pub-5129a39cf49b4d568c01f0e001386885.r2.dev Open in urlscan Pro
172.66.0.235 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html
Submission Tags: @phish_report
Submission: On November 21 via api (November 21st 2024, 11:34:19 am UTC) from FI — Scanned from FI

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 11 HTTP transactions. The main IP is 172.66.0.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-5129a39cf49b4d568c01f0e001386885.r2.dev.
TLS certificate: Issued by E5 on September 29th 2024. Valid for: 3 months.

This is the only time pub-5129a39cf49b4d568c01f0e001386885.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.66.0.235 172.66.0.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
11	4

1 172.66.0.235 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-5129a39cf49b4d568c01f0e001386885.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	97 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8961	114 KB
1	r2.dev pub-5129a39cf49b4d568c01f0e001386885.r2.dev	76 KB
0	cloudinary.com Failed res.cloudinary.com Failed
0	pafipandeglang.org Failed pafipandeglang.org Failed
11	5

	Domain	Requested by
7	cdn.ampproject.org	pub-5129a39cf49b4d568c01f0e001386885.r2.dev cdn.ampproject.org
1	i.imgur.com	pub-5129a39cf49b4d568c01f0e001386885.r2.dev
1	pub-5129a39cf49b4d568c01f0e001386885.r2.dev
0	res.cloudinary.com Failed
0	pafipandeglang.org Failed	pub-5129a39cf49b4d568c01f0e001386885.r2.dev
11	5

This site contains links to these domains. Also see Links.

Domain
starbet388.cloud

Subject Issuer	Validity	Valid
*.r2.dev E5	`2024-09-29` - `2024-12-28`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html
Frame ID: 9673F5E196080064135C3C4B66CDED84
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Situs Agen Slot Gacor Online Resmi Dan Terbaik Di Indonesia!

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

287 kB
Transfer

514 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://starbet388.cloud/daftar?ref=AGABD539523

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request naga.html Show response
pub-5129a39cf49b4d568c01f0e001386885.r2.dev/ 75 KB
76 KB 889ms
452ms Document
text/html 172.66.0.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d406634d6d2ab7ecdb4941694bc3fe3e2bca9e2cb1ca6b3d6a8c62854ac50950

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 8e605e8df8048da4-HEL
Connection: keep-alive
Content-Length: 77214
Content-Type: text/html
Date: Thu, 21 Nov 2024 11:34:13 GMT
ETag: "ca72392ae9609dcc1243649637918366"
Last-Modified: Tue, 29 Oct 2024 15:34:02 GMT
Server: cloudflare
Vary: Accept-Encoding

GET banner-sc.jpg
pafipandeglang.org/img/ 0
0

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
62 KB 994ms
141ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: pub-5129a39cf49b4d568c01f0e001386885.r2.dev
URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

3a7869ac772d4453fdea9b8b7642205ed2c3c91ee6615b0efaeb3db1c10df716

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "025f941185ebedb2"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:34:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:34:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 63581
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 987ms
135ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs

Requested by

Host: pub-5129a39cf49b4d568c01f0e001386885.r2.dev
URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

2b4813b9ff00e881958d1d34dc68771290d3bd1f978df240700c39f9dd138d7a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "fd3a44667abb50c1"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:34:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:34:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10077
x-xss-protection: 0
server: sffe

GET
H2 200 amp-install-serviceworker-0.1.mjs Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 976ms
124ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs

Requested by

Host: pub-5129a39cf49b4d568c01f0e001386885.r2.dev
URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a9779b28b9d28fe9a709d877c5ca56b59c4a6113add5c45e2d700a427da81dbe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "ffd2ab7b7e31a9cb"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:34:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:34:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2373
x-xss-protection: 0
server: sffe

GET
H2 200 amp-youtube-0.1.mjs Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 978ms
127ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs

Requested by

Host: pub-5129a39cf49b4d568c01f0e001386885.r2.dev
URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

b8714df9b37ac1ce53481607d7f744eda531cb0b10a4812c4269387d67fdfe1e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "85d89bb109bdf175"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:34:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:34:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10334
x-xss-protection: 0
server: sffe

GET
H2 200 amp-accordion-0.1.mjs Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 1029ms
178ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs

Requested by

Host: pub-5129a39cf49b4d568c01f0e001386885.r2.dev
URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

421962fc61816650b30d728b56c109d143183a65e23e80fc3588a6017ace546f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "a32db195e8954d18"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 11:34:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 11:34:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 4856
x-xss-protection: 0
server: sffe

GET
H2 200 B0q5jTp.png
i.imgur.com/ 113 KB
114 KB 299ms
162ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/B0q5jTp.png

Requested by

Host: pub-5129a39cf49b4d568c01f0e001386885.r2.dev
URL: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/naga.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a06d30c115742c1b67ee2d6da04f02be16f6ffe6c3930f6344fb1ede26c65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

etag: "c1b34547bc4d623ed0cfa95085ec67b3"
age: 163259
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, MISS
x-amz-cf-id: QFxL_Mwabt3g50MUxW6R9q3QiwEDgqvsm_znFf76EyS29yPnOhpOCA==
date: Thu, 21 Nov 2024 11:34:15 GMT
content-type: image/png
last-modified: Tue, 19 Mar 2024 07:08:54 GMT
x-cache-hits: 9, 0
x-served-by: cache-iad-kcgs7200120-IAD, cache-hel1410030-HEL
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1732188855.157951,VS0,VE109
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115898
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 7 KB
3 KB 79ms
78ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

9f7b6259c86dbc73ec05b0bed9dd5007634244d7bdd86db3c79d4336fd4bd83b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "2283a06acdfda99d"
age: 115436
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 03:30:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 03:30:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2817
x-xss-protection: 0
server: sffe

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 12 KB
4 KB 101ms
100ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

24093d9c84633fdf4e3dc7e096c16a5c60b7fc50a1458c1e61f5807f50381805

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev
Referer: https://pub-5129a39cf49b4d568c01f0e001386885.r2.dev/

Response headers

content-encoding: br
etag: "6616747924905c3d"
age: 212183
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:37:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 00:37:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3916
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET 00f525d0d812075a7fdf9c1d7a1b1312_awsow2.jpg
res.cloudinary.com/djxl6pads/image/upload/v1729277628/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pafipandeglang.org
URL: https://pafipandeglang.org/img/banner-sc.jpg

Domain: res.cloudinary.com
URL: https://res.cloudinary.com/djxl6pads/image/upload/v1729277628/00f525d0d812075a7fdf9c1d7a1b1312_awsow2.jpg

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
i.imgur.com
pafipandeglang.org
pub-5129a39cf49b4d568c01f0e001386885.r2.dev
res.cloudinary.com
pafipandeglang.org
res.cloudinary.com
142.250.181.225
172.66.0.235
199.232.196.193
24093d9c84633fdf4e3dc7e096c16a5c60b7fc50a1458c1e61f5807f50381805
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2b4813b9ff00e881958d1d34dc68771290d3bd1f978df240700c39f9dd138d7a
3a7869ac772d4453fdea9b8b7642205ed2c3c91ee6615b0efaeb3db1c10df716
421962fc61816650b30d728b56c109d143183a65e23e80fc3588a6017ace546f
9f7b6259c86dbc73ec05b0bed9dd5007634244d7bdd86db3c79d4336fd4bd83b
a06d30c115742c1b67ee2d6da04f02be16f6ffe6c3930f6344fb1ede26c65a2b
a9779b28b9d28fe9a709d877c5ca56b59c4a6113add5c45e2d700a427da81dbe
b8714df9b37ac1ce53481607d7f744eda531cb0b10a4812c4269387d67fdfe1e
d406634d6d2ab7ecdb4941694bc3fe3e2bca9e2cb1ca6b3d6a8c62854ac50950
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

pub-5129a39cf49b4d568c01f0e001386885.r2.dev Open in urlscan Pro 172.66.0.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

82 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

1 Countries

287 kBTransfer

514 kBSize

0 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

pub-5129a39cf49b4d568c01f0e001386885.r2.dev Open in urlscan Pro
172.66.0.235 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

287 kB
Transfer

514 kB
Size

0
Cookies

11 HTTP transactions
2 data transactions