66.29.141.245 Open in urlscan Pro
66.29.141.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dairproject.org/
Effective URL:
http://66.29.141.245/
Submission: On October 11 via api (October 11th 2022, 7:28:26 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 66.29.141.245, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 66.29.141.245.

This is the only time 66.29.141.245 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	66.29.141.245 66.29.141.245	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
7	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
14	3

5 66.29.141.245 (United States) 2 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: dairproject.org

dairproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
66.29.141.245	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	imgur.com i.imgur.com — Cisco Umbrella Rank: 4724	401 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 311	110 KB
2	dairproject.org 2 redirects dairproject.org	360 B
14	3

	Domain	Requested by
7	i.imgur.com	66.29.141.245
4	cdn.ampproject.org	66.29.141.245 cdn.ampproject.org
2	dairproject.org	2 redirects
14	3

This site contains links to these domains. Also see Links.

Domain
klik.fun
direct.lc.chat
wa.me
139.162.9.183
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://66.29.141.245/
Frame ID: 40BD61F3F61743CBBD3EBB3A4EFD4439
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

klik4a Agen Judi Online Terpercaya di Indonesia

Page URL History Show full URLs

http://dairproject.org/ HTTP 301
https://dairproject.org/ HTTP 301
http://66.29.141.245/ Page URL

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

14
Requests

79 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

883 kB
Transfer

1195 kB
Size

0
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://klik.fun/klik4alogin
Title: MASUK

Search URL Search Domain Scan URL

URL: https://klik.fun/klik4aregis
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/13161165/
Title: LIVECHAT

Search URL Search Domain Scan URL

URL: https://wa.me/639392623640
Title: +63 939 262 3640

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/mobile/poker
Title: poker online

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/mobile/casino
Title: judi live casino

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/mobile/arcade
Title: tembak ikan

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/mobile/slots
Title: slot online

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/mobile/sport
Title: judi bola online

Search URL Search Domain Scan URL

URL: https://www.facebook.com/klik4aofficial
Title: klik4a

Search URL Search Domain Scan URL

URL: https://www.instagram.com/klik4aofficial/
Title: klik4a

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/mobile/promotion
Title: promo bonus

Search URL Search Domain Scan URL

URL: https://139.162.9.183:9443/
Title: klik4a

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dairproject.org/ HTTP 301
https://dairproject.org/ HTTP 301
http://66.29.141.245/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
66.29.141.245/
Redirect Chain

http://dairproject.org/
https://dairproject.org/
http://66.29.141.245/

30 KB
10 KB

313ms
159ms

Document
text/html

66.29.141.245
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.141.245/
Protocol: HTTP/1.1
Server: 66.29.141.245 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: dairproject.org
Software: LiteSpeed /
Resource Hash: 0ec7104e29152032d25e27e3b4393988201cabe66490f09c75844c165ab733a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 10238
content-type: text/html
date: Tue, 11 Oct 2022 07:28:21 GMT
keep-alive: timeout=5, max=100
last-modified: Fri, 22 Apr 2022 10:50:25 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 707
content-type: text/html
date: Tue, 11 Oct 2022 07:28:20 GMT
location: http://66.29.141.245/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 276 KB
71 KB 101ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72501
x-xss-protection: 0
server: sffe
etag: "b0a9bc3cc165f0cd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Oct 2022 07:28:21 GMT

GET
H/1.1 200
OK BebasNeue-Regular.woff2
66.29.141.245/nc_assets/fonts/ 21 KB
22 KB 155ms
155ms Font
font/woff2 66.29.141.245
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.141.245/nc_assets/fonts/BebasNeue-Regular.woff2
Requested by: Host: 66.29.141.245
URL: http://66.29.141.245/
Protocol: HTTP/1.1
Server: 66.29.141.245 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: dairproject.org
Software: LiteSpeed /
Resource Hash: 395cb0944c3d0ada8beb178b9e9a9887e75f76302544abeaaf1f1ef4b3a0b19b

Request headers

Referer: http://66.29.141.245/
Origin: http://66.29.141.245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
last-modified: Thu, 15 Feb 2018 19:03:58 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 21760
expires: Tue, 18 Oct 2022 07:28:21 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 109 KB
32 KB 69ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31967
x-xss-protection: 0
server: sffe
etag: "dfda97fe2a1b5ffc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Oct 2022 07:28:21 GMT

GET
H/1.1 200
OK KLIK4A.png
66.29.141.245/img/ 340 KB
340 KB 302ms
156ms Image
image/png 66.29.141.245
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.141.245/img/KLIK4A.png
Requested by: Host: 66.29.141.245
URL: http://66.29.141.245/
Protocol: HTTP/1.1
Server: 66.29.141.245 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: dairproject.org
Software: LiteSpeed /
Resource Hash: 1416b7bc8029149caa6a75f4e4b0dd8190e6c7cac9d368f5c76eec485ba26043

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
last-modified: Sat, 16 Apr 2022 10:27:22 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 348020
expires: Tue, 18 Oct 2022 07:28:21 GMT

GET
H2 200 M3Q525G.png
i.imgur.com/ 559 B
720 B 51ms
25ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/M3Q525G.png

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3e156f8b9eb97e0ef7ff912ea475e7d5962fe425ce3c449a90301bc7b04a1d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 3630533
x-cache: HIT, HIT
content-length: 559
x-served-by: cache-iad-kiad7000130-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 07:52:18 GMT
server: cat factory 1.0
x-timer: S1665473301.286496,VS0,VE3
etag: "7804bddeca83abf2fb11153e7c113b93"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3763, 1

GET
H2 200 xOlvA4K.png
i.imgur.com/ 755 B
923 B 51ms
26ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xOlvA4K.png

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d28692fbb646296ee547c4b54169a3eafb5b621b360d2e804050803cfdfd5b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 346403
x-cache: HIT, HIT
content-length: 755
x-served-by: cache-iad-kjyo7100097-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 07:52:45 GMT
server: cat factory 1.0
x-timer: S1665473301.286474,VS0,VE4
etag: "cc3cdce0afb97b28ae8a91efa2399ab2"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 408, 1

GET
H2 200 ZZkmCLC.png
i.imgur.com/ 2 KB
2 KB 50ms
26ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZZkmCLC.png

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

113bb27774910ece8e6dfc810cbf9ea078abf9a273bee5e17f2349417ae8636a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2397243
x-cache: HIT, HIT
content-length: 1870
x-served-by: cache-iad-kcgs7200101-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 07:53:50 GMT
server: cat factory 1.0
x-timer: S1665473301.286639,VS0,VE3
etag: "fba896a25e5b9d5fe812141f7b61284a"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2675, 1

GET
H2 200 P02HhGw.jpg
i.imgur.com/ 141 KB
141 KB 33ms
9ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/P02HhGw.jpg

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a8e0988ecf070677976273ff7ae28adb2fc31f68f5a9bcdcf8628148347bfc25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 995831
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 143943
x-served-by: cache-iad-kjyo7100174-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 04:45:42 GMT
server: cat factory 1.0
x-timer: S1665473301.286582,VS0,VE1
etag: "e524c41a0a632329eb29863622ecce0a"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 qlAiwTA.png
i.imgur.com/ 135 KB
135 KB 49ms
25ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qlAiwTA.png

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8624cc6c3b3e3cd3f5e183e4f081919db604492b993c261ba7696ae6d76e77ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1200624
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 138133
x-served-by: cache-iad-kjyo7100062-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 03:30:31 GMT
server: cat factory 1.0
x-timer: S1665473301.286566,VS0,VE2
etag: "8055e5f55970e2b74271c0167efeef3e"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 101, 1

GET
H2 200 uqVDJ4R.png
i.imgur.com/ 79 KB
79 KB 50ms
26ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/uqVDJ4R.png

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0aad3933f7ef02521ea056b078715c200ca1ae7541537b8aee17f16472174502

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2920656
x-cache: HIT, HIT
content-length: 81186
x-served-by: cache-iad-kjyo7100064-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 03:30:30 GMT
server: cat factory 1.0
x-timer: S1665473301.286541,VS0,VE5
etag: "31ca7554249fdd59181d394d9ac2bd99"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 182, 1

GET
H2 200 DeUuF9j.png
i.imgur.com/ 41 KB
41 KB 35ms
11ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/DeUuF9j.png

Requested by

Host: 66.29.141.245
URL: http://66.29.141.245/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f2be1a976eccc26805a1da348b37ec3e2b7a721892ea9b1cfdc1b7f34ceaa72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.141.245/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 07:28:21 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 588328
x-cache: HIT, HIT
content-length: 41990
x-served-by: cache-iad-kiad7000136-IAD, cache-hhn4037-HHN
last-modified: Sun, 18 Jul 2021 03:44:32 GMT
server: cat factory 1.0
x-timer: S1665473301.286556,VS0,VE1
etag: "797b1823d181996675ef4944aa474d4a"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 42, 1

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012209142312000/v0/ 8 KB
3 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://66.29.141.245/
Origin: http://66.29.141.245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 08:06:08 GMT
age: 84133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2980
x-xss-protection: 0
server: sffe
etag: "ac16e77745c88a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 08:06:08 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012209142312000/v0/ 12 KB
4 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209142312000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://66.29.141.245/
Origin: http://66.29.141.245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 04:28:45 GMT
age: 97176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3844
x-xss-protection: 0
server: sffe
etag: "02cbbdb857ad171c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 04:28:45 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
dairproject.org
i.imgur.com
151.101.112.193
2a00:1450:4001:827::2001
66.29.141.245
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
0aad3933f7ef02521ea056b078715c200ca1ae7541537b8aee17f16472174502
0ec7104e29152032d25e27e3b4393988201cabe66490f09c75844c165ab733a4
113bb27774910ece8e6dfc810cbf9ea078abf9a273bee5e17f2349417ae8636a
1416b7bc8029149caa6a75f4e4b0dd8190e6c7cac9d368f5c76eec485ba26043
395cb0944c3d0ada8beb178b9e9a9887e75f76302544abeaaf1f1ef4b3a0b19b
3e156f8b9eb97e0ef7ff912ea475e7d5962fe425ce3c449a90301bc7b04a1d27
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
8624cc6c3b3e3cd3f5e183e4f081919db604492b993c261ba7696ae6d76e77ba
a8e0988ecf070677976273ff7ae28adb2fc31f68f5a9bcdcf8628148347bfc25
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
d28692fbb646296ee547c4b54169a3eafb5b621b360d2e804050803cfdfd5b98
f2be1a976eccc26805a1da348b37ec3e2b7a721892ea9b1cfdc1b7f34ceaa72a

66.29.141.245 Open in urlscan Pro 66.29.141.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

883 kBTransfer

1195 kBSize

0 Cookies

13 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

0 Cookies

Indicators

66.29.141.245 Open in urlscan Pro
66.29.141.245 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

883 kB
Transfer

1195 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions