pub-1956b302d726417693b4adebab3c6058.r2.dev Open in urlscan Pro
104.18.2.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Submission Tags: @phish_report
Submission: On March 13 via api (March 13th 2024, 1:17:02 am UTC) from FI — Scanned from FI

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 104.18.2.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-1956b302d726417693b4adebab3c6058.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time pub-1956b302d726417693b4adebab3c6058.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.18.2.35 104.18.2.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
4	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
3	104.21.1.119 104.21.1.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
10	6

1 104.18.2.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-1956b302d726417693b4adebab3c6058.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.1.119 (None, )

ASN13335 (CLOUDFLARENET, US)

springharborlife.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 397	85 KB
3	springharborlife.org springharborlife.org	773 KB
1	gstatic.com fonts.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	725 B
1	r2.dev pub-1956b302d726417693b4adebab3c6058.r2.dev	27 KB
10	5

	Domain	Requested by
4	cdn.ampproject.org	pub-1956b302d726417693b4adebab3c6058.r2.dev
3	springharborlife.org	pub-1956b302d726417693b4adebab3c6058.r2.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pub-1956b302d726417693b4adebab3c6058.r2.dev
1	pub-1956b302d726417693b4adebab3c6058.r2.dev
10	5

This site contains links to these domains. Also see Links.

Domain
luxuryslot77.xyz

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
springharborlife.org GTS CA 1P5	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Frame ID: E04D7E84141FFB2D8BB687029CC3231C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dragonslot99👑Situs Slot Gacor Hari Ini Terbaik 2024 Gampang Jakcpot Maxwin

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

910 kB
Transfer

1136 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://luxuryslot77.xyz/mobile/index.php
Title: Slot Gacor

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request slot.html Show response
pub-1956b302d726417693b4adebab3c6058.r2.dev/ 26 KB
27 KB 3171ms
1360ms Document
text/html 104.18.2.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be78ab99337b54581ab2a1f886cbf64cd7487049040c80f90ac9d50d64fca47a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
CF-RAY: 86382e49ed31d916-HEL
Connection: keep-alive
Content-Length: 27121
Content-Type: text/html
Date: Wed, 13 Mar 2024 01:16:50 GMT
ETag: "26c4b520a35c3a1ffed11b7ba0f06a24"
Last-Modified: Sat, 09 Mar 2024 01:17:56 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
725 B 3542ms
377ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,700&display=swap

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

ec6f260d3642511694c122aa61bd54753cbfdf3cbe7a0e2c516b62d088e5f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Mar 2024 01:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 13 Mar 2024 01:16:54 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 3623ms
423ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

cc851682d909034305244a1d283353073d39db6d2e46c2b8322efd08f18dc0d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Mar 2024 01:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73049
x-xss-protection: 0
server: sffe
etag: "7955463a5d2c0102"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Mar 2024 01:16:54 GMT

GET
H2 200 amp-intersection-observer-polyfill-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 15 KB
5 KB 3521ms
378ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-intersection-observer-polyfill-0.1.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

f59486eab0c236491c3e655d54b3a067706a14d1794c7f5746c05dfc3391b2f5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Mar 2024 18:36:56 GMT
age: 23998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4951
x-xss-protection: 0
server: sffe
etag: "cba2b3cad4e734d0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Mar 2025 18:36:56 GMT

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 8 KB
4 KB 3511ms
369ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Mar 2024 18:36:58 GMT
age: 23996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "459060a7c7670829"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Mar 2025 18:36:58 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 12 KB
4 KB 503ms
503ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-loader-0.1.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Mar 2024 18:36:56 GMT
age: 23998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3947
x-xss-protection: 0
server: sffe
etag: "96d416c5baf5a1d0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Mar 2025 18:36:56 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb54aebf14d38e7329f0c2a0a0882f957895da66d343da87c518ffbd14d90afe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 slotgcor2024.jpg
springharborlife.org/gambar/ 384 KB
385 KB 4471ms
2993ms Image
image/jpeg 104.21.1.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://springharborlife.org/gambar/slotgcor2024.jpg
Requested by: Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.1.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06114696597dd80cedc46c64360fc32326ba2d23e238e8fe9206d8678a71147b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Mar 2024 01:16:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 393159
last-modified: Fri, 01 Mar 2024 10:56:33 GMT
server: cloudflare
etag: "5ffc7-65e1b461-6a1b63;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWcsuleePNk88WjpMgK6BuM1053xs3%2F9WVy5Ac9PIGKiVAzprj1kWpE3ZiGrtK8bi3MhAN3b05NCFzDPfsTtIy0WTTl%2Bb%2B1xymuCTrLD2Y8cGM0vOUnuaxC5%2FT35mKZbjTuJ7iyWgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86382e75586f2c79-FRA
expires: Wed, 20 Mar 2024 01:16:56 GMT

GET
H2 200 icon-dragonslot99.png
springharborlife.org/gambar/ 3 KB
3 KB 2998ms
1521ms Image
image/png 104.21.1.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://springharborlife.org/gambar/icon-dragonslot99.png
Requested by: Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.1.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3f4e2ddc237257a8b4cfc4849b3795175bf55950f64c87511a16474678e37b3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Mar 2024 01:16:57 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 13:41:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a95-65a53604-6a2803;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhNU6uiouKNo4e4FIJckxNJ4%2BHqsw9R5kT8ctmnWogPjRlrpUof5n5WHZLVyh6u4jqWuQ3krf53KjZ0XjcMg2WTY3GUOCOUCPnPyTAgzFCUEIdElq9U1aswi6vvI%2BkxWZWW0jDc6Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86382e7558702c79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2709
expires: Wed, 20 Mar 2024 01:16:56 GMT

GET
H2 200 qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMorHA.woff2
fonts.gstatic.com/s/karla/v31/ 24 KB
24 KB 2413ms
659ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMorHA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

3f6bc5d3f47d32a1206dce024b211bf6edbaca9c6586e7d6e27b512bc75ed22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 08 Mar 2024 08:20:58 GMT
x-content-type-options: nosniff
age: 406558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24364
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 08:20:58 GMT

GET
H2 200 slotgcor2024.jpg
springharborlife.org/gambar/ 384 KB
385 KB 2661ms
2088ms Image
image/jpeg 104.21.1.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://springharborlife.org/gambar/slotgcor2024.jpg
Requested by: Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.1.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06114696597dd80cedc46c64360fc32326ba2d23e238e8fe9206d8678a71147b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 13 Mar 2024 01:16:57 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Mar 2024 10:56:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ffc7-65e1b461-6a1b63;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7eQ2VG4domCebrcg8zVzj0qzGBS3D8pCX2De6h0bcShR2ufd0D2%2F40OPJ0aIrCU7Lqu9zlA0t24dBo0%2FRLC%2FwRsP0nTKfEsrT%2B3yhtG3HUK0QnVnY5smElbkvrxb9ZCJNHu7RDsYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 86382e7558712c79-FRA
alt-svc: h3=":443"; ma=86400
content-length: 393159
expires: Wed, 20 Mar 2024 01:16:56 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
pub-1956b302d726417693b4adebab3c6058.r2.dev
springharborlife.org
104.18.2.35
104.21.1.119
142.250.186.106
142.250.186.33
172.217.18.3
06114696597dd80cedc46c64360fc32326ba2d23e238e8fe9206d8678a71147b
3f6bc5d3f47d32a1206dce024b211bf6edbaca9c6586e7d6e27b512bc75ed22d
4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9
667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1
be78ab99337b54581ab2a1f886cbf64cd7487049040c80f90ac9d50d64fca47a
cc851682d909034305244a1d283353073d39db6d2e46c2b8322efd08f18dc0d0
eb54aebf14d38e7329f0c2a0a0882f957895da66d343da87c518ffbd14d90afe
ec6f260d3642511694c122aa61bd54753cbfdf3cbe7a0e2c516b62d088e5f96d
f3f4e2ddc237257a8b4cfc4849b3795175bf55950f64c87511a16474678e37b3
f59486eab0c236491c3e655d54b3a067706a14d1794c7f5746c05dfc3391b2f5

pub-1956b302d726417693b4adebab3c6058.r2.dev Open in urlscan Pro 104.18.2.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

910 kBTransfer

1136 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

pub-1956b302d726417693b4adebab3c6058.r2.dev Open in urlscan Pro
104.18.2.35 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

910 kB
Transfer

1136 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions