proxy.panel-zip.pp.ua Open in urlscan Pro
202.181.188.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://proxy.panel-zip.pp.ua/
Effective URL:
https://proxy.panel-zip.pp.ua/
Submission Tags: @phish_report
Submission: On July 26 via api (July 26th 2024, 11:09:54 pm UTC) from FI — Scanned from AU

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 202.181.188.117, located in Frankfurt am Main, Germany and belongs to GUARDNETWORK-AS, PL. The main domain is proxy.panel-zip.pp.ua.
TLS certificate: Issued by R10 on July 26th 2024. Valid for: 3 months.

This is the only time proxy.panel-zip.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	202.181.188.117 202.181.188.117	216129 (GUARDNETW...) (GUARDNETWORK-AS)
2	142.250.206.202 142.250.206.202	15169 (GOOGLE) (GOOGLE)
3	172.217.24.35 172.217.24.35	15169 (GOOGLE) (GOOGLE)
2	172.217.161.195 172.217.161.195	15169 (GOOGLE) (GOOGLE)
1	142.250.76.131 142.250.76.131	15169 (GOOGLE) (GOOGLE)
15	5

7 202.181.188.117 (Frankfurt am Main, Germany)

ASN216129 (GUARDNETWORK-AS, PL)
PTR: ip202-181-188-117.static.vm-host.com

proxy.panel-zip.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.206.202 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net

recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.161.195 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s03-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.76.131 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	pp.ua proxy.panel-zip.pp.ua	3 MB
3	gstatic.com fonts.gstatic.com www.gstatic.com	233 KB
3	recaptcha.net recaptcha.net — Cisco Umbrella Rank: 1698	874 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
15	4

	Domain	Requested by
7	proxy.panel-zip.pp.ua	proxy.panel-zip.pp.ua
3	recaptcha.net	proxy.panel-zip.pp.ua www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	proxy.panel-zip.pp.ua
1	www.gstatic.com	recaptcha.net
15	5

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
panel.zippro.su R10	`2024-07-26` - `2024-10-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
misc.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://proxy.panel-zip.pp.ua/
Frame ID: AEE771D2AA9613363A74A6BC3B73E73C
Requests: 13 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9wcm94eS5wYW5lbC16aXAucHAudWE6NDQz&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&theme=black&size=invisible&badge=bottomright&cb=geqczwpxtean
Frame ID: E4A11A47A23DECE79372FC039FDF14F9
Requests: 1 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn
Frame ID: BBEC713C02B9CF21A07520B06C1F60BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pterodactyl

Page URL History Show full URLs

http://proxy.panel-zip.pp.ua/ HTTP 307
https://proxy.panel-zip.pp.ua/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

15
Requests

53 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

3644 kB
Transfer

3968 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/bA729NstXD
Title: Наш Дискорд

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://proxy.panel-zip.pp.ua/ HTTP 307
https://proxy.panel-zip.pp.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
proxy.panel-zip.pp.ua/
Redirect Chain

http://proxy.panel-zip.pp.ua/
https://proxy.panel-zip.pp.ua/

2 KB
2 KB

1536ms
275ms

Document
text/html

202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.panel-zip.pp.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

3342c24971cdaa56d7b7f100db8397b0f3913881469994c6842db50e5e411800

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Fri, 26 Jul 2024 23:09:46 GMT
referrer-policy: same-origin
server: nginx
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

Location: https://proxy.panel-zip.pp.ua/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 393ms
143ms Stylesheet
text/css 142.250.206.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.206.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f10.1e100.net

Software

ESF /

Resource Hash

da5f67913e89ce7671405c1b20842d21d15a33f976f7a5ac64e337abdc786a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jul 2024 23:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 26 Jul 2024 23:09:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
763 B 398ms
148ms Stylesheet
text/css 142.250.206.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Mono|IBM+Plex+Sans:500&display=swap

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.206.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f10.1e100.net

Software

ESF /

Resource Hash

7daec0a10cb895bb2083bfd6da099a7ed31ec384b3a8ca666d6e4038ff1f4961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jul 2024 23:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 26 Jul 2024 23:09:46 GMT

GET
H2 200 bundle.bae76759.js Show response
proxy.panel-zip.pp.ua/assets/ 897 KB
898 KB 516ms
515ms Script
application/javascript 202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.panel-zip.pp.ua/assets/bundle.bae76759.js

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

e8162170947163b6b38e60393499121b613c9f643e0e64325659fdf4a0a9b6db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proxy.panel-zip.pp.ua/
Origin: https://proxy.panel-zip.pp.ua
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:46 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Fri, 22 Dec 2023 15:00:42 GMT
server: nginx
etag: "6585a49a-e0375"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 918389
x-xss-protection: 1; mode=block

GET
H2 200 vendors~auth~dashboard~server.a7e0d793.js Show response
proxy.panel-zip.pp.ua/assets/ 90 KB
90 KB 261ms
260ms Script
application/javascript 202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.panel-zip.pp.ua/assets/vendors~auth~dashboard~server.a7e0d793.js

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/assets/bundle.bae76759.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

4fefea903772608544770111fb26f7f906468986a4587426df96e9007a59cd59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proxy.panel-zip.pp.ua/auth/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:48 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 21 Dec 2023 19:59:12 GMT
server: nginx
etag: "65849910-16842"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 92226
x-xss-protection: 1; mode=block

GET
H2 200 auth.96e17f54.js Show response
proxy.panel-zip.pp.ua/assets/ 62 KB
63 KB 261ms
261ms Script
application/javascript 202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.panel-zip.pp.ua/assets/auth.96e17f54.js

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/assets/bundle.bae76759.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

a32a8339367a00fc12205a4ceed7987202d50f078046ae86da83ea516b8b888e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proxy.panel-zip.pp.ua/auth/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:48 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Sat, 30 Dec 2023 07:47:06 GMT
server: nginx
etag: "658fcafa-f8cb"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 63691
x-xss-protection: 1; mode=block

GET
H2 200 locale.json Show response
proxy.panel-zip.pp.ua/locales/ 25 B
1 KB 271ms
271ms Fetch
application/json 202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.panel-zip.pp.ua/locales/locale.json?locale=en&namespace=translation&hash=185f4b1a0d8

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/assets/bundle.bae76759.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

9a0e87a8142517a0c69e726fdf2a63bc8f224bc7f330624b94578044eb810b7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proxy.panel-zip.pp.ua/auth/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:48 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
etag: 648aa5ae7e486cbe43e535d16699d787
x-frame-options: DENY
content-type: application/json
cache-control: max-age=3600, public, stale-while-revalidate=86400
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
recaptcha.net/recaptcha/ 871 B
874 B 299ms
100ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api.js?render=explicit

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/assets/auth.96e17f54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

GSE /

Resource Hash

d870b53ae2675f9a44fa209a545e77d38a117827a072368eaa1707951e681a52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 26 Jul 2024 23:09:48 GMT

GET
H2 200 server-icon1.png
proxy.panel-zip.pp.ua/assets/svgs/ 2 MB
2 MB 259ms
258ms Image
image/png 202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.panel-zip.pp.ua/assets/svgs/server-icon1.png

Requested by

Host: proxy.panel-zip.pp.ua
URL: https://proxy.panel-zip.pp.ua/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

475cb3797e68b31179b196e186c976a2d1bc0811a23c7f0f40bc095f1f1b748a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proxy.panel-zip.pp.ua/auth/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:48 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 21 Dec 2023 23:34:44 GMT
server: nginx
etag: "6584cb94-24abbf"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-robots-tag: none
content-length: 2403263
x-xss-protection: 1; mode=block

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIVsdP3pBmtF8A.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 7 KB
8 KB 391ms
139ms Font
font/woff2 172.217.161.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIVsdP3pBmtF8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono|IBM+Plex+Sans:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s03-in-f3.1e100.net

Software

sffe /

Resource Hash

592e54b760ec28dd6d7cfe999bd4a319caae0e638dfae818107c7abda25b4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://proxy.panel-zip.pp.ua
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 25 Jul 2024 16:24:04 GMT
x-content-type-options: nosniff
age: 110745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7648
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Jul 2025 16:24:04 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 15 KB
15 KB 366ms
115ms Font
font/woff2 172.217.161.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdP3pBms.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Mono|IBM+Plex+Sans:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s03-in-f3.1e100.net

Software

sffe /

Resource Hash

0c740f1101a18950b45ef3ebb857e342fd61344a3bacffb74e4fd7a1f9be6439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://proxy.panel-zip.pp.ua
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 20 Jul 2024 14:19:47 GMT
x-content-type-options: nosniff
age: 550202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14976
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 14:19:47 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 531 KB
211 KB 366ms
109ms Script
text/javascript 142.250.76.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js

Requested by

Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f3.1e100.net

Software

sffe /

Resource Hash

e1d667d61bb50e0a815101a7d0d7f379b7219776fee856eedbe965a049db8d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://proxy.panel-zip.pp.ua
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 02:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215075
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 21:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Jul 2025 02:49:00 GMT

GET
H2 200 anchor
recaptcha.net/recaptcha/api2/ Frame E4A1 0
0 231ms
134ms Document
text/html 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9wcm94eS5wYW5lbC16aXAucHAudWE6NDQz&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&theme=black&size=invisible&badge=bottomright&cb=geqczwpxtean

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-gOzjwBA2uRA0k-Ir5OscIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-gOzjwBA2uRA0k-Ir5OscIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jul 2024 23:09:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
recaptcha.net/recaptcha/api2/ Frame BBEC 0
0 103ms
103ms Document
text/html 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://recaptcha.net/recaptcha/api2/bframe?hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f3.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-xrSmsWkCCO2SPQqB-cS4Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-xrSmsWkCCO2SPQqB-cS4Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jul 2024 23:09:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
proxy.panel-zip.pp.ua/favicons/ 4 KB
4 KB 259ms
258ms Other
image/x-icon 202.181.188.117
GUARDNETWORK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://proxy.panel-zip.pp.ua/favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.181.188.117 Frankfurt am Main, Germany, ASN216129 (GUARDNETWORK-AS, PL),

Reverse DNS

ip202-181-188-117.static.vm-host.com

Software

nginx /

Resource Hash

727398abcef3c6828129a3b1b2833faf89b001ba6708dda030f97a552a6e260f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proxy.panel-zip.pp.ua/auth/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 26 Jul 2024 23:09:51 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 21 Dec 2023 15:08:00 GMT
server: nginx
etag: "658454d0-10be"
x-frame-options: DENY
content-type: image/x-icon
accept-ranges: bytes
x-robots-tag: none
content-length: 4286
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
recaptcha.net/recaptcha	1970-01-21 02:39:47	Name: _GRECAPTCHA Value: 09AD4nbXSCKF4Q-zqf-8zRDcDHUqARI0qQ-r3afoG_w9X4aToToOHvXbydhouTrNACt-8rnMG7-NqzSuF4INWfK84
proxy.panel-zip.pp.ua/	1970-01-20 22:21:18	Name: XSRF-TOKEN Value: eyJpdiI6IjJVQ3FVNkFkbnpCd1k5dk1mRmJ5QlE9PSIsInZhbHVlIjoidUhSVGxXaG90Z0VEK1dsZjhGU09GUVZaTW1jK2owdXRmUWlPQTZHRlJNMHFjaUhNNHNnTk00aVJsN1c1RnNoSVVDVEdCS0Y1RTIxS0ZUTVVManBxaU81aGtaNXE2SVIrSy8yZStXdS9ZL0xXQ2VIT3poVkladXZGL1Y2MDMzeEsiLCJtYWMiOiI0NzEzNjM0M2Y3NjAzNjc1ODUzZWFlZDgzODIyZTkzNTJlN2UzNGY5OWU4MGM4YjE0NDExOGJjMDVlMTFjYWZiIiwidGFnIjoiIn0%3D
proxy.panel-zip.pp.ua/	1970-01-20 22:21:18	Name: pterodactyl_session Value: eyJpdiI6IlU0bzA4K3RZMjJ3M2xoOS85Z2hDeUE9PSIsInZhbHVlIjoiK3dLM0JtVVoySVUzWHMwMjZOUVJabURSWHNucmw3Qzd1UVU3MC9QYmpyZWVUYmJGenZKT1JOQUU5ZEpEbFI2VzViOVE1ZVVuaUpCZVA5N01zNmNPYk1rOVlKcWMrb0xodVpmSkZYb250dVFuN0QzUWg3U1BoV2RkSXR4ckkybUciLCJtYWMiOiI2OTIyNzRhYThkMjRmZDBmNDhjZTMxM2UxODQ3Y2UxZDk5YTlkMDRkNWIzYzJhNmI3ZjdmNTY1NmZmM2I0YTY2IiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://proxy.panel-zip.pp.ua/auth/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
proxy.panel-zip.pp.ua
recaptcha.net
www.gstatic.com
142.250.206.202
142.250.76.131
172.217.161.195
172.217.24.35
202.181.188.117
0c740f1101a18950b45ef3ebb857e342fd61344a3bacffb74e4fd7a1f9be6439
3342c24971cdaa56d7b7f100db8397b0f3913881469994c6842db50e5e411800
475cb3797e68b31179b196e186c976a2d1bc0811a23c7f0f40bc095f1f1b748a
4fefea903772608544770111fb26f7f906468986a4587426df96e9007a59cd59
592e54b760ec28dd6d7cfe999bd4a319caae0e638dfae818107c7abda25b4592
727398abcef3c6828129a3b1b2833faf89b001ba6708dda030f97a552a6e260f
7daec0a10cb895bb2083bfd6da099a7ed31ec384b3a8ca666d6e4038ff1f4961
9a0e87a8142517a0c69e726fdf2a63bc8f224bc7f330624b94578044eb810b7e
a32a8339367a00fc12205a4ceed7987202d50f078046ae86da83ea516b8b888e
d870b53ae2675f9a44fa209a545e77d38a117827a072368eaa1707951e681a52
da5f67913e89ce7671405c1b20842d21d15a33f976f7a5ac64e337abdc786a33
e1d667d61bb50e0a815101a7d0d7f379b7219776fee856eedbe965a049db8d44
e8162170947163b6b38e60393499121b613c9f643e0e64325659fdf4a0a9b6db

proxy.panel-zip.pp.ua Open in urlscan Pro 202.181.188.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

53 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

3644 kBTransfer

3968 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

proxy.panel-zip.pp.ua Open in urlscan Pro
202.181.188.117 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

53 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

3644 kB
Transfer

3968 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions