pub-ffc6612109414403bae278dc61e62cae.r2.dev Open in urlscan Pro
104.18.3.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://erti.kp.gov.pk/?gacor=freebet88
Effective URL:
https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Submission Tags: @phish_report
Submission: On September 10 via api (September 10th 2024, 11:39:52 am UTC) from FI — Scanned from FI

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 21 HTTP transactions. The main IP is 104.18.3.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-ffc6612109414403bae278dc61e62cae.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.

This is the only time pub-ffc6612109414403bae278dc61e62cae.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	175.107.63.111 175.107.63.111	23888 (NTC-AS-AP...) (NTC-AS-AP National Telecommunication Corporation HQ)
1	104.18.3.35 104.18.3.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	23.53.43.83 23.53.43.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	162.19.58.160 162.19.58.160	16276 (OVH) (OVH)
8	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
3	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
21	7

1 175.107.63.111 (Landi Kotal, Pakistan) 1 redirects

ASN23888 (NTC-AS-AP National Telecommunication Corporation HQ, PK)
PTR: mail.finance.gkp.pk

erti.kp.gov.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.3.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-ffc6612109414403bae278dc61e62cae.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.43.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-83.deploy.static.akamaitechnologies.com

www.worldmatch.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.58.160 (France)

ASN16276 (OVH, FR)
PTR: ns3096649.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	imgur.com i.imgur.com — Cisco Umbrella Rank: 7108	1 MB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	101 KB
3	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953	60 KB
3	ibb.co i.ibb.co — Cisco Umbrella Rank: 9712	174 KB
1	worldmatch.eu www.worldmatch.eu	138 KB
1	r2.dev pub-ffc6612109414403bae278dc61e62cae.r2.dev	23 KB
1	kp.gov.pk 1 redirects erti.kp.gov.pk	287 B
21	7

	Domain	Requested by
8	i.imgur.com	pub-ffc6612109414403bae278dc61e62cae.r2.dev
5	cdn.ampproject.org	pub-ffc6612109414403bae278dc61e62cae.r2.dev cdn.ampproject.org
3	blogger.googleusercontent.com	pub-ffc6612109414403bae278dc61e62cae.r2.dev
3	i.ibb.co	pub-ffc6612109414403bae278dc61e62cae.r2.dev
1	www.worldmatch.eu	pub-ffc6612109414403bae278dc61e62cae.r2.dev
1	pub-ffc6612109414403bae278dc61e62cae.r2.dev
1	erti.kp.gov.pk	1 redirects
21	7

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
erti.kp.gov.pk

Subject Issuer	Validity	Valid
*.r2.dev E6	`2024-08-01` - `2024-10-30`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
worldmatch.eu R11	`2024-07-16` - `2024-10-14`	3 months	crt.sh
ibb.co E5	`2024-08-22` - `2024-11-20`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.googleusercontent.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Frame ID: 0EF1194B21F88831AA4AE25A8468E231
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bocoran RTP Slot Gacor Thailand Terbaru Pramgatic Slot dan Casino

Page URL History Show full URLs

https://erti.kp.gov.pk/?gacor=freebet88 HTTP 302
https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Lightbox (JavaScript Libraries) Expand

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

1742 kB
Transfer

2002 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://rebrand.ly/3ma83gb
Title: Home

Search URL Search Domain Scan URL

URL: https://erti.kp.gov.pk/
Title: rtp slot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://erti.kp.gov.pk/?gacor=freebet88 HTTP 302
https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
pub-ffc6612109414403bae278dc61e62cae.r2.dev/
Redirect Chain

https://erti.kp.gov.pk/?gacor=freebet88
https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

22 KB
23 KB

13131ms
3472ms

Document
text/html

104.18.3.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b3bb85ef59c822dbb074d2a2b9c5e84a598a008435726e058a5f242d2fd9f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 8c0f23656ad7d933-HEL
Connection: keep-alive
Content-Length: 22867
Content-Type: text/html
Date: Tue, 10 Sep 2024 11:39:34 GMT
ETag: "f0b0a8064526e72cd2d57ea0222adade"
Last-Modified: Tue, 27 Aug 2024 12:41:26 GMT
Server: cloudflare
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 10 Sep 2024 11:39:15 GMT
Keep-Alive: timeout=5, max=100
Location: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Server: Apache

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 2129ms
872ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

bc62c28bbcaa4c3fd88d9448415ac2ee1de8bb47ffa346798b76183f99b84203

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 11:39:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73069
x-xss-protection: 0
server: sffe
etag: "aa99a87e81a93834"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Sep 2024 11:39:39 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 2107ms
851ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ef062166a581303abf12e244a38b6780595710e5fbe4fc6d8ff4a71b8c05e027

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 11:39:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11484
x-xss-protection: 0
server: sffe
etag: "096b4ab58c35a0c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Sep 2024 11:39:39 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
9 KB 2067ms
864ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ec6094ced9830fbaa6646a62468c26bcdb7af7023a08a3b14ca32959a9804cf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Sep 2024 11:39:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9634
x-xss-protection: 0
server: sffe
etag: "02ab4c8fd6aa5fdd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Sep 2024 11:39:39 GMT

GET
H2 200 ZeusStrike_bkg.jpg
www.worldmatch.eu/wp-content/uploads/2021/10/ 137 KB
138 KB 2214ms
881ms Image
image/jpeg 23.53.43.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.worldmatch.eu/wp-content/uploads/2021/10/ZeusStrike_bkg.jpg
Requested by: Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2bf960b7ee8541ea6482257832030ed34d3bfd29ffed7b03ed99330f72e10d8f

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:39 GMT
last-modified: Tue, 05 Oct 2021 09:40:38 GMT
etag: "40bbfef-22595-5cd97d2721180"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=65, ak_p; desc="1725968378995_389360463_221845110_8862_4494_73_545_219";dur=1
accept-ranges: bytes
content-length: 140693

GET
H2 200 coollogo-com-250151087.png
i.ibb.co/MpZJrgK/ 59 KB
60 KB 2995ms
1046ms Image
image/png 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/MpZJrgK/coollogo-com-250151087.png
Requested by: Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: 1784478fd4832806ee38dba843b54a443e53193e5c86d3a3a663bf554db9b915

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:42 GMT
last-modified: Mon, 26 Aug 2024 07:17:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 60848
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yqvbmjX.jpg
i.imgur.com/ 96 KB
96 KB 2905ms
968ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/yqvbmjX.jpg

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3547409222584332d85cb7c3f82bbd01c97a06e9040188679b07d19d4422fbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:42 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1155316
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 97943
x-served-by: cache-iad-kjyo7100176-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:38:05 GMT
server: cat factory 1.0
x-timer: S1725968382.407222,VS0,VE1
etag: "9a73c5334845169669754902e72f9a08"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZgO2ib_bSeNbbNSB-YBlm-OzqTVDKfUkAY1Gtj_FdRghFuz6B2oTlA==
x-cache-hits: 51, 0

GET
H2 200 86CpHHf.jpg
i.imgur.com/ 219 KB
219 KB 2818ms
881ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/86CpHHf.jpg

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4ba4ba10d9f87fd4bba7fdb3e8f348452b6a38a9d1ba1f82b8af4c793a5a9b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:42 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 185005
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 224123
x-served-by: cache-iad-kjyo7100116-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:39:30 GMT
server: cat factory 1.0
x-timer: S1725968382.407166,VS0,VE1
etag: "8009a726cd20e00626b0927a0768581f"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zHuhMkd0eb07VcyuvpI1LtKpsedHacI21jgdIiJ40v_tOESpms-dAg==
x-cache-hits: 43, 2

GET
H2 200 ruYHaAz.png
i.imgur.com/ 209 KB
209 KB 2818ms
882ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ruYHaAz.png

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

935e7f8a220a9e286cdd97340d183b5ec246234b3bc59b76f5ae1c4ad85de37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:42 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL51-P1
age: 423332
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 213992
x-served-by: cache-iad-kjyo7100024-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:40:44 GMT
server: cat factory 1.0
x-timer: S1725968382.407199,VS0,VE0
etag: "f007414c0e1ea23a6dfd33a7e109d0ff"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MIVKeShI2KaBFS-X2WO3psBcMb68gvVTBrP1il8180oy7PTyXknGgg==
x-cache-hits: 47, 2

GET
H2 200 sF56JCK.png
i.imgur.com/ 472 KB
472 KB 2818ms
881ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/sF56JCK.png

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

24d9a9b49bb5b9f73311136dfcd5aa80f8e83dc1a33d639c282a056c36c329e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:42 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P6
age: 393873
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 483096
x-served-by: cache-iad-kcgs7200177-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:43:48 GMT
server: cat factory 1.0
x-timer: S1725968382.407182,VS0,VE1
etag: "11ecd5191b3ba8a2e3b1c54855f2af16"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mfOyG0yUOBMdcvPik-yxIH6BEL6OYb14TY92DPs3QrW20_OiGauL3g==
x-cache-hits: 8, 0

GET
H2 200 live%20chat.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx57zDk0QLCxsvw9Vf0jk6IxQPMDTfjcByU3W-Iw7f5Y_A5Oox-NKvLcZG-oiKJ3IE3WP05EKLHBVUhrEZgoU_r-R69jOG7GUcas83xa2NXNk1Z9-Ktz4e13i6E-xVKPegaf6C_LhuMqxg67xX... 22 KB
23 KB 4418ms
2351ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx57zDk0QLCxsvw9Vf0jk6IxQPMDTfjcByU3W-Iw7f5Y_A5Oox-NKvLcZG-oiKJ3IE3WP05EKLHBVUhrEZgoU_r-R69jOG7GUcas83xa2NXNk1Z9-Ktz4e13i6E-xVKPegaf6C_LhuMqxg67xXGyPXIpAW3q2NOIBzdhZUwm_mSDi2-3EtqSKF90Zev0vw/s1600/live%20chat.png

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

c8d35930b64969e3e57ec5a35879c41cac215b982b6c327b1fdce216b3dc51cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="live chat.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23039
x-xss-protection: 0
expires: Wed, 11 Sep 2024 11:39:43 GMT

GET
H2 200 plus.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgivcfDuH95MJ48ZfIoby-DvOIGjOHSajMPy52KFJNvp-wWPIqDRmU1JQPHpdPTsrRlowwkdp9T3Zf6L7Cs6GpeOwOuccDFHbPaU8YeHgJV_mvkyLidwxDiuPpIGmPZ3dF-gAK9kkRYkqkrCXEO... 9 KB
9 KB 4500ms
2433ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgivcfDuH95MJ48ZfIoby-DvOIGjOHSajMPy52KFJNvp-wWPIqDRmU1JQPHpdPTsrRlowwkdp9T3Zf6L7Cs6GpeOwOuccDFHbPaU8YeHgJV_mvkyLidwxDiuPpIGmPZ3dF-gAK9kkRYkqkrCXEOXfwszgi5B7cYaSHS0iCubPBXCle760qZK4xlo13Dnklr/s1600/plus.png

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

4a3cb710b921b0ff0f9e41a60f9bd783712c0756ac3d1a320c584acdb9e1445f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="plus.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9502
x-xss-protection: 0
expires: Wed, 11 Sep 2024 11:39:43 GMT

GET
H2 200 whatsapp_logo_icon_229310.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBEnw1oEAjUhLQmYt1ySJyp7_-0bXGWM6CCKv69jcdxIo0u_Zh4LDRhFUZyu6xXy8p2UB-SlIjY6EXGqG0qBxML0w_GVSBc1N2qDLzQfuBYWtbfvCxKYJwiZdLiG30b7OQvC1qqTDTRGSLn997... 28 KB
28 KB 4579ms
2512ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBEnw1oEAjUhLQmYt1ySJyp7_-0bXGWM6CCKv69jcdxIo0u_Zh4LDRhFUZyu6xXy8p2UB-SlIjY6EXGqG0qBxML0w_GVSBc1N2qDLzQfuBYWtbfvCxKYJwiZdLiG30b7OQvC1qqTDTRGSLn997RriwYq1A49uj2colheZnL5XoOY-weur9EZb4VrRJTMZm/s1600/whatsapp_logo_icon_229310.png

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

048028d3952aff5f57bb8ff01d0a17961891bbaf5d70cf7af858938699498baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="whatsapp_logo_icon_229310.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28676
x-xss-protection: 0
expires: Wed, 11 Sep 2024 11:39:43 GMT

GET
H2 200 12wokWo.jpg
i.imgur.com/ 43 KB
44 KB 605ms
604ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/12wokWo.jpg

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a3ba411718b7b1aaf40144d6502c11c462d10bc0c571ad187fcb074428af5e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:45 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1734089
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 44418
x-served-by: cache-iad-kcgs7200048-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:45:18 GMT
server: cat factory 1.0
x-timer: S1725968385.898546,VS0,VE121
etag: "c2a777f2f0f1d3ebd8601c31d4c9ffea"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: H63FB5N-BtOFzwpj0O3jphF9FewRD9H3fe4lr3MXGbGVvbrX2EIzdw==
x-cache-hits: 75, 0

GET
H2 200 KAdX6kW.jpg
i.imgur.com/ 43 KB
43 KB 503ms
502ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/KAdX6kW.jpg

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fa9cd84e3b8eb295c88c927763f2842449c82d82c1fb3abc77f7e43c7ad9fddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 595409
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 43971
x-served-by: cache-iad-kcgs7200114-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:50:29 GMT
server: cat factory 1.0
x-timer: S1725968385.932951,VS0,VE1
etag: "0f9849c688c7af8b17468469ee6ee862"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nxlzVABvU2frbJqRMW0Oqi3l8vcTYxfWE4BVTZaOZqDAmjD8s8syWQ==
x-cache-hits: 20, 0

GET
H2 200 KvAXiTp.jpg
i.imgur.com/ 54 KB
54 KB 467ms
464ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/KvAXiTp.jpg

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9afdc2833a88dd6f2853fcd148359cedd8b2c90902c863a02aac5b61626abaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:44 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 251037
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 55120
x-served-by: cache-iad-kcgs7200028-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:53:34 GMT
server: cat factory 1.0
x-timer: S1725968385.982386,VS0,VE1
etag: "45ae95260e26b380326d5a7e43743736"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pk8mhPxEVPxYB8u7TnHKVYrGKgrdXxWaa0m4YBjNn_VFlFXSfKloJQ==
x-cache-hits: 7, 0

GET
H2 200 DMfWRIz.jpg
i.imgur.com/ 108 KB
108 KB 678ms
675ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/DMfWRIz.jpg

Requested by

Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bb262eceee706718e2c75cd027b11e966b5683dc251f48fbac7a757226767faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:45 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 590870
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 110222
x-served-by: cache-iad-kcgs7200082-IAD, cache-hel1410030-HEL
last-modified: Sat, 16 Dec 2023 13:55:00 GMT
server: cat factory 1.0
x-timer: S1725968385.984320,VS0,VE119
etag: "c52f801e836e61bbace60617a9d6c147"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MpO2WmdEgENFaLxavhbmUTOwHpd7ErSCyyxuLywojvV4z6OpIMo9GQ==
x-cache-hits: 17, 0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406252034000/v0/ 8 KB
4 KB 1888ms
612ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

f2d32e990f8c2cdea703482d182b72015b64ef9d7de4cf1ef01043236062c7fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
Origin: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Sep 2024 11:37:32 GMT
age: 134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "b3a7da082c4f77e9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Sep 2025 11:37:32 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406252034000/v0/ 12 KB
4 KB 1866ms
617ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

d7ce36593c3ca293f7d3a4c8faae86175961860eb64a0acaf597b6b03e35d04c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
Origin: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Sep 2024 18:03:00 GMT
age: 495406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: sffe
etag: "24d297f33544dfa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Sep 2025 18:03:00 GMT

GET
H2 200 photo-2024-02-24-18-12-05.jpg
i.ibb.co/TRgB9N5/ 94 KB
94 KB 2932ms
1046ms Image
image/jpeg 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/TRgB9N5/photo-2024-02-24-18-12-05.jpg
Requested by: Host: pub-ffc6612109414403bae278dc61e62cae.r2.dev
URL: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/index.html?gacor=freebet88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: 133d547c998e17828297ad3a3375c64dfc653eb33c3e776b4dbf29dd27796202

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:42 GMT
last-modified: Mon, 26 Aug 2024 07:08:56 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 95907
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 favicon18.png
i.ibb.co/K0LMTPY/ 20 KB
20 KB 172ms
172ms Other
image/png 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ibb.co/K0LMTPY/favicon18.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: 489c33516f8fd9dd384e266441f3594a455f4ab7b24ca441ef95b755cbe9c159

Request headers

Referer: https://pub-ffc6612109414403bae278dc61e62cae.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 11:39:46 GMT
last-modified: Wed, 21 Aug 2024 10:08:05 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 20025
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdn.ampproject.org
erti.kp.gov.pk
i.ibb.co
i.imgur.com
pub-ffc6612109414403bae278dc61e62cae.r2.dev
www.worldmatch.eu
104.18.3.35
142.250.185.161
142.250.186.161
162.19.58.160
175.107.63.111
199.232.196.193
23.53.43.83
048028d3952aff5f57bb8ff01d0a17961891bbaf5d70cf7af858938699498baf
133d547c998e17828297ad3a3375c64dfc653eb33c3e776b4dbf29dd27796202
1784478fd4832806ee38dba843b54a443e53193e5c86d3a3a663bf554db9b915
22b3bb85ef59c822dbb074d2a2b9c5e84a598a008435726e058a5f242d2fd9f8
24d9a9b49bb5b9f73311136dfcd5aa80f8e83dc1a33d639c282a056c36c329e0
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2bf960b7ee8541ea6482257832030ed34d3bfd29ffed7b03ed99330f72e10d8f
3547409222584332d85cb7c3f82bbd01c97a06e9040188679b07d19d4422fbb6
489c33516f8fd9dd384e266441f3594a455f4ab7b24ca441ef95b755cbe9c159
4a3cb710b921b0ff0f9e41a60f9bd783712c0756ac3d1a320c584acdb9e1445f
4ba4ba10d9f87fd4bba7fdb3e8f348452b6a38a9d1ba1f82b8af4c793a5a9b42
935e7f8a220a9e286cdd97340d183b5ec246234b3bc59b76f5ae1c4ad85de37a
9afdc2833a88dd6f2853fcd148359cedd8b2c90902c863a02aac5b61626abaaa
a3ba411718b7b1aaf40144d6502c11c462d10bc0c571ad187fcb074428af5e86
bb262eceee706718e2c75cd027b11e966b5683dc251f48fbac7a757226767faa
bc62c28bbcaa4c3fd88d9448415ac2ee1de8bb47ffa346798b76183f99b84203
c8d35930b64969e3e57ec5a35879c41cac215b982b6c327b1fdce216b3dc51cd
d7ce36593c3ca293f7d3a4c8faae86175961860eb64a0acaf597b6b03e35d04c
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ec6094ced9830fbaa6646a62468c26bcdb7af7023a08a3b14ca32959a9804cf7
ef062166a581303abf12e244a38b6780595710e5fbe4fc6d8ff4a71b8c05e027
f2d32e990f8c2cdea703482d182b72015b64ef9d7de4cf1ef01043236062c7fe
fa9cd84e3b8eb295c88c927763f2842449c82d82c1fb3abc77f7e43c7ad9fddd

pub-ffc6612109414403bae278dc61e62cae.r2.dev Open in urlscan Pro 104.18.3.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

7 IPs

5 Countries

1742 kBTransfer

2002 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

pub-ffc6612109414403bae278dc61e62cae.r2.dev Open in urlscan Pro
104.18.3.35 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

1742 kB
Transfer

2002 kB
Size

0
Cookies

21 HTTP transactions
2 data transactions