valid for: 3 months.

This is the only time pam-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.160.37.195 103.160.37.195	141584 (IDNIC-JET...) (IDNIC-JETORBIT-AS-ID PT Jetorbit Teknologi Indonesia)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	52.218.236.0 52.218.236.0	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	4

1 103.160.37.195 (Indonesia)

ASN141584 (IDNIC-JETORBIT-AS-ID PT Jetorbit Teknologi Indonesia, ID)
PTR: comet.jetorbit.net

pam-group.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.236.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	amazonaws.com s3-us-west-2.amazonaws.com	33 KB
1	gstatic.com fonts.gstatic.com	51 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	pam-group.com pam-group.com	7 KB
5	4

	Domain	Requested by
2	s3-us-west-2.amazonaws.com	pam-group.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pam-group.com
1	pam-group.com
5	4

This site contains no links.

Subject Issuer	Validity	Valid
pam-group.com cPanel, Inc. Certification Authority	`2023-11-11` - `2024-02-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pam-group.com/plazahomemortgage.html___.YXAzOmxvdWdlZWs6YTpvOjM1Mzg5YzVkNDFmMmNhM2VmNzg5NDg1NjlhY2FiOWQwOjY6NDBmOTo1NTExZWUzOTdjNjAwZmZhYTIxNzY5MTM2NzIxOWNhZjVmN2Y5MmUyOGU1OTE4ZDU5ZTg0M2NiNDc2YTBkMDNmOmg6VA
Frame ID: 61304783C7D6F5DA9ACC7983F39C6814
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 ErrorPage Not Found

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

92 kB
Transfer

131 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request plazahomemortgage.html___.YXAzOmxvdWdlZWs6YTpvOjM1Mzg5YzVkNDFmMmNhM2VmNzg5NDg1NjlhY2FiOWQwOjY6NDBmOTo1NTExZWUzOTdjNjAwZmZhYTIxNzY5MTM2NzIxOWNhZjVmN2Y5MmUyOGU1OTE4ZDU5ZTg0M2NiNDc2YTBkMDNmOmg6VA Show response
pam-group.com/ 44 KB
7 KB 689ms
243ms Document
text/html 103.160.37.195
IDNIC-JETORBIT-AS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pam-group.com/plazahomemortgage.html___.YXAzOmxvdWdlZWs6YTpvOjM1Mzg5YzVkNDFmMmNhM2VmNzg5NDg1NjlhY2FiOWQwOjY6NDBmOTo1NTExZWUzOTdjNjAwZmZhYTIxNzY5MTM2NzIxOWNhZjVmN2Y5MmUyOGU1OTE4ZDU5ZTg0M2NiNDc2YTBkMDNmOmg6VA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.37.195 , Indonesia, ASN141584 (IDNIC-JETORBIT-AS-ID PT Jetorbit Teknologi Indonesia, ID),
Reverse DNS: comet.jetorbit.net
Software: LiteSpeed / PHP/5.6.40
Resource Hash: a34d717f257bb4ebb5aed8216d47f1912146bcac165337bdc69b3aaba74df21b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 19:43:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 68ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Requested by

Host: pam-group.com
URL: https://pam-group.com/plazahomemortgage.html___.YXAzOmxvdWdlZWs6YTpvOjM1Mzg5YzVkNDFmMmNhM2VmNzg5NDg1NjlhY2FiOWQwOjY6NDBmOTo1NTExZWUzOTdjNjAwZmZhYTIxNzY5MTM2NzIxOWNhZjVmN2Y5MmUyOGU1OTE4ZDU5ZTg0M2NiNDc2YTBkMDNmOmg6VA

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd0a4a71b74ac9db68399b639a87a87d4ca01cec35d04e7430d768f3ee41097f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pam-group.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 19:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 17:50:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 19:43:45 GMT

GET
H/1.1 200
OK SplitText.min.js Show response
s3-us-west-2.amazonaws.com/s.cdpn.io/16327/ 13 KB
13 KB 563ms
193ms Script
application/javascript 52.218.236.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/16327/SplitText.min.js
Requested by: Host: pam-group.com
URL: https://pam-group.com/plazahomemortgage.html___.YXAzOmxvdWdlZWs6YTpvOjM1Mzg5YzVkNDFmMmNhM2VmNzg5NDg1NjlhY2FiOWQwOjY6NDBmOTo1NTExZWUzOTdjNjAwZmZhYTIxNzY5MTM2NzIxOWNhZjVmN2Y5MmUyOGU1OTE4ZDU5ZTg0M2NiNDc2YTBkMDNmOmg6VA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.236.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d89012258f7cbb0b26449029c759d48174211f0ab8e2aa68116050d565dba2d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pam-group.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 19:43:46 GMT
x-amz-version-id: vpmhSqxMFMKKVOmYRiqIUXw.buM3KC6v
Last-Modified: Sat, 01 Aug 2020 02:22:42 GMT
Server: AmazonS3
x-amz-request-id: Q97PQYM777VM5YY1
ETag: "08173f7e5eda3be713c81014b80eb1e5"
Content-Type: application/javascript
Cache-Control: public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 12891
x-amz-id-2: y2Eqh82iWnBJRGaegck5cuLICf9y61/FZMg+QVujPUTNl63/KRNq1guAFQVrgHXHWnnzwwuz1mY=

GET
H/1.1 200
OK MorphSVGPlugin.min.js Show response
s3-us-west-2.amazonaws.com/s.cdpn.io/16327/ 19 KB
20 KB 596ms
226ms Script
application/javascript 52.218.236.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/16327/MorphSVGPlugin.min.js
Requested by: Host: pam-group.com
URL: https://pam-group.com/plazahomemortgage.html___.YXAzOmxvdWdlZWs6YTpvOjM1Mzg5YzVkNDFmMmNhM2VmNzg5NDg1NjlhY2FiOWQwOjY6NDBmOTo1NTExZWUzOTdjNjAwZmZhYTIxNzY5MTM2NzIxOWNhZjVmN2Y5MmUyOGU1OTE4ZDU5ZTg0M2NiNDc2YTBkMDNmOmg6VA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.236.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: b9bb000d7085fddfdb5c7c3347b64b580a4ec35e91062b74c6803f91615a9c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pam-group.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 19:43:46 GMT
x-amz-version-id: 8Bp2y2I3lVeYCr23xXxgVvJZEGIUQYZI
Last-Modified: Sat, 01 Aug 2020 02:18:05 GMT
Server: AmazonS3
x-amz-request-id: Q97ZKZWNGEAHHFBX
ETag: "60aa4814dee07888f35cbc4b5ddfab86"
Content-Type: application/javascript
Cache-Control: public
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 19954
x-amz-id-2: 04aul4dEgBl/4JOvVM6+xxMHEz+QiIo7RY8L1Eld9cZMh46/W+uu/LQ1JuSF3lBXY6cRw5D+ahs=

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
51 KB 59ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pam-group.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:29:10 GMT
x-content-type-options: nosniff
age: 303275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:29:10 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pam-group.com/	1970-01-20 16:53:37	Name: PHPSESSID Value: asf78qf1ttvd4mhqjh0395mdkc9d6fcl

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pam-group.com
s3-us-west-2.amazonaws.com
103.160.37.195
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
52.218.236.0
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
a34d717f257bb4ebb5aed8216d47f1912146bcac165337bdc69b3aaba74df21b
b9bb000d7085fddfdb5c7c3347b64b580a4ec35e91062b74c6803f91615a9c99
bd0a4a71b74ac9db68399b639a87a87d4ca01cec35d04e7430d768f3ee41097f
d89012258f7cbb0b26449029c759d48174211f0ab8e2aa68116050d565dba2d0

pam-group.com Open in urlscan Pro 103.160.37.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

92 kBTransfer

131 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Indicators

pam-group.com Open in urlscan Pro
103.160.37.195 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

92 kB
Transfer

131 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions