URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Submission Tags: @phish_report
Submission: On August 22 via api from FI — Scanned from FI

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 172.67.128.212, located in United States and belongs to CLOUDFLARENET, US. The main domain is tps4dmaxwin.xyz.
TLS certificate: Issued by WE1 on July 23rd 2024. Valid for: 3 months.
This is the only time tps4dmaxwin.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.128.212 13335 (CLOUDFLAR...)
3 142.250.186.161 15169 (GOOGLE)
2 2 172.67.179.121 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
5 172.67.131.111 13335 (CLOUDFLAR...)
12 5
Apex Domain
Subdomains
Transfer
5 domidollz.com
domidollz.com
23 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
80 KB
2 tps4dvip.site
tps4dvip.site
537 KB
2 pafilamsel.org
pafilamsel.org
1 KB
1 tps4dmaxwin.xyz
tps4dmaxwin.xyz
4 KB
0 imgnxb.com Failed
api2-maj.imgnxb.com Failed
12 6
Domain Requested by
5 domidollz.com tps4dmaxwin.xyz
3 cdn.ampproject.org tps4dmaxwin.xyz
cdn.ampproject.org
2 tps4dvip.site tps4dmaxwin.xyz
2 pafilamsel.org 2 redirects
1 tps4dmaxwin.xyz
0 api2-maj.imgnxb.com Failed
12 6

This site contains links to these domains. Also see Links.

Domain
es4q.short.gy
Subject Issuer Validity Valid
tps4dmaxwin.xyz
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
misc-sni.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
domidollz.com
WE1
2024-08-08 -
2024-11-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Frame ID: A46BB81246C0939A2F77239FB675F4CD
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

SLOT THAILAND ⚡️SITUS SLOT GACOR SERVER THAILAND TERPERCAYA HARI INI

Detected technologies

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

12
Requests

75 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

644 kB
Transfer

869 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://pafilamsel.org/images/logoweb.png HTTP 301
  • https://tps4dvip.site/images/logoweb.png
Request Chain 4
  • https://pafilamsel.org/images/upload-Slides-20240304184233.jpg HTTP 301
  • https://tps4dvip.site/images/upload-Slides-20240304184233.jpg

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tps4dmaxwin.xyz/index.php/
14 KB
4 KB
Document
General
Full URL
https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.128.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
7dbf5dede182e9c89db05f2bfd511b94e2ed24fd7fee6d220c773f41d5577f98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b73256af88b56b9-OSL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 13:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81RF7ifVR3ZDXxu4%2FxKsTNRtuj5z3rNxdZJJO5ic%2BlhFihX1zUt0rWDivF52JhrDSmYyuYWT%2FTbGOY7Uj52MLzSFEAZFBW8sitsDCnvJHov6wAdAzr8jWOg3YByKHyVpkro%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/
278 KB
72 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 22 Aug 2024 13:17:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73122
x-xss-protection
0
server
sffe
etag
"2af4af216080b72b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 22 Aug 2024 13:17:59 GMT
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
84 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ee4bdaaaaf1edb8a568034c04bfb120d2e607d1cca0185cc00047851950f1c9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
logoweb.png
tps4dvip.site/images/
Redirect Chain
  • https://pafilamsel.org/images/logoweb.png
  • https://tps4dvip.site/images/logoweb.png
98 KB
98 KB
Image
General
Full URL
https://tps4dvip.site/images/logoweb.png
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809c4a77f530eb883964213f539a8323df69566f4fdec9fb02a836eb3a37965b

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:02 GMT
cf-cache-status
MISS
last-modified
Tue, 27 Feb 2024 10:33:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Grz1ZcQWpAehg6bt5lT94kOiEdBnctW61%2BcoQBMgLxTmWg0V98YFy3pcJU%2BuEBA6Pbn0w%2F8EpxLOHV%2FwFS6ngLSDX6JiaRyq7Kv0Iqsuv3qCXhjssBy9kywM1Oh40yD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b73257bfbceb4f4-OSL
alt-svc
h3=":443"; ma=86400
content-length
100182

Redirect headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLODXzfLBcOaKR1Ik1zkyqsmDm89sleqxUzDy2%2FbzCb0RGBKlwOTNLBv5bY6nUBxZwjVZ9agagllgx2egtIrMvZNX0EzJAaL2LgLHADv1b5AH9esRgtT%2BSGgsJkDSiQb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://tps4dvip.site/images/logoweb.png
cache-control
max-age=14400
cf-ray
8b732576ad85712d-OSL
alt-svc
h3=":443"; ma=86400
upload-Slides-20240304184233.jpg
tps4dvip.site/images/
Redirect Chain
  • https://pafilamsel.org/images/upload-Slides-20240304184233.jpg
  • https://tps4dvip.site/images/upload-Slides-20240304184233.jpg
438 KB
439 KB
Image
General
Full URL
https://tps4dvip.site/images/upload-Slides-20240304184233.jpg
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a30170f5988e6b7d5f0916d18de33116a1b696da9980899cedf47629055706

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:02 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Mar 2024 11:42:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FsHLiXlSUREvHfs6lMCQf%2B4U2eo8QrWryjJcy09F35AM14rHXaiQEbuBnispaXMB3f2eCMmgMF1SJlwo5UIeF1F9owSUaPwqk%2F0x8KCBQ6D033Rh1Ft72AFdy0KKhx%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b73257bfbcab4f4-OSL
alt-svc
h3=":443"; ma=86400
content-length
448703

Redirect headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVM9r3cv%2BXGW89KbujuFEYqb6NCHb51F%2Beixp2fOf46YVwEiICCUnhX9Je38l0L4WoLht8pcueii1kLKoA5LAgkKiVR30%2Bf2c5b3Cb2537PgpidSvSldhLWW%2FBtiu0QsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://tps4dvip.site/images/upload-Slides-20240304184233.jpg
cache-control
max-age=14400
cf-ray
8b732576ad86712d-OSL
alt-svc
h3=":443"; ma=86400
icon-home.webp
domidollz.com/images/assets/cdn/
4 KB
4 KB
Image
General
Full URL
https://domidollz.com/images/assets/cdn/icon-home.webp
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.131.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95c2c2a702863d12eaf57124cf5ad4eee87f83c0f600c81569ddeccf26ccdf1

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 08:49:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSq2yuN314Oy%2B7PvF2xm9XIlcqZYTcnvuhClkAZCVHNnkS8dRpVI6o0yTMToEeVmzw%2FEBRooHUXKGp6mADBrzjcThr4XtrG1VJkL0cfJYgUpBLd2cHzfqIfmhQu0jL78"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8b7325769ed60b06-OSL
alt-svc
h3=":443"; ma=86400
content-length
3754
expires
Thu, 29 Aug 2024 13:18:01 GMT
icon-login.webp
domidollz.com/images/assets/cdn/
3 KB
3 KB
Image
General
Full URL
https://domidollz.com/images/assets/cdn/icon-login.webp
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.131.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e665c3662b154c8fa477cd32b69f836d9b38ec4b58243d124a13041ac9b19976

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 08:49:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Khd6R6BHLtTGkcFqzVADad4LEq3sBC0wni3vTglaUzv1nC397P2m2T3KDnc%2Baue2WuJUE1ieRbuWJcYY7UiQIlEAEfUaqEoyLJEd4J%2FO10u83oJFlQJQYap4dJeK7Tvm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8b7325769ed40b06-OSL
alt-svc
h3=":443"; ma=86400
content-length
3160
expires
Thu, 29 Aug 2024 13:18:01 GMT
icon-daftar.webp
domidollz.com/images/assets/cdn/
3 KB
4 KB
Image
General
Full URL
https://domidollz.com/images/assets/cdn/icon-daftar.webp
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.131.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d97185395eaccac332c9aa4194e71dc7a5501e7416d524f191ba97ba5c7702

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 08:49:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTgWPmDbHK7GKgiBz1%2FbBaOKvb3xTRDDmtu2jnn2OfmulYAvTIqJu7z4S8Bee%2Buxp0p2OkaCbKwuM7G5ksZWJBBBHo6ZRGP5hGGk5prwHK6Z93JilQW72U5uBxkb%2F1pd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8b7325769ed50b06-OSL
alt-svc
h3=":443"; ma=86400
content-length
3420
expires
Thu, 29 Aug 2024 13:18:01 GMT
icon-promo.webp
domidollz.com/images/assets/cdn/
4 KB
4 KB
Image
General
Full URL
https://domidollz.com/images/assets/cdn/icon-promo.webp
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.131.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be9f328e00e2106f45af7c24de30e536697382c15a1f7d8c6a775645216b050

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 08:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUWrNSZFbK6044l9jbyRJ6Sj0lS%2B1MMldGtjaQH75w8EDVmTOl02SoVXg6d6Sd54SX%2F3VgOTq8YH4FKzVl3kjNW1KkDwOyFlU89QeUHeektXnrbweyVcmsF0fb1WVqPk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8b7325769ed80b06-OSL
alt-svc
h3=":443"; ma=86400
content-length
3886
expires
Thu, 29 Aug 2024 13:18:01 GMT
icon-chat.webp
domidollz.com/images/assets/cdn/
7 KB
8 KB
Image
General
Full URL
https://domidollz.com/images/assets/cdn/icon-chat.webp
Requested by
Host: tps4dmaxwin.xyz
URL: https://tps4dmaxwin.xyz/index.php/?link=GRAHASPIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.131.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8763eec757f6dbaa65eae8f77ab33b5def2663cd2332288fde03e8f8ca1bc7d

Request headers

Referer
https://tps4dmaxwin.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 13:18:01 GMT
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 08:49:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMhpd0aqLYK76R08jewgYpBAP%2FxAzcmVyKQ0poaYHsoAcMBFNR0TXnrHG59OpoxVgdAJ%2FQ3T8M8Ar0lI3BnVvcGKE6fDwt49M8s2wSkTkp1iTzHrm38m2nkt%2BH2%2FGd9G"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8b7325769ed90b06-OSL
alt-svc
h3=":443"; ma=86400
content-length
7312
expires
Thu, 29 Aug 2024 13:18:01 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012406131415000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tps4dmaxwin.xyz/
Origin
https://tps4dmaxwin.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Aug 2024 15:06:09 GMT
age
166311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"3bb766b5672b9f2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Aug 2025 15:06:09 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012406131415000/v0/
12 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tps4dmaxwin.xyz/
Origin
https://tps4dmaxwin.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 15:28:06 GMT
age
424194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3935
x-xss-protection
0
server
sffe
etag
"db107aa2d6068f23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Aug 2025 15:28:06 GMT
favicon_fc0284f1-24dc-4488-9335-e8815b1e56f3_1717940322443.png
api2-maj.imgnxb.com/images/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api2-maj.imgnxb.com
URL
https://api2-maj.imgnxb.com/images/favicon_fc0284f1-24dc-4488-9335-e8815b1e56f3_1717940322443.png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies