pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Submission Tags: @phish_report
Submission: On August 05 via api (August 5th 2024, 7:14:53 am UTC) from FI — Scanned from FI

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.

This is the only time pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
6	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
2	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
19	7

4 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

resource.capalang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ibb.co i.ibb.co — Cisco Umbrella Rank: 9712	233 KB
4	imgur.com i.imgur.com — Cisco Umbrella Rank: 7108	30 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	91 KB
4	r2.dev pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev — Cisco Umbrella Rank: 449440	989 KB
1	capalang.com resource.capalang.com — Cisco Umbrella Rank: 492506
19	5

	Domain	Requested by
6	i.ibb.co	pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
4	i.imgur.com	pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
4	cdn.ampproject.org	pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev cdn.ampproject.org
3	pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev	pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
1	resource.capalang.com	pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
1	pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
19	6

This site contains links to these domains. Also see Links.

Domain
pariwisata.polimedia.ac.id
pub-8beec3c149f149c59b831e60a346ccc2.r2.dev
direct.lc.chat
secure.livechatenterprise.com

Subject Issuer	Validity	Valid
*.r2.dev E6	`2024-08-01` - `2024-10-30`	3 months	crt.sh
misc-sni.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
capalang.com WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
ibb.co R10	`2024-06-21` - `2024-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Frame ID: FF0CB0A2C8660A001F477F850F2F8608
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

188VEGAS ⚡ Situs Resmi Slot Gacor Paling Amanah 2024

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Lightbox (JavaScript Libraries) Expand

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

1342 kB
Transfer

2258 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pariwisata.polimedia.ac.id/

Search URL Search Domain Scan URL

URL: https://pub-8beec3c149f149c59b831e60a346ccc2.r2.dev/direct.html
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/18205746/
Title: Live Chat 188VEGAS

Search URL Search Domain Scan URL

URL: https://secure.livechatenterprise.com/licence/12186300/v2/open_chat.cgi
Title: Chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request vgg.php Show response
pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/ 34 KB
34 KB 360ms
277ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d030195e8d771fb65a14a16b74ea9235d0c3df20342179a0641d4d631116bc2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 8ae4fe013f3c8d53-HEL
Connection: keep-alive
Content-Length: 34443
Date: Mon, 05 Aug 2024 07:14:46 GMT
ETag: "8e9e3d6e2233949db472b62e8e2ad6ee"
Last-Modified: Sun, 04 Aug 2024 12:45:59 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 278ms
70ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 05 Aug 2024 07:14:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11527
x-xss-protection: 0
server: sffe
etag: "aef697926ee2e511"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 05 Aug 2024 07:14:47 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 293ms
85ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 05 Aug 2024 07:14:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 05 Aug 2024 07:14:47 GMT

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 149c24cdcf48c170ed852b9fb47ffcdd920cbb886a505c1f2c42de3c94f30787

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d07509efcaa8be4a87f5405e7750e4df6d16949b293dd756abdcbaadda8bc58

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f34db2efe365697cc7ba82c9982a0aeabd53eaf165d591981443d40ec7f8ab59

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK 188VEGASSS.png
pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev/ 80 KB
81 KB 1912ms
1823ms Image
image/png 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev/188VEGASSS.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e8329e7e7da1b6b1e4cb20e2d4679d635c7c914fd3dae2bce4e1d97fb7a579

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 05 Aug 2024 07:14:49 GMT
Last-Modified: Mon, 08 Jul 2024 18:57:26 GMT
Server: cloudflare
ETag: "007c0ecc9f00b504833ce339bf85f412"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8ae4fe06f9ea8d68-HEL
Content-Length: 82282

GET
H3 200 slideshow_20240614123726967.png
resource.capalang.com/images/public/cpwl/slideshow/WL188VEGAS/GENERAL/ 675 KB
0 718ms
633ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resource.capalang.com/images/public/cpwl/slideshow/WL188VEGAS/GENERAL/slideshow_20240614123726967.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:48 GMT
cf-cache-status: BYPASS
last-modified: Thu, 13 Jun 2024 16:37:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5cTXcIQT1pim5L9mhFlv7T9BdqdgAiUo1w9G%2Bq2YX2rswbKDM2YJHKP%2BcXNAYxyIPFzybb29RoriiGnD1c3yilkQ3T32dXSUBcbt6zXPMDtewSSMO2uS9f0%2FMjjkgeveWWggKymzBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1728000
accept-ranges: bytes
cf-ray: 8ae4fe071c5dc042-WAW
alt-svc: h3=":443"; ma=86400
content-length: 1184595

GET
H/1.1 200
OK tab-3.png
pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev/ 19 KB
19 KB 980ms
893ms Image
image/png 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev/tab-3.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e838bae91a2246135d1523ea0f422a09d86443118595d520252378d2eeb15112

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 05 Aug 2024 07:14:48 GMT
Last-Modified: Mon, 08 Jul 2024 18:58:51 GMT
Server: cloudflare
ETag: "109379e37c7bbbc6f82680bd1295ae6f"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8ae4fe06fb79376d-HEL
Content-Length: 19415

GET
H2 200 gke8aor.png
i.imgur.com/ 11 KB
11 KB 185ms
57ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/gke8aor.png

Requested by

Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f394a8b5d982301e2f0d5601b460a33cd9ff44faac6675d9b5478544d276ff94

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 749581
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 11064
x-served-by: cache-iad-kjyo7100074-IAD, cache-fra-etou8220125-FRA
last-modified: Tue, 27 Feb 2024 08:47:10 GMT
server: cat factory 1.0
x-timer: S1722842088.566674,VS0,VE1
etag: "f1c2415e95120d51197783cc984c5cff"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: n2RDNag3K9fdOhOrYH4pwudvBdVvSCX7Hr5HUm6r2i1Y_sYweTCC0A==
x-cache-hits: 12, 0

GET
H/1.1 200
OK bonanza99.png
pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev/ 855 KB
855 KB 1404ms
1318ms Image
image/png 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev/bonanza99.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c0794f393787eb88c35b4387f9800ced06e6a598ad1f277bfe9d92ae9ce211

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 05 Aug 2024 07:14:48 GMT
Last-Modified: Mon, 08 Jul 2024 18:56:52 GMT
Server: cloudflare
ETag: "325c69c145776e73f5b4d96d414a84c0"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8ae4fe06fb788d5b-HEL
Content-Length: 875310

GET
H2 200 8hVoOmH.png
i.imgur.com/ 16 KB
16 KB 192ms
65ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/8hVoOmH.png

Requested by

Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c2e3aab0c5027112afc40f84f6d292855d18698ae3dd27b1dede0127209e57db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: ATL59-P7
age: 998802
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 16392
x-served-by: cache-iad-kiad7000112-IAD, cache-fra-etou8220125-FRA
last-modified: Mon, 27 May 2024 03:40:15 GMT
server: cat factory 1.0
x-timer: S1722842088.566691,VS0,VE1
etag: "83dcb43130ddb5fd2611db0615477a96"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sDjx6dTeOq9gJZXt0P55r6s7-NOjw8-yARQjuvrBedEdQmd3EC2fMQ==
x-cache-hits: 5, 0

GET
H2 200 stssxGm.png
i.imgur.com/ 745 B
1 KB 184ms
57ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/stssxGm.png

Requested by

Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

68d07c59fed3bca515c675789a1d8c77e64898f5f3a8baf1940f04aa38668e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1551507
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 745
x-served-by: cache-iad-kjyo7100047-IAD, cache-fra-etou8220125-FRA
last-modified: Mon, 27 May 2024 03:23:14 GMT
server: cat factory 1.0
x-timer: S1722842088.566648,VS0,VE1
etag: "89ad07f7234c57e096614a30f61d1b27"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wQ1nINprLZqhOyeg04xqTr1PVw89mh58QcVNLwwksiGvT1irlHaVWA==
x-cache-hits: 14, 0

GET
H2 200 1.png
i.ibb.co/6RVdbR2/ 38 KB
38 KB 213ms
67ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/6RVdbR2/1.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 431d8c99e425fb701016a4686631478884f46fc142166bbe7a6e6d30c242e940

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
last-modified: Tue, 19 Mar 2024 18:27:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 38868
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2.png
i.ibb.co/F8xhB0k/ 37 KB
37 KB 212ms
67ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/F8xhB0k/2.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: f7e6c9dc861966eb91454725b73aa056c5f937a477f1b0600dede2802b2402d9

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
last-modified: Tue, 19 Mar 2024 18:27:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 37674
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.png
i.ibb.co/zQ5yQY5/ 41 KB
41 KB 362ms
217ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zQ5yQY5/3.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 2ccedcaae65a8a8791c7f6b6ef4d9e471202deb66d3ac08a46232f1accaa03e3

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
last-modified: Tue, 19 Mar 2024 18:27:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 41853
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4.png
i.ibb.co/J7Kb6s7/ 37 KB
37 KB 246ms
246ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/J7Kb6s7/4.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: ecae03041a74d735a0902e64e6a7f7e4fdc0d0a85fb1d7289e2a6da81599e351

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
last-modified: Tue, 19 Mar 2024 18:27:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 37983
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8.png
i.ibb.co/NnLLLvC/ 39 KB
39 KB 247ms
246ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/NnLLLvC/8.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: f82789f83bf95141c115d2feaaf58cddece20a15c0499287fb16d8e031381adf

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
last-modified: Tue, 19 Mar 2024 18:27:50 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 40111
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9.png
i.ibb.co/1nVPxb4/ 39 KB
39 KB 247ms
247ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/1nVPxb4/9.png
Requested by: Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: ce2182c26ccf7231d299e89aa08404c9db49da0980a36421d658c8ae001db887

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
last-modified: Tue, 19 Mar 2024 18:27:51 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 40059
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Qj34JOs.png
i.imgur.com/ 1 KB
2 KB 71ms
70ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Qj34JOs.png

Requested by

Host: pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
URL: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/vgg.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7164f05f8fbe9315e2ddcdba77942b3db00b0cb990d85fd9728b5892e0524968

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 07:14:47 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 693147
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1122
x-served-by: cache-iad-kcgs7200143-IAD, cache-fra-etou8220125-FRA
last-modified: Sun, 19 May 2024 07:58:55 GMT
server: cat factory 1.0
x-timer: S1722842088.626515,VS0,VE1
etag: "0cf4877ff19e104ce472f6f5593f2d06"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Svwbs3GbmMpY2O0o2Xydy4b0RoAJ9L5gZplXmoflcSJF_DNce1cy8g==
x-cache-hits: 2, 0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
3 KB 311ms
186ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
Origin: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 15:06:09 GMT
age: 490118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Jul 2025 15:06:09 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 182ms
62ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev/
Origin: https://pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 17:03:57 GMT
age: 483050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Jul 2025 17:03:57 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
i.ibb.co
i.imgur.com
pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev
pub-fd1a5b9cb1ce47998e3446be02b3e0fb.r2.dev
resource.capalang.com
142.250.186.161
162.19.58.159
188.114.97.3
199.232.192.193
2606:4700::6812:323
2a00:1450:4001:82b::2001
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
149c24cdcf48c170ed852b9fb47ffcdd920cbb886a505c1f2c42de3c94f30787
2ccedcaae65a8a8791c7f6b6ef4d9e471202deb66d3ac08a46232f1accaa03e3
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
431d8c99e425fb701016a4686631478884f46fc142166bbe7a6e6d30c242e940
5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056
5d07509efcaa8be4a87f5405e7750e4df6d16949b293dd756abdcbaadda8bc58
68d07c59fed3bca515c675789a1d8c77e64898f5f3a8baf1940f04aa38668e0e
7164f05f8fbe9315e2ddcdba77942b3db00b0cb990d85fd9728b5892e0524968
78e8329e7e7da1b6b1e4cb20e2d4679d635c7c914fd3dae2bce4e1d97fb7a579
c1c0794f393787eb88c35b4387f9800ced06e6a598ad1f277bfe9d92ae9ce211
c2e3aab0c5027112afc40f84f6d292855d18698ae3dd27b1dede0127209e57db
ce2182c26ccf7231d299e89aa08404c9db49da0980a36421d658c8ae001db887
d030195e8d771fb65a14a16b74ea9235d0c3df20342179a0641d4d631116bc2f
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
e838bae91a2246135d1523ea0f422a09d86443118595d520252378d2eeb15112
ecae03041a74d735a0902e64e6a7f7e4fdc0d0a85fb1d7289e2a6da81599e351
f34db2efe365697cc7ba82c9982a0aeabd53eaf165d591981443d40ec7f8ab59
f394a8b5d982301e2f0d5601b460a33cd9ff44faac6675d9b5478544d276ff94
f7e6c9dc861966eb91454725b73aa056c5f937a477f1b0600dede2802b2402d9
f82789f83bf95141c115d2feaaf58cddece20a15c0499287fb16d8e031381adf
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev Open in urlscan Pro 2606:4700::6812:323 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

7 IPs

4 Countries

1342 kBTransfer

2258 kBSize

0 Cookies

4 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

pub-7cbff5cbbd03452ebc8e199b437e1d5c.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

1342 kB
Transfer

2258 kB
Size

0
Cookies

19 HTTP transactions
4 data transactions