pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev Open in urlscan Pro
2a06:98c1:58::eb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html
Submission Tags: @phish_report
Submission: On September 28 via api (September 28th 2024, 1:24:21 pm UTC) from FI — Scanned from FI

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:58::eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.

This is the only time pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:58::eb 2a06:98c1:58::eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:480... 2a02:26f0:480:587::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.21.235.70 104.21.235.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
19	7

2 2a06:98c1:58::eb (United States)

ASN13335 (CLOUDFLARENET, US)

pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:587::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.70 (None, )

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3161	6 MB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 476	130 KB
2	r2.dev pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev	47 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	508 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	2 KB
1	iili.io iili.io — Cisco Umbrella Rank: 44520	2 KB
19	6

	Domain	Requested by
8	res.cloudinary.com	pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
6	cdn.ampproject.org	pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev cdn.ampproject.org
2	pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev	pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
1	www.google-analytics.com
1	www.googletagmanager.com	cdn.ampproject.org
1	iili.io	pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
19	6

This site contains links to these domains. Also see Links.

Domain
rebrand.ly

Subject Issuer	Validity	Valid
*.r2.dev E6	`2024-08-01` - `2024-10-30`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
iili.io WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html
Frame ID: E69089AC3E7B4C374B7BF8E7A5E2E568
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Link Daftar Situs Judi Slot Online Super Gacor Hari Ini

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

6598 kB
Transfer

6936 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://rebrand.ly/panikpanik/
Title: Kunjungi Website

Search URL Search Domain Scan URL

URL: https://rebrand.ly/njir-yang-punya-datang-aowkaowk
Title: DAFTAR

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/ 42 KB
43 KB 386ms
299ms Document
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b4d818f8d22dfda18d1d1a136606220a48f29b09ce888446cce888a89232c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Accept-Ranges: bytes
CF-RAY: 8ca40d7838b38d89-HEL
Connection: keep-alive
Content-Length: 43488
Content-Type: text/html
Date: Sat, 28 Sep 2024 13:24:15 GMT
ETag: "df9bd016b45c2be28fda4f7214c22d35"
Last-Modified: Wed, 18 Sep 2024 05:56:42 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 315ms
87ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61d174097336fe4ae354619a7f2f8ec2686e04a03da5fcc23bf5bba148d24c4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

content-encoding: br
etag: "93c67aab27c18e47"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 13:24:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 32166
x-xss-protection: 0
server: sffe

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 386ms
159ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7d76aeef0cb64e19a31483f7f6153456b8180c55ee12ad380fcbaca99e07e71

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

content-encoding: br
etag: "5846ec59b3b09ded"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 13:24:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73183
x-xss-protection: 0
server: sffe

GET
H2 200 2880630_launwq.jpg
res.cloudinary.com/drcrew11o/image/upload/v1700310028/ 4 MB
4 MB 581ms
393ms Image
image/jpeg 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/drcrew11o/image/upload/v1700310028/2880630_launwq.jpg

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

b22f9be5291f55fc557b44c9ce266924d6b12aee1c9b5b7b6a642f16944894c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
timing-allow-origin: *
etag: "3ba0f84a7bbde4693a442c211fa4289a"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=331;cpu=31;start=2024-09-28T13:24:15.274Z;desc=miss,rtt;dur=58,content-info;desc="width=3000,height=2000,bytes=3859957,o=1",cloudinary;dur=213;start=2024-09-28T13:24:15.346Z
content-length: 3859957
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/jpeg
last-modified: Sat, 18 Nov 2023 12:20:30 GMT
server: Cloudinary

GET
H2 200 DOASLOT_j4wd6r.png
res.cloudinary.com/drcrew11o/image/upload/v1700298710/ 43 KB
44 KB 417ms
230ms Image
image/png 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/drcrew11o/image/upload/v1700298710/DOASLOT_j4wd6r.png

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

5edffd8f5fcd80463a1f20e2f2a539db08e09089bf00b1d8e865afddda37d66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
timing-allow-origin: *
etag: "1738b3f15d26e019b15565d8988b880d"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=168;cpu=20;start=2024-09-28T13:24:15.275Z;desc=miss,rtt;dur=58,content-info;desc="width=842,height=112,bytes=44326,o=1",cloudinary;dur=60;start=2024-09-28T13:24:15.338Z
content-length: 44326
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/png
last-modified: Sat, 18 Nov 2023 09:11:51 GMT
server: Cloudinary

GET
H/1.1 404
Not Found test.php
pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/ 4 KB
4 KB 301ms
301ms Image
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/test.php
Requested by: Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c8d14c48c571b949704a3305afaa5bb378f718137fbb787acda94af7f28182

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Response headers

CF-RAY: 8ca40d7a3a4e8d89-HEL
Content-Length: 27150
Date: Sat, 28 Sep 2024 13:24:15 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H2 404 favicon_vgj6sy.png
res.cloudinary.com/drcrew11o/image/upload/v1700304799/ 0
519 B 362ms
359ms Image
image/gif 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/drcrew11o/image/upload/v1700304799/favicon_vgj6sy.png

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

strict-transport-security: max-age=604800
x-request-id: f7aa6d3e0a24a7d78d0813d75b4d0416
cache-control: private, no-transform, max-age=0, no-cache
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error
timing-allow-origin: *
content-transfer-encoding: binary
accept-ranges: bytes
x-cld-error: Resource not found - favicon_vgj6sy
access-control-allow-origin: *
content-length: 0
server-timing: cld-akam;dur=276;cpu=41;start=2024-09-28T13:24:15.594Z;desc=miss,rtt;dur=58,cloudinary;dur=143;start=2024-09-28T13:24:15.673Z,cld-id;desc=f7aa6d3e0a24a7d78d0813d75b4d0416,cld-error;desc="Resource not found - favicon_vgj6sy"
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/gif
content-disposition: inline
server: Cloudinary

GET
H2 200 h0tayzonxhmbncnvj8no
res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/ 212 B
693 B 266ms
264ms Image
image/svg+xml 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/h0tayzonxhmbncnvj8no

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e55963000384c7c8d349e5a525299dc04a24feaad406980ac6ab46fa7879a2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
content-encoding: br
etag: W/"77e2d5610a19cf6eccacb9993a723852"
x-content-type-options: nosniff
server-timing: cld-akam;dur=104;start=2024-09-28T13:24:15.595Z;desc=miss,rtt;dur=58,content-info;desc="width=12,height=12,bytes=212,owidth=12,oheight=12,obytes=212",cloudinary;dur=73;start=2024-09-25T16:11:12.753Z
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="h0tayzonxhmbncnvj8no"
vary: Accept-Encoding
last-modified: Thu, 28 Sep 2023 09:05:34 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 139
server: Cloudinary

GET
H2 200 ltwjfkkgzkxnyrdfca4f
res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/ 402 B
767 B 266ms
265ms Image
image/svg+xml 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/ltwjfkkgzkxnyrdfca4f

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

33881c99467dd89ce775fa5af0b9d59a03c464d3170336626bd1bb0b97e844a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
content-encoding: br
etag: W/"e169504969c6fd2555ceb77c877ddc38"
x-content-type-options: nosniff
server-timing: cld-akam;dur=74;start=2024-09-28T13:24:15.594Z;desc=hit-near,rtt;dur=58,content-info;desc="width=12,height=12,bytes=402,owidth=12,oheight=12,obytes=402"
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="ltwjfkkgzkxnyrdfca4f"
vary: Accept-Encoding
last-modified: Thu, 28 Sep 2023 08:59:35 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 245
server: Cloudinary

GET
H2 200 39_hforbe.png
res.cloudinary.com/drcrew11o/image/upload/v1700313066/ 3 MB
3 MB 386ms
384ms Image
image/png 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/drcrew11o/image/upload/v1700313066/39_hforbe.png

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

c7fad10267fe50941cb94c7f9af192544b2833596936b240ae99e6940127cc98

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
timing-allow-origin: *
etag: "36c9138c95a60d252c219f119e7bd465"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=308;cpu=48;start=2024-09-28T13:24:15.595Z;desc=miss,rtt;dur=58,content-info;desc="width=3122,height=2656,bytes=2657139,o=1",cloudinary;dur=172;start=2024-09-28T13:24:15.674Z
content-length: 2657139
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/png
last-modified: Sat, 18 Nov 2023 13:11:07 GMT
server: Cloudinary

GET
H3 404 JFKii0v.png
iili.io/ 1 KB
2 KB 298ms
206ms Image
image/png 104.21.235.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/JFKii0v.png
Requested by: Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660e44d82a30fac925b2eba040c51dccbd7ea73bf81af8e30f73a84e8d8a6dff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8R%2BMx4lj0%2FxHrKAM3G1bBAF01yUU2rioX0YLSSgfyCp2UJ9RZYEsRC1Gh6Xi2V%2FvWp0evKRRz%2F24f48onG8IucJvGxJnkAO31J8x7g3pSyOf%2ByL2nCjFviQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ca40d7e1bc45b15-VIE
content-length: 1142
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 itu4u63m418sv1dz1plc
res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/ 2 KB
2 KB 265ms
264ms Image
image/svg+xml 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/itu4u63m418sv1dz1plc

Requested by

Host: pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

8ebd5b5c475630a77109a654abebe9eb86cc1829c7d4c77bf34f2a049652f08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
content-encoding: br
etag: W/"9dc133b4e3cff3ce458e5045bbae9542"
x-content-type-options: nosniff
server-timing: cld-akam;dur=30;start=2024-09-28T13:24:15.594Z;desc=miss,rtt;dur=58,content-info;desc="width=12,height=12,bytes=2205,owidth=12,oheight=12,obytes=2205",cloudinary;dur=90;start=2024-09-09T14:50:22.462Z
date: Sat, 28 Sep 2024 13:24:15 GMT
content-type: image/svg+xml
content-disposition: attachment; filename="itu4u63m418sv1dz1plc"
vary: Accept-Encoding
last-modified: Thu, 28 Sep 2023 09:21:05 GMT
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1052
server: Cloudinary

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 8 KB
3 KB 200ms
69ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

1cf473f2f11676b2657c90fe8f2e6068e44c80a88674a25dd581c1ab7eaaee48

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

content-encoding: br
etag: "d9cc2a27db9b3ac9"
age: 240509
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 18:35:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 18:35:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2975
x-xss-protection: 0
server: sffe

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 12 KB
4 KB 188ms
66ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

b51317cfc1ccef120163b29cbd142cea97884cca9d72934c1ded052f3ced0c28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

content-encoding: br
etag: "f441db9793c71801"
age: 233450
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 20:33:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 20:33:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3937
x-xss-protection: 0
server: sffe

GET
H3 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 65 KB
19 KB 66ms
65ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

7676973a2fe9a239f94fc0a670be3cc66c8798732d717dffd76f4e94d6b8f4d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

content-encoding: br
etag: "378b048c994ed7e8"
age: 220130
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 00:15:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 00:15:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 19050
x-xss-protection: 0
server: sffe

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012409061044000/v0/analytics-vendors/ 3 KB
956 B 66ms
66ms Fetch
application/json 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Accept: application/json
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

content-encoding: br
etag: "cba43d5a7f9213e0"
age: 405862
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 23 Sep 2025 20:39:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Sep 2024 20:39:54 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 926
x-xss-protection: 0
server: sffe

GET
H2 404 favicon_vgj6sy.png
res.cloudinary.com/drcrew11o/image/upload/v1700304799/ 0
402 B 65ms
65ms Other
image/gif 2a02:26f0:480:587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/drcrew11o/image/upload/v1700304799/favicon_vgj6sy.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

strict-transport-security: max-age=604800
x-request-id: f7aa6d3e0a24a7d78d0813d75b4d0416
cache-control: private, no-transform, max-age=0, no-cache
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error
timing-allow-origin: *
content-transfer-encoding: binary
accept-ranges: bytes
x-cld-error: Resource not found - favicon_vgj6sy
access-control-allow-origin: *
content-length: 0
server-timing: cld-akam;dur=4;start=2024-09-28T13:24:16.857Z;desc=hit,rtt;dur=58
date: Sat, 28 Sep 2024 13:24:16 GMT
content-type: image/gif
content-disposition: inline
server: Cloudinary

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 2 KB
2 KB 230ms
78ms Fetch
application/json 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fpub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46e35a09fdb8dcee75c6136cdd496f263acc579cd1b1e51f60b7d01a6c9e4717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Accept: application/json
Content-Type: text/plain;charset=utf-8

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:822:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 13:24:17 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="amp.json"
vary: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:822:0
amp-access-control-allow-source-origin: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
access-control-allow-origin: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 761
x-xss-protection: 0
server: Google Tag Manager

GET
H2 204 collect
www.google-analytics.com/g/ 0
508 B 241ms
85ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ETS4M10EV0&cid=amp-MTc0owmN9KC1kq9Wk0XHIQ&ul=fi-fi&sr=1600x1200&sid=1727529857&sct=1&seg=1&dl=https%3A%2F%2Fpub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev%2Findex.html&dr=&dt=Link%20Daftar%20Situs%20Judi%20Slot%20Online%20Super%20Gacor%20Hari%20Ini&en=page_view&_ee=1&_s=1&_et=1000&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&_fv=1&_p=1235740054&_ss=1&dma=0&gtm=45De1110&npa=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 13:24:17 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/	1970-01-21 08:37:45	Name: _ga Value: amp-MTc0owmN9KC1kq9Wk0XHIQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev/test.php Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://iili.io/JFKii0v.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://res.cloudinary.com/drcrew11o/image/upload/v1700304799/favicon_vgj6sy.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://res.cloudinary.com/drcrew11o/image/upload/v1700304799/favicon_vgj6sy.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
iili.io
pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev
res.cloudinary.com
www.google-analytics.com
www.googletagmanager.com
104.21.235.70
172.217.18.1
2a00:1450:4001:80b::2001
2a00:1450:4001:813::200e
2a00:1450:4001:828::2008
2a02:26f0:480:587::523
2a06:98c1:58::eb
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
17b4d818f8d22dfda18d1d1a136606220a48f29b09ce888446cce888a89232c6
1cf473f2f11676b2657c90fe8f2e6068e44c80a88674a25dd581c1ab7eaaee48
33881c99467dd89ce775fa5af0b9d59a03c464d3170336626bd1bb0b97e844a1
46e35a09fdb8dcee75c6136cdd496f263acc579cd1b1e51f60b7d01a6c9e4717
5edffd8f5fcd80463a1f20e2f2a539db08e09089bf00b1d8e865afddda37d66e
660e44d82a30fac925b2eba040c51dccbd7ea73bf81af8e30f73a84e8d8a6dff
7676973a2fe9a239f94fc0a670be3cc66c8798732d717dffd76f4e94d6b8f4d2
8ebd5b5c475630a77109a654abebe9eb86cc1829c7d4c77bf34f2a049652f08e
92c8d14c48c571b949704a3305afaa5bb378f718137fbb787acda94af7f28182
b22f9be5291f55fc557b44c9ce266924d6b12aee1c9b5b7b6a642f16944894c7
b51317cfc1ccef120163b29cbd142cea97884cca9d72934c1ded052f3ced0c28
c7fad10267fe50941cb94c7f9af192544b2833596936b240ae99e6940127cc98
d61d174097336fe4ae354619a7f2f8ec2686e04a03da5fcc23bf5bba148d24c4
d7d76aeef0cb64e19a31483f7f6153456b8180c55ee12ad380fcbaca99e07e71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55963000384c7c8d349e5a525299dc04a24feaad406980ac6ab46fa7879a2e7

pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev Open in urlscan Pro 2a06:98c1:58::eb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

71 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

6598 kBTransfer

6936 kBSize

1 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

pub-c456233b2a2c4ccd80c57efdda5a831c.r2.dev Open in urlscan Pro
2a06:98c1:58::eb Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

6598 kB
Transfer

6936 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions