pub-0f70b4571ec54affb7794e6227388937.r2.dev Open in urlscan Pro
172.66.0.235 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html
Submission Tags: @phish_report
Submission: On October 17 via api (October 17th 2024, 8:20:20 am UTC) from FI — Scanned from FI

Summary HTTP 30 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 30 HTTP transactions. The main IP is 172.66.0.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-0f70b4571ec54affb7794e6227388937.r2.dev.
TLS certificate: Issued by E5 on September 29th 2024. Valid for: 3 months.

This is the only time pub-0f70b4571ec54affb7794e6227388937.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.66.0.235 172.66.0.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
30	3

2 172.66.0.235 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-0f70b4571ec54affb7794e6227388937.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	97 KB
2	r2.dev pub-0f70b4571ec54affb7794e6227388937.r2.dev	795 KB
0	pages.dev Failed ampmsg.pages.dev Failed
0	cintasatumalam.xyz Failed cintasatumalam.xyz Failed
30	4

	Domain	Requested by
7	cdn.ampproject.org	pub-0f70b4571ec54affb7794e6227388937.r2.dev cdn.ampproject.org
2	pub-0f70b4571ec54affb7794e6227388937.r2.dev	pub-0f70b4571ec54affb7794e6227388937.r2.dev
0	ampmsg.pages.dev Failed	pub-0f70b4571ec54affb7794e6227388937.r2.dev
0	cintasatumalam.xyz Failed	pub-0f70b4571ec54affb7794e6227388937.r2.dev
30	4

This site contains links to these domains. Also see Links.

Domain
iknbet77.shop

Subject Issuer	Validity	Valid
*.r2.dev E5	`2024-09-29` - `2024-12-28`	3 months	crt.sh
misc-sni.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html
Frame ID: 8A0D0B3D92AC28EA0409DE2149ED420D
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAWARTOTO Link Alternatif Login Resmi Mawartoto Terpercaya 2024

Page Statistics

30
Requests

30 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

893 kB
Transfer

1121 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://iknbet77.shop/mobile/register
Title: Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request mawartoto.html Show response
pub-0f70b4571ec54affb7794e6227388937.r2.dev/ 33 KB
33 KB 2000ms
849ms Document
text/html 172.66.0.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a2750783088b8131eb26a40534abb5efe4d3dae8aee5678c2b1adb83e224d4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 8d3eddb31c428d5b-HEL
Connection: keep-alive
Content-Length: 33355
Content-Type: text/html
Date: Thu, 17 Oct 2024 08:19:51 GMT
ETag: "9b53634c9ec628f53c99c608182f0812"
Last-Modified: Wed, 16 Oct 2024 07:52:36 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
63 KB 2342ms
976ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: pub-0f70b4571ec54affb7794e6227388937.r2.dev
URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

02e24233f98325c543777e1bbc6305c453fddd2041ea8f9dad1518210b1cefb6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "6e924bb5250c48d2"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 08:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:19:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 63507
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 2554ms
1188ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs

Requested by

Host: pub-0f70b4571ec54affb7794e6227388937.r2.dev
URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

4b84e140c08d4ec214ab958ea54e71835baa5950b5d73eb8afea0cc4621bf7ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "6f3c8b49ce12b6db"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 08:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:19:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10082
x-xss-protection: 0
server: sffe

GET
H2 200 amp-install-serviceworker-0.1.mjs Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 2487ms
1122ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs

Requested by

Host: pub-0f70b4571ec54affb7794e6227388937.r2.dev
URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

501574941b48ce80543db2b531397f5fba1ded2c41181b53557fd402681990fd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "63bd50a7482e015e"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 08:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:19:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2372
x-xss-protection: 0
server: sffe

GET
H2 200 amp-youtube-0.1.mjs Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 2488ms
1123ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs

Requested by

Host: pub-0f70b4571ec54affb7794e6227388937.r2.dev
URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

4f11e546517d6f7e5a0a43683f92305896554dadde355fd8e59b92fe00275e0d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "3b230bdd20df4c6b"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 08:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:19:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10321
x-xss-protection: 0
server: sffe

GET
H2 200 amp-accordion-0.1.mjs Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 2495ms
1130ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs

Requested by

Host: pub-0f70b4571ec54affb7794e6227388937.r2.dev
URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

fc10eea35cdc2c70b1a4f93aa889d28966698421cafb3c6e94fc78a8f773d093

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "a5521d991244195e"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 08:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:19:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 4849
x-xss-protection: 0
server: sffe

GET bg.png
cintasatumalam.xyz/image/ 0
0

GET favicon1.webp
ampmsg.pages.dev/ 0
0

GET image_6.webp
ampmsg.pages.dev/ 0
0

GET image-1.webp
ampmsg.pages.dev/ 0
0

GET image-2.webp
ampmsg.pages.dev/ 0
0

GET images8.webp
ampmsg.pages.dev/ 0
0

GET image-3_9_11zon.webp
ampmsg.pages.dev/ 0
0

GET image-4.webp
ampmsg.pages.dev/ 0
0

GET image-5.webp
ampmsg.pages.dev/ 0
0

GET image-6.webp
ampmsg.pages.dev/ 0
0

GET image-7.webp
ampmsg.pages.dev/ 0
0

GET home_5.webp
ampmsg.pages.dev/ 0
0

GET phone-call.webp
ampmsg.pages.dev/ 0
0

GET chevron.webp
ampmsg.pages.dev/ 0
0

GET add-user.webp
ampmsg.pages.dev/ 0
0

GET qr-code.webp
ampmsg.pages.dev/ 0
0

GET 18-.webp
ampmsg.pages.dev/ 0
0

GET gli.png
cintasatumalam.xyz/image/ 0
0

GET gc.png
cintasatumalam.xyz/image/ 0
0

GET pagcor.png
cintasatumalam.xyz/image/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012410031633000/v0/ 7 KB
3 KB 5040ms
5038ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410031633000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

c0f9b867694dc2cee7b98838a3486dd37dec646094f13393a599e7239fc0194b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "1a676afab4580185"
age: 90027
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 07:19:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 07:19:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2820
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012410031633000/v0/ 12 KB
4 KB 5038ms
5038ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410031633000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

4fb99dd673f2a8113049108389a553dd9a73bb0dc706b39948e35d3ed6a077bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/

Response headers

content-encoding: br
etag: "434a38407ccd06b4"
age: 90027
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 07:19:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 07:19:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3916
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK MAWARTOTO.jpg
pub-0f70b4571ec54affb7794e6227388937.r2.dev/ 762 KB
763 KB 5034ms
5034ms Image
image/jpeg 172.66.0.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/MAWARTOTO.jpg
Requested by: Host: pub-0f70b4571ec54affb7794e6227388937.r2.dev
URL: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e37b926e739401b10030df31c6f54342d7c962e041ae12ae4538d9aebeaea4ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pub-0f70b4571ec54affb7794e6227388937.r2.dev/mawartoto.html

Response headers

ETag: "dccb238d55c64d12a5e5ce0196eb4fcc"
Connection: keep-alive
CF-RAY: 8d3eddcf3e0f8d5b-HEL
Accept-Ranges: bytes
Content-Length: 780611
Date: Thu, 17 Oct 2024 08:19:55 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 13 Oct 2024 02:00:49 GMT
Vary: Accept-Encoding
Server: cloudflare

GET favicon1.webp
ampmsg.pages.dev/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cintasatumalam.xyz
URL: https://cintasatumalam.xyz/image/bg.png

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/favicon1.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image_6.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-1.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-2.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/images8.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-3_9_11zon.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-4.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-5.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-6.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/image-7.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/home_5.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/phone-call.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/chevron.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/add-user.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/qr-code.webp

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/18-.webp

Domain: cintasatumalam.xyz
URL: https://cintasatumalam.xyz/image/gli.png

Domain: cintasatumalam.xyz
URL: https://cintasatumalam.xyz/image/gc.png

Domain: cintasatumalam.xyz
URL: https://cintasatumalam.xyz/image/pagcor.png

Domain: ampmsg.pages.dev
URL: https://ampmsg.pages.dev/favicon1.webp

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cintasatumalam.xyz/image/bg.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cintasatumalam.xyz/image/gc.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cintasatumalam.xyz/image/gli.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cintasatumalam.xyz/image/pagcor.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ampmsg.pages.dev/image-5.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/images8.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/phone-call.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image_6.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/chevron.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/qr-code.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/home_5.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image-4.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/add-user.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image-6.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image-3_9_11zon.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image-1.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image-7.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/favicon1.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/image-2.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ampmsg.pages.dev/18-.webp Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampmsg.pages.dev
cdn.ampproject.org
cintasatumalam.xyz
pub-0f70b4571ec54affb7794e6227388937.r2.dev
ampmsg.pages.dev
cintasatumalam.xyz
172.217.18.1
172.66.0.235
02e24233f98325c543777e1bbc6305c453fddd2041ea8f9dad1518210b1cefb6
0a2750783088b8131eb26a40534abb5efe4d3dae8aee5678c2b1adb83e224d4e
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
4b84e140c08d4ec214ab958ea54e71835baa5950b5d73eb8afea0cc4621bf7ca
4f11e546517d6f7e5a0a43683f92305896554dadde355fd8e59b92fe00275e0d
4fb99dd673f2a8113049108389a553dd9a73bb0dc706b39948e35d3ed6a077bf
501574941b48ce80543db2b531397f5fba1ded2c41181b53557fd402681990fd
c0f9b867694dc2cee7b98838a3486dd37dec646094f13393a599e7239fc0194b
e37b926e739401b10030df31c6f54342d7c962e041ae12ae4538d9aebeaea4ad
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
fc10eea35cdc2c70b1a4f93aa889d28966698421cafb3c6e94fc78a8f773d093

pub-0f70b4571ec54affb7794e6227388937.r2.dev Open in urlscan Pro 172.66.0.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

30 Requests

30 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

893 kBTransfer

1121 kBSize

0 Cookies

1 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

20 Console Messages

Indicators

pub-0f70b4571ec54affb7794e6227388937.r2.dev Open in urlscan Pro
172.66.0.235 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

30 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

893 kB
Transfer

1121 kB
Size

0
Cookies

30 HTTP transactions
2 data transactions