www.amp.observer Open in urlscan Pro
162.0.215.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.amp.observer/
Submission: On November 18 via api (November 18th 2023, 5:48:31 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 13 HTTP transactions. The main IP is 162.0.215.8, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.amp.observer.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 19th 2023. Valid for: a year.

This is the only time www.amp.observer was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	162.0.215.8 162.0.215.8	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4	172.217.13.97 172.217.13.97	15169 (GOOGLE) (GOOGLE)
2	154.83.2.16 154.83.2.16	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	172.217.13.202 172.217.13.202	15169 (GOOGLE) (GOOGLE)
1	66.29.153.26 66.29.153.26	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	162.254.39.134 162.254.39.134	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	142.250.81.227 142.250.81.227	15169 (GOOGLE) (GOOGLE)
13	8

3 162.0.215.8 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium181-2.web-hosting.com

www.amp.observer	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amp.observer	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.83.2.16 (Seychelles)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

files.sitestatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.29.153.26 (Charlotte, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium303-5.web-hosting.com

jari.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.254.39.134 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium287-4.web-hosting.com

zxc.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	99 KB
3	amp.observer 1 redirects www.amp.observer amp.observer	27 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	sitestatic.net files.sitestatic.net — Cisco Umbrella Rank: 58569	516 KB
1	zxc.onl zxc.onl	82 KB
1	jari.gg jari.gg	49 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	887 B
13	7

	Domain	Requested by
4	cdn.ampproject.org	www.amp.observer cdn.ampproject.org
2	fonts.gstatic.com	fonts.googleapis.com
2	files.sitestatic.net	www.amp.observer
2	www.amp.observer	www.amp.observer
1	zxc.onl	www.amp.observer
1	jari.gg	www.amp.observer
1	fonts.googleapis.com	www.amp.observer
1	amp.observer	1 redirects
13	8

This site contains links to these domains. Also see Links.

Domain
amp.observer
jari.gg
asd.onl
www.gamblingcommission.gov.uk
www.mga.org.mt
www.gra.gi
www.curacao-egaming.com
www.gov.im
www.coffeegearx.com
ke.baby
s3-ap-southeast-1.amazonaws.com
si.baby
secure.livechatinc.com

Subject Issuer	Validity	Valid
amp.observer Sectigo RSA Domain Validation Secure Server CA	`2023-10-19` - `2024-10-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sitestatic.net Cloudflare Inc ECC CA-3	`2023-01-19` - `2024-01-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
jari.gg Sectigo RSA Domain Validation Secure Server CA	`2023-11-11` - `2024-11-11`	a year	crt.sh
zxc.onl Sectigo RSA Domain Validation Secure Server CA	`2023-09-22` - `2024-09-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.amp.observer/
Frame ID: 714FDF3CD3B69E8BC63DA945BCD85890
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winslot - Situs Daftar Slot Gacor Online Nexus & UG Gaming

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Lightbox (JavaScript Libraries) Expand

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

804 kB
Transfer

1143 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://amp.observer/

Search URL Search Domain Scan URL

URL: https://jari.gg/petir
Title: Daftar

Search URL Search Domain Scan URL

URL: https://asd.onl/vpn
Title: VPN Slot

Search URL Search Domain Scan URL

URL: https://asd.onl/apk
Title: APK Slot Winslot

Search URL Search Domain Scan URL

URL: https://www.gamblingcommission.gov.uk/
Title: UK Gambling Commission

Search URL Search Domain Scan URL

URL: https://www.mga.org.mt/
Title: Malta Gaming Authority

Search URL Search Domain Scan URL

URL: https://www.gra.gi/
Title: Gibraltar Regulatory Authority

Search URL Search Domain Scan URL

URL: https://www.curacao-egaming.com/
Title: Curacao eGaming

Search URL Search Domain Scan URL

URL: https://www.gov.im/categories/business-and-industries/gambling-and-e-gaming/
Title: Isle of Man Gambling Supervision Commission

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/
Title: slot gacor gampang wd

Search URL Search Domain Scan URL

URL: https://jari.gg/wp-content/uploads/2023/11/Situs-Slot-Gacor-Online-Nexus-UG-Gaming.webp

Search URL Search Domain Scan URL

URL: https://ke.baby/rtp
Title: live RTP

Search URL Search Domain Scan URL

URL: https://s3-ap-southeast-1.amazonaws.com/apkstore888.net/WinSlot/winslot.apk
Title: APK gratis

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/sports
Title: Bola Online

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/casino
Title: Casino Online

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/lottery
Title: Togel Online

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/cockfight
Title: Sabung Ayam SV388

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/e-games
Title: E-Games

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/register
Title: Daftar sekarang

Search URL Search Domain Scan URL

URL: https://www.coffeegearx.com/promotion
Title: Lihat semua promosi

Search URL Search Domain Scan URL

URL: https://si.baby/
Title: https://si.baby/

Search URL Search Domain Scan URL

URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12302118&group=7
Title: livechat Winslot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://amp.observer/WINSLOT.webp HTTP 301
https://www.amp.observer/WINSLOT.webp

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.amp.observer/ 97 KB
19 KB 427ms
158ms Document
text/html 162.0.215.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amp.observer/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium181-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 26d28980b033f2e75899fbf1308a326dc833a42155f8dac552f559666e0bdcf6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 19660
content-type: text/html
date: Sat, 18 Nov 2023 17:48:25 GMT
last-modified: Sat, 18 Nov 2023 10:40:57 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 415ms
35ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.amp.observer
URL: https://www.amp.observer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 17:48:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73200
x-xss-protection: 0
server: sffe
etag: "b209cac081bc437c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 18 Nov 2023 17:48:25 GMT

GET
H2

200

WINSLOT.webp
www.amp.observer/
Redirect Chain

https://amp.observer/WINSLOT.webp
https://www.amp.observer/WINSLOT.webp

7 KB
7 KB

77ms
76ms

Image
image/webp

162.0.215.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amp.observer/WINSLOT.webp
Requested by: Host: www.amp.observer
URL: https://www.amp.observer/
Protocol: H2
Server: 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium181-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a801ee9f1fa0648fa2a6567ce382f9794c7b5d43bfaf831d0cb8fa84071f3bb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:48:25 GMT
last-modified: Thu, 19 Oct 2023 17:48:17 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7236
expires: Sat, 25 Nov 2023 17:48:25 GMT

Redirect headers

location: https://www.amp.observer/WINSLOT.webp
date: Sat, 18 Nov 2023 17:48:25 GMT
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2 200 rZFr8j7wvr4TbIjsMBKYQjwCgw4ezHSUUSEbQ1tv.webp
files.sitestatic.net/mkt_banner_en/ 510 KB
511 KB 1057ms
1057ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/mkt_banner_en/rZFr8j7wvr4TbIjsMBKYQjwCgw4ezHSUUSEbQ1tv.webp
Requested by: Host: www.amp.observer
URL: https://www.amp.observer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8cc7e3009f70fd8a2511bbfffcb433fd8c829ae1d49ee997ea46eafaa740f94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:48:26 GMT
x-amz-version-id: .3h8d04SG30xhVjL5oSnlQYl0nYWleFV
cf-cache-status: MISS
x-amz-request-id: 43V311SZQR0QHY7B
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 522524
x-amz-id-2: AFNWgf3CM8s9RDdzIAzWZrcp5AnGy8tF971P7qxHRsjiEVqaksMHsWYavhRTK9/UXfi3mq/Z0AQ=
last-modified: Thu, 26 Oct 2023 05:49:46 GMT
server: cloudflare
etag: "155f42a544028e0069e5d9f65001a380"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82820b52bdf7c436-EWR
expires: Sun, 17 Nov 2024 17:48:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
887 B 384ms
40ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Prompt

Requested by

Host: www.amp.observer
URL: https://www.amp.observer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

78aff086dfc604c6ce97a2765d38541569757f5a8f4b7d8885a4229a924b49f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 17:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 17:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 17:48:25 GMT

GET
H2 200 Situs-Slot-Gacor-Online-Nexus-UG-Gaming.webp
jari.gg/wp-content/uploads/2023/11/ 48 KB
49 KB 330ms
155ms Image
image/webp 66.29.153.26
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jari.gg/wp-content/uploads/2023/11/Situs-Slot-Gacor-Online-Nexus-UG-Gaming.webp
Requested by: Host: www.amp.observer
URL: https://www.amp.observer/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.153.26 Charlotte, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium303-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 21083ca95e2889b187be7ac70915ab532a0b40d9991a7d8d8812b929b358118c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:48:25 GMT
last-modified: Thu, 16 Nov 2023 11:37:23 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 49564
expires: Sat, 25 Nov 2023 17:48:25 GMT

GET
H2 200 YWAjpA96RYsezgM6tm2BBfQbKdfmIHunwmcEa9A0.webp
files.sitestatic.net/ImageFile/ 5 KB
5 KB 40ms
14ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/ImageFile/YWAjpA96RYsezgM6tm2BBfQbKdfmIHunwmcEa9A0.webp
Requested by: Host: www.amp.observer
URL: https://www.amp.observer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0370a454b77410f206968cb541c5aa203ae499eacc23e8102f6ee87ec258146

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:48:25 GMT
x-amz-version-id: _YHuP9q8fwA4r8EFaafQeQMXM9TowlbW
cf-cache-status: HIT
x-amz-request-id: NH4F3947NA2ATDHW
age: 580936
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 4958
x-amz-id-2: FAXL//t7aZXicradxaFJwsPl6f/rt1qS4CP0NB/RmxMDzE9JQhynjnX9b7eVekZ5aC8dRKxxnDc=
last-modified: Sat, 28 Oct 2023 09:02:11 GMT
server: cloudflare
etag: "f617fc96b02208d7a3e0fffaf2e5f466"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82820b52ade7c436-EWR
expires: Sun, 17 Nov 2024 17:48:25 GMT

GET
H2 200 tampilan%20resmi%20winslot%20mobile.webp
zxc.onl/ 82 KB
82 KB 318ms
144ms Image
image/webp 162.254.39.134
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zxc.onl/tampilan%20resmi%20winslot%20mobile.webp
Requested by: Host: www.amp.observer
URL: https://www.amp.observer/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.254.39.134 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium287-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 257a351620b501c054aadc981d968ae54813768f86da7a9a356d236698809b34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.amp.observer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:48:25 GMT
last-modified: Sat, 04 Nov 2023 06:09:53 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 83600
expires: Sat, 25 Nov 2023 17:48:25 GMT

GET
H2 200 -W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 358ms
5ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNod.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prompt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amp.observer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 04:01:18 GMT
x-content-type-options: nosniff
age: 49628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17640
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 04:01:18 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0cbc2712b49ccc1fe3eaae4c5587bbd514012a2acfefd96a970f81351c00f26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 8 KB
3 KB 356ms
17ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amp.observer/
Origin: https://www.amp.observer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Nov 2023 20:51:34 GMT
age: 248212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "ebb1be4e47c7faed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 14 Nov 2024 20:51:34 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 12 KB
5 KB 337ms
13ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amp.observer/
Origin: https://www.amp.observer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Nov 2023 20:45:17 GMT
age: 248589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "3c281510b2fc8bce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 14 Nov 2024 20:45:17 GMT

GET
H2 200 -W__XJnvUD7dzB2KdNodVkI.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 4ms
4ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KdNodVkI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prompt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amp.observer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:37:34 GMT
x-content-type-options: nosniff
age: 331852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13024
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:37:34 GMT

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 65 KB
19 KB 12ms
12ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

7f3a16764191ea154ded3fcd932d98c4c947333ca0c290681c42a82fd99daa0d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amp.observer/
Origin: https://www.amp.observer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Nov 2023 20:55:53 GMT
age: 247953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19047
x-xss-protection: 0
server: sffe
etag: "b89252b8207cc964"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 14 Nov 2024 20:55:53 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.observer
cdn.ampproject.org
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
jari.gg
www.amp.observer
zxc.onl
142.250.81.227
154.83.2.16
162.0.215.8
162.254.39.134
172.217.13.202
172.217.13.97
66.29.153.26
21083ca95e2889b187be7ac70915ab532a0b40d9991a7d8d8812b929b358118c
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
257a351620b501c054aadc981d968ae54813768f86da7a9a356d236698809b34
26d28980b033f2e75899fbf1308a326dc833a42155f8dac552f559666e0bdcf6
78aff086dfc604c6ce97a2765d38541569757f5a8f4b7d8885a4229a924b49f6
7f3a16764191ea154ded3fcd932d98c4c947333ca0c290681c42a82fd99daa0d
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
a801ee9f1fa0648fa2a6567ce382f9794c7b5d43bfaf831d0cb8fa84071f3bb5
b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
c0cbc2712b49ccc1fe3eaae4c5587bbd514012a2acfefd96a970f81351c00f26
c8cc7e3009f70fd8a2511bbfffcb433fd8c829ae1d49ee997ea46eafaa740f94
e0370a454b77410f206968cb541c5aa203ae499eacc23e8102f6ee87ec258146
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

www.amp.observer Open in urlscan Pro 162.0.215.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

804 kBTransfer

1143 kBSize

0 Cookies

22 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Indicators

www.amp.observer Open in urlscan Pro
162.0.215.8 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

804 kB
Transfer

1143 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions