www.icminerals.com.candysweet.org Open in urlscan Pro
172.96.191.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.icminerals.com.candysweet.org/
Submission: On August 09 via api (August 9th 2024, 5:46:33 pm UTC) from US — Scanned from SG

Summary HTTP 45 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main IP is 172.96.191.242, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is www.icminerals.com.candysweet.org.
TLS certificate: Issued by on August 9th 2024. Valid for: 15 years.

This is the only time www.icminerals.com.candysweet.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.96.191.242 172.96.191.242	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
5	2404:6800:400... 2404:6800:4003:c05::84	15169 (GOOGLE) (GOOGLE)
30	2404:6800:400... 2404:6800:4003:c1c::84	15169 (GOOGLE) (GOOGLE)
1	2600:9000:23d... 2600:9000:23d2:e200:c:5e6d:a440:21	16509 (AMAZON-02) (AMAZON-02)
4	142.251.175.132 142.251.175.132	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c00::61	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::71	15169 (GOOGLE) (GOOGLE)
45	8

1 172.96.191.242 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.242-static.reverse.arandomserver.com

www.icminerals.com.candysweet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c05::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2404:6800:4003:c1c::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23d2:e200:c:5e6d:a440:21 (United States)

ASN16509 (AMAZON-02, US)

d2rzzcn1jnr24x.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::71 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953	1 MB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	134 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	201 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	1 KB
1	cloudfront.net d2rzzcn1jnr24x.cloudfront.net	1 KB
1	candysweet.org www.icminerals.com.candysweet.org	10 KB
0	icminerals.com Failed icminerals.com Failed
45	7

	Domain	Requested by
31	blogger.googleusercontent.com	www.icminerals.com.candysweet.org
8	cdn.ampproject.org	www.icminerals.com.candysweet.org cdn.ampproject.org
1	www.google-analytics.com
1	www.googletagmanager.com	cdn.ampproject.org
1	d2rzzcn1jnr24x.cloudfront.net	www.icminerals.com.candysweet.org
1	www.icminerals.com.candysweet.org
0	icminerals.com Failed	www.icminerals.com.candysweet.org
45	7

This site contains links to these domains. Also see Links.

Domain
tinyurl.com
api.whatsapp.com
apps.freshapp.top

Subject Issuer	Validity	Valid
CloudFlare Origin Certificate	`2024-08-09` - `2039-08-06`	15 years	crt.sh
misc-sni.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.icminerals.com.candysweet.org/
Frame ID: FF9C101E74FB3F54D69F822EA086F411
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MPO878

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

45
Requests

93 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1497 kB
Transfer

1862 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/mpo878daftar
Title: Daftar

Search URL Search Domain Scan URL

URL: https://tinyurl.com/mpo878-vip
Title: Masuk

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6281391658388
Title: +6281391658388

Search URL Search Domain Scan URL

URL: https://apps.freshapp.top/MPO878.apk
Title: Unduh

Search URL Search Domain Scan URL

URL: https://tinyurl.com/promo-mpo878
Title: Promosi

Search URL Search Domain Scan URL

URL: https://tinyurl.com/mpo878livechat
Title: Live Chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.icminerals.com.candysweet.org/fonts/digital_sans_ef_medium.woff2 HTTP 302
https://icminerals.com/

Request Chain 9

https://www.icminerals.com.candysweet.org/fonts/digital_sans_ef_medium.woff HTTP 302
https://icminerals.com/

45 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.icminerals.com.candysweet.org/ 31 KB
10 KB 29ms
5ms Document
text/html 172.96.191.242
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icminerals.com.candysweet.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.242 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.242-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 8d18027b8b1829794c1b9cab1b95ffa2905fb18486f4e86df18e03c96dc9968d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 9796
content-type: text/html
date: Fri, 09 Aug 2024 17:46:25 GMT
last-modified: Fri, 09 Aug 2024 03:34:19 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 27ms
9ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 17:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 09 Aug 2024 17:46:25 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 23ms
5ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 17:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11527
x-xss-protection: 0
server: sffe
etag: "aef697926ee2e511"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 09 Aug 2024 17:46:25 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 12ms
8ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 17:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2467
x-xss-protection: 0
server: sffe
etag: "5afdd0604fa01f3c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 09 Aug 2024 17:46:25 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 13ms
10ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

515ebc558b631a3e5a10c9b24a215d17abaa94395f3dea457f3217ada241f8f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 17:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8526
x-xss-protection: 0
server: sffe
etag: "15936e0e8c094b2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 09 Aug 2024 17:46:25 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 8ms
5ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 17:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32172
x-xss-protection: 0
server: sffe
etag: "d1ab60b03cd8a04e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 09 Aug 2024 17:46:25 GMT

GET

/
icminerals.com/
Redirect Chain

https://www.icminerals.com.candysweet.org/fonts/digital_sans_ef_medium.woff2
https://icminerals.com/

0
0

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dacccdf04449eb70a5b22f3ce69198cf1442235723d2d19290c5ba00b80fc31

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4167006d8b8fd64ae3c764a7a1716857875e96aa846709adbd785ca0c9d60ea

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET

/
icminerals.com/
Redirect Chain

https://www.icminerals.com.candysweet.org/fonts/digital_sans_ef_medium.woff
https://icminerals.com/

0
0

GET
H2 200 logo-635361666.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjpq2Pw1a7zCMMsL805FJI3M4onDnbwU9SIut6y9IZjsq8V2yx0vg9cdWMwDACI7WwZqJn7FQQrxie_rCU16PG1XiJpycK0Hgz0HhhoMPwIzC5zLjASCNtchFJgq98VOdOMF4cJIDAp5v87wXu... 31 KB
31 KB 619ms
592ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjpq2Pw1a7zCMMsL805FJI3M4onDnbwU9SIut6y9IZjsq8V2yx0vg9cdWMwDACI7WwZqJn7FQQrxie_rCU16PG1XiJpycK0Hgz0HhhoMPwIzC5zLjASCNtchFJgq98VOdOMF4cJIDAp5v87wXuCMAMftBXy9qmAZyfmGBnsCF600BRV_DYihHn-5f2Avmn/s250/logo-635361666.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25ff6fb1fa6de0ff14c0b0a286f1c7e1213c0a0d27bbfc9aa0c97e58949a6d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v235"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo-635361666.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31391
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 mpo878gif.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMabDQTOvDmpanKgEaxc2hyphenhyphen01ago1ftN8ym8unoj2PFzDvLOm5KbtsELcznjDS3FNOc4YzwawcxQ1zDO8Rvz00fPQx9j3cYeBgpcQotbIprO1IcDUzyf7rzWLok-cZ60xYeBjhyp... 51 KB
51 KB 760ms
734ms Image
image/gif 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMabDQTOvDmpanKgEaxc2hyphenhyphen01ago1ftN8ym8unoj2PFzDvLOm5KbtsELcznjDS3FNOc4YzwawcxQ1zDO8Rvz00fPQx9j3cYeBgpcQotbIprO1IcDUzyf7rzWLok-cZ60xYeBjhyphenhyphen_18MVesJry-H7iblZgaGI4yFeJ7D4tOyMvMOlZK-j501LZ4lDG4wWCY/s498/mpo878gif.gif

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9b1dc11019da0059685aebace3e7c050aef4c0b1531387551dab35f5b0079e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v238"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mpo878gif.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52014
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 hot-games.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTWZJJWnN2BYMZqM0dfiPCgugyBBo_dPUjSVc5gUJNuqZsNfIVhtw7ojE_IuLxiJiI7r-PLqeHqoosIYj6yNwhtfT_SGl7Xhi4u44pYJSQUZP4nbaPiyNLuf4p5DJODOHwcs1prIJIj2I0BTo2... 11 KB
12 KB 627ms
601ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTWZJJWnN2BYMZqM0dfiPCgugyBBo_dPUjSVc5gUJNuqZsNfIVhtw7ojE_IuLxiJiI7r-PLqeHqoosIYj6yNwhtfT_SGl7Xhi4u44pYJSQUZP4nbaPiyNLuf4p5DJODOHwcs1prIJIj2I0BTo2VSsmirJfkxvm1MEpLWWzvrse-ZY9bwD2MUrQ8jBcS237/s693/hot-games.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

abaecbecdd975803723dd290310c92f7c64e234fc8dfde7ccb5d3fbd9839ea0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f6"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hot-games.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11722
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 slots.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhungSCd0YY-hh8XKGZr_AGxKdOqZxIrmYqLvML2NG27LVKOsi7RP-Xjr77LAeS3QUHjq3yBzzFnAW8c1xYWDuuJ2CR6sr8UYBwdOdcDqPknw_FqeneDh_Er4HxuxJwTkHSYkNcIKCrc1VnOEyV... 9 KB
9 KB 645ms
619ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhungSCd0YY-hh8XKGZr_AGxKdOqZxIrmYqLvML2NG27LVKOsi7RP-Xjr77LAeS3QUHjq3yBzzFnAW8c1xYWDuuJ2CR6sr8UYBwdOdcDqPknw_FqeneDh_Er4HxuxJwTkHSYkNcIKCrc1VnOEyVT3dVxJwJQU_KoG61yE2uk1XcJR9NINVtcD3jb4Tacwlr/s693/slots.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa902b48ee07d5bfd56e759db436fd4088fc781e34e2519092c09004774facbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="slots.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9003
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 casino.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeHh89ozGeWqXlmNkVJiXpmLvuN66Glt53S1Oo-NpvaGG9rOaV9qGM3UZVsOR-80R5YVDhcjgYdXZEo5rWkT0AUs_mXTfrSIGhJBwnB2GTb2tMw43EvNqK_dJ4qxhSUAZkPGBntp2INUi4CqkZ... 18 KB
18 KB 642ms
616ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeHh89ozGeWqXlmNkVJiXpmLvuN66Glt53S1Oo-NpvaGG9rOaV9qGM3UZVsOR-80R5YVDhcjgYdXZEo5rWkT0AUs_mXTfrSIGhJBwnB2GTb2tMw43EvNqK_dJ4qxhSUAZkPGBntp2INUi4CqkZqooFV3qXhfHcZ6oIM8qh9hblC5nBjf0MgBM_czYsJI1a/s792/casino.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b6318c43695c38e6ee713c3d71c5a7224b3607bd529b0c082dee4bff16dff300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f3"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="casino.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18601
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 others.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCZanj9i5uaNXkpgNciNphXkfZB2VOjc2pz65RhapCqgN0Ps9xnwg2SVMHQa6bjNfF9BugIZ7RlgUHM6WfJm3GG1KYUjPVhSPx298Bw3cugFXk6SPHPT4aLniHMQo7NVT6SIJaaBCUV7WhCet7... 7 KB
7 KB 453ms
427ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCZanj9i5uaNXkpgNciNphXkfZB2VOjc2pz65RhapCqgN0Ps9xnwg2SVMHQa6bjNfF9BugIZ7RlgUHM6WfJm3GG1KYUjPVhSPx298Bw3cugFXk6SPHPT4aLniHMQo7NVT6SIJaaBCUV7WhCet7WpMq-hQaO98xIahHAjgysrudAXmYo3lo9nYGuvfCchOy/s693/others.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00fa93245d8c2577fa604a1254cd4a1d126139ac83959fe9ab52c3e1d0083b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="others.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7131
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 sports.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEwuA7VyFVGpEdztNzzcmAggXVfWbenoQxf08G3TJbYHeLl-YfgDIKFeQdEMfpM8-T56ltPvbRHyxd4CEFMAhpEC2uXLMY2iivVb84hk9szkpPMggg5QZ-ijOE6rzZW4FanW62dqX-gPz5VGLN... 11 KB
11 KB 635ms
613ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEwuA7VyFVGpEdztNzzcmAggXVfWbenoQxf08G3TJbYHeLl-YfgDIKFeQdEMfpM8-T56ltPvbRHyxd4CEFMAhpEC2uXLMY2iivVb84hk9szkpPMggg5QZ-ijOE6rzZW4FanW62dqX-gPz5VGLNsmQ8gsJFFHOrmy1dg5Pq8Ez55xH7t1xRSYG31ilI62yY/s693/sports.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

798530b7177fa43ba9981ca9c567a32119189fe28f13e15c2cf809d416407bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sports.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10799
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 crash-game.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb1mhvKO0fcmG2j2LERzf5zmmAND2V8r3WaLMfzeOdkhR88lEBHIYUxfQVA06EFg-MC4yi5rx74dctGpA86pSLBNiwmGfKZkGWqD0l5HjYMcuO7zwosFzTlbMoOUSCJwLdkmLSe90zmUhX-2We... 5 KB
5 KB 640ms
618ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb1mhvKO0fcmG2j2LERzf5zmmAND2V8r3WaLMfzeOdkhR88lEBHIYUxfQVA06EFg-MC4yi5rx74dctGpA86pSLBNiwmGfKZkGWqD0l5HjYMcuO7zwosFzTlbMoOUSCJwLdkmLSe90zmUhX-2We4tlWhJXuLl3fRSI1uK1SuK1pWxgJU5mxHU0QmTzesQcw/s300/crash-game.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c0e38ef441c7169b89c0b268897f5d8d014f32ac4c10932971a67c10c56f8baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="crash-game.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4862
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 arcade.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuLvQrHQV2h7QoYntlZbgXL_7xTc13KNrZ6eghWIKjQK50vTKXzSRxnG3qiuhf4WO8wMQMVUF8Bs5LF8VHWj5F3oPOAxlZN9L5t4fY2-Akp5jMWJFbm-oWcZJpWh1CqrROuHZlZe47laU73PQU... 5 KB
5 KB 627ms
605ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuLvQrHQV2h7QoYntlZbgXL_7xTc13KNrZ6eghWIKjQK50vTKXzSRxnG3qiuhf4WO8wMQMVUF8Bs5LF8VHWj5F3oPOAxlZN9L5t4fY2-Akp5jMWJFbm-oWcZJpWh1CqrROuHZlZe47laU73PQUn3ffsGGuY3CCPw9VnUDfrnIIcWyoMFLGsPRUUZ_VGfow/s792/arcade.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1925bd13c42ddb8308bbc57e6416c9822c48592135d4194c4d44cbae9be8fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="arcade.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5398
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 e-sports.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQf4Dz8TWRmQ6zeV7GeVpmkV8IyIcIHQjWHYqW9YKEJNEFehne1HY2lh0vN96L3dYEaWpw8r7UfPvV8-F3dq1mLvLqUxOwlq1_VkgTgNSqmOUBQhtpPYyamV2RIo_m40wYSoGVgMGfsal1gwSZ... 697 B
790 B 631ms
609ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQf4Dz8TWRmQ6zeV7GeVpmkV8IyIcIHQjWHYqW9YKEJNEFehne1HY2lh0vN96L3dYEaWpw8r7UfPvV8-F3dq1mLvLqUxOwlq1_VkgTgNSqmOUBQhtpPYyamV2RIo_m40wYSoGVgMGfsal1gwSZp8Hs47BpameQzd8OkCDmu4WPvnz7q9w5JUcElLWT6HK5/s30/e-sports.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e587ead12d272448d35f8c32981a474ff142c505be66b9fefdfad4633f21bc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="e-sports.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 whatsapp.svg
d2rzzcn1jnr24x.cloudfront.net/Images/communications/ 1 KB
1 KB 33ms
7ms Image
image/svg+xml 2600:9000:23d2:e200:c:5e6d:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/communications/whatsapp.svg?v=20240608-1

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23d2:e200:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

TrillionSoft /

Resource Hash

3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 08:26:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: SIN52-P1
age: 206378
via: 1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Oct 2020 22:31:58 GMT
server: TrillionSoft
etag: W/"0c3abd379a2d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: yoGdDFMn-ek-oX1zhE0MebDh3Om_Y-H3gNwGwgIvbbo8vz9MW3IZzQ==

GET
H2 200 BCA.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCCyV4Vh_sBd6ucuKBHAH2MGmD4m1B8IkEV7eo9WeCn1wgYvKRZRaM_5-3zMMTktbc_ZF5FJqB1HYTzX6OWm3g0wulixG3ixxHCoCWB1g2FdL94gyAqNf2h4_wpbi2Ca9u76mBBdWKwOkJKnoe... 4 KB
4 KB 454ms
431ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCCyV4Vh_sBd6ucuKBHAH2MGmD4m1B8IkEV7eo9WeCn1wgYvKRZRaM_5-3zMMTktbc_ZF5FJqB1HYTzX6OWm3g0wulixG3ixxHCoCWB1g2FdL94gyAqNf2h4_wpbi2Ca9u76mBBdWKwOkJKnoem3A92ZTtcEeVOIxh4CGXyY7mwyGKPpBz6y0j52NbwC-8/s80/BCA.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bdd5ad0f5ff44678584aade156647170960683e152c8aa7afd29965212edfcc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d3"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BCA.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3679
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 BNI.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjul0iCeKkTgDELJtlvjR2Y-xrgxIOS6FTP2F2Pp9SeW7lDuX7bg05lhH7rRTTtF7TYjOkt0fHdAWjTo1_ICONTt-ylcIiVwv4vOCTii_uotOAhBueFo8oSaG0cNWTr-OBXaa2GpHRD0xjPIO6A... 3 KB
3 KB 820ms
798ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjul0iCeKkTgDELJtlvjR2Y-xrgxIOS6FTP2F2Pp9SeW7lDuX7bg05lhH7rRTTtF7TYjOkt0fHdAWjTo1_ICONTt-ylcIiVwv4vOCTii_uotOAhBueFo8oSaG0cNWTr-OBXaa2GpHRD0xjPIO6At4vJOUcsHq5fpRTLsRiM_VfjoScClZGfw68YvH8ceP7h/s80/BNI.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c3918447739f27d8ab7f3b6e0fb75b077c793b22f58418bcae5a76a59adb0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d1"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BNI.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3287
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 BRI.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSZ7cGTiNGd-qMRP66VHqeThUAAv6XlyJdDJ-uae8eDxYGvVxhDR1Wy7PYBh8FQqGBREoFav4PBpcbLQQcEV31OdBSScCmJa8ASX1AnLo8mXrlIrSPuC4j-IL5NcjlNvte93q8p1zhTY-5qGEy... 4 KB
4 KB 668ms
645ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSZ7cGTiNGd-qMRP66VHqeThUAAv6XlyJdDJ-uae8eDxYGvVxhDR1Wy7PYBh8FQqGBREoFav4PBpcbLQQcEV31OdBSScCmJa8ASX1AnLo8mXrlIrSPuC4j-IL5NcjlNvte93q8p1zhTY-5qGEyJ06Ky-ENFeCoCPKvEps4NqW7BfQixXzrREl2ZR_ljamL/s80/BRI.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0081e53a783f0fe43d01c530bedb2124d39fc3e8eca58a475bffcbdbbf5f4f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BRI.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3810
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 DANA.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitIxclrlfoTQ3_Apq0jwz_fu6slVj25V0433TrJbTQDBlWlTj7lTUhNlgsaW_azjkyINl5jK4q0dLzoPlOOmXMJJUROXfpOY1U4bBn1Sn1gnID1KFnLOKfOFdGeMgpMOUf24zX7uENBhR3ph-M... 2 KB
2 KB 820ms
798ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitIxclrlfoTQ3_Apq0jwz_fu6slVj25V0433TrJbTQDBlWlTj7lTUhNlgsaW_azjkyINl5jK4q0dLzoPlOOmXMJJUROXfpOY1U4bBn1Sn1gnID1KFnLOKfOFdGeMgpMOUf24zX7uENBhR3ph-MyEt0yiC8QWfEdZ8K9dfYyrvvAdZsqPKDHi4pEpBRZ4NB/s80/DANA.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7205df65ed0f2ffa228504161b1a75b61286c56c3693f8f2155bfc2a5605674b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DANA.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1960
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 GOPAY.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqN2TlFNWE5xEsRAwPjOw81nT9Ipz2qmHq9DOPRS6JuzHSkwde9RuQl8hpfFZzN_HtMUrGLgqXiaUwRDd7Hrao2oZIezEG_9e92dhliZDJRrED4I6CHP5E2XXXtpWeG_uJfZwe6CbnltPy1Cl7... 2 KB
2 KB 663ms
640ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqN2TlFNWE5xEsRAwPjOw81nT9Ipz2qmHq9DOPRS6JuzHSkwde9RuQl8hpfFZzN_HtMUrGLgqXiaUwRDd7Hrao2oZIezEG_9e92dhliZDJRrED4I6CHP5E2XXXtpWeG_uJfZwe6CbnltPy1Cl7kyCGBCIVlXzFrfQnhOdo-rUlx7l9Y0VbUy4_wbiL-eT5/s80/GOPAY.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f86038be54b0e92134ae56f6fa3d6c32fb6fa835f9f3b842e2635892007be61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="GOPAY.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2281
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 LINKAJA.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglvYqQIzSacul272fwBiVxGF_Nu_nSbHiUSWmtq9ndv4jRUSviAcuw5RDRBkyH5ZY_XID1wgZ4QXy3bpPa_xfndou3X5TIv6a2zfDh7GrxwpVVg8luhKIwJTSoIWMb7_QPvuLRDRxWo_jxHV3n... 3 KB
3 KB 631ms
609ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglvYqQIzSacul272fwBiVxGF_Nu_nSbHiUSWmtq9ndv4jRUSviAcuw5RDRBkyH5ZY_XID1wgZ4QXy3bpPa_xfndou3X5TIv6a2zfDh7GrxwpVVg8luhKIwJTSoIWMb7_QPvuLRDRxWo_jxHV3n6rpljHISslklrT92gvWHEvwq7lKCkWk2ECI_GgucOFk1/s80/LINKAJA.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6efa7d92b04eff08d94c65522282fb58535a8ec896ae6f32235cdd443d7a67c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d3"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LINKAJA.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3203
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 MANDIRI.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhC1zSTUo1DCOVjgdHI0ys69VoihOYOTRFHHoDq39dUf0NH44KC_2Iem19fUKK16xKpVWPGGLDY8O3FjDLWJBXBY7ClZaMm7GxG4MFp8Hsz2ZsLAUGYh6GiydyGhcoRxOaMZJ38Z8T9swLIknbM... 3 KB
3 KB 658ms
635ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhC1zSTUo1DCOVjgdHI0ys69VoihOYOTRFHHoDq39dUf0NH44KC_2Iem19fUKK16xKpVWPGGLDY8O3FjDLWJBXBY7ClZaMm7GxG4MFp8Hsz2ZsLAUGYh6GiydyGhcoRxOaMZJ38Z8T9swLIknbM9F-wU-5TwLhzW8vhC_V3yRC6l2Qbc-h_xwVJjKZB2PxD/s80/MANDIRI.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56b1fc0887fc3794ec71d2f067409aa3754dd71886483056bfa01b2cb97e94d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d3"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MANDIRI.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2721
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 NIAGA.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSuGZPAElA66haCere9mfieIPOXC6-QT8Cee6cJ6W95oVu7WByyFPjljrww1pGUuDIkt3hrzi4HWCWvhKMyxYipSo9COqHZZFqnFqbCRO7qsngup4-x2vsifVlOv2Y0a_TOv-SsOB8GbFJ4KbV... 2 KB
2 KB 637ms
615ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSuGZPAElA66haCere9mfieIPOXC6-QT8Cee6cJ6W95oVu7WByyFPjljrww1pGUuDIkt3hrzi4HWCWvhKMyxYipSo9COqHZZFqnFqbCRO7qsngup4-x2vsifVlOv2Y0a_TOv-SsOB8GbFJ4KbVD0jhMi558gUpy7AjfpDqdX5ivURKjIutZI3sG4T5EKQ4/s80/NIAGA.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58f13340f112f9037847130edcdf59b60e20af491112d290e85cc2bf1c3d54ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d2"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NIAGA.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1688
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 OVO.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRKUW8ArFe8FunktSpIaNLPoPozAn0TblWCOAClPA2lE_A0-wETKKlE6vnnkFHqFGhfLeBqaRIf8dBCycOD7HiNezHlcabSeaLJxPBrCumoYaU8a8TIZH4KaXph1UVEAcyGOrTDp9QJCp5PHOz... 3 KB
3 KB 627ms
604ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRKUW8ArFe8FunktSpIaNLPoPozAn0TblWCOAClPA2lE_A0-wETKKlE6vnnkFHqFGhfLeBqaRIf8dBCycOD7HiNezHlcabSeaLJxPBrCumoYaU8a8TIZH4KaXph1UVEAcyGOrTDp9QJCp5PHOzTpS9e2fUwZldRDF-CnT42VennQjElaUQ-1n5GUlLjH9R/s80/OVO.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a779be57643c1bae1fd1549765fedc4dadc86fce52fa01082128577bb60f79d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OVO.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3236
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 QRIS_2cc2c5f5-5b19-428d-bdc3-bd2360404891_1704865078680.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsMs3A5QDKQlT6lc8FS1-LZNLC8pNWJbMxetmbOBU8b5Sn_1HV5gxjj_W6rE1iUX6hkv8G7akIkK0LS-PfSdvbRc_ldW-zunT-wU8-mxON-nEgIBqvoVzEhYb37VvFeCTRZmeRi4fTg_kSKIlS... 2 KB
2 KB 753ms
732ms Image
image/jpeg 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsMs3A5QDKQlT6lc8FS1-LZNLC8pNWJbMxetmbOBU8b5Sn_1HV5gxjj_W6rE1iUX6hkv8G7akIkK0LS-PfSdvbRc_ldW-zunT-wU8-mxON-nEgIBqvoVzEhYb37VvFeCTRZmeRi4fTg_kSKIlS4H5qLYManLr1fMdgqJP-iZj0R8MwaeUe1_RVQwBiOSCp/s80/QRIS_2cc2c5f5-5b19-428d-bdc3-bd2360404891_1704865078680.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d777d116483ab9c77fe0a8ab6b1c52fcfc4bdafbdf1058c0a0c2f1ff197d16f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2f1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="QRIS_2cc2c5f5-5b19-428d-bdc3-bd2360404891_1704865078680.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1573
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 TSEL.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivj1mCrWEYE_8y-oy3R1So4PU7V9NXmzf-huga9etJxaPZ4esB3F-UX3AyZ2C8HWSIKbzAOktHP_RRo6MNYVUjqxFt_BuSoCdVEJj_rMqa2zTDd3SqtXwhstKv76nNQ3_FsGfYlo9HrurG2TtP... 2 KB
2 KB 637ms
614ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivj1mCrWEYE_8y-oy3R1So4PU7V9NXmzf-huga9etJxaPZ4esB3F-UX3AyZ2C8HWSIKbzAOktHP_RRo6MNYVUjqxFt_BuSoCdVEJj_rMqa2zTDd3SqtXwhstKv76nNQ3_FsGfYlo9HrurG2TtPswTqTmdKmLOMHpS_AIT1SqVM3AY-aq2PcdefhhKYj74S/s80/TSEL.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

049c52f75b19500768595bbf0b5a8dcb41d7c3f494e819dc407b98f62bdc643d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TSEL.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2361
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 home-active.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3PksYIf_5v_Yx0i_ejqDTAALl71Yrlwlyrz1hr5Q5cN2uwz8iG_t5psuFbDAuHQUXWyQYj2WE8_BzCVaIy4ewmwCWg5x3Gfgs8a2oNBjGUf4qidBY5sCad1PX0htXC-Ak4DKYOOQOOgGm5_xO... 611 B
714 B 814ms
792ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3PksYIf_5v_Yx0i_ejqDTAALl71Yrlwlyrz1hr5Q5cN2uwz8iG_t5psuFbDAuHQUXWyQYj2WE8_BzCVaIy4ewmwCWg5x3Gfgs8a2oNBjGUf4qidBY5sCad1PX0htXC-Ak4DKYOOQOOgGm5_xOLPnlgYfYfGH6YUqRENvqUgE33qx6iPU2U2Prw3HVj-bU/s42/home-active.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

846519d41b6fd26f23a06c44718f72788df3e4b2e5db31d467473dc93baed27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="home-active.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 mobile-app.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioqRBHfQF0mmWjGUJX9Ynic7KIpIIIRun95wt9bLhERMnJ38xvYSZEPB-sC39P9uGpLV65ve_uhmfgJwew2DOGhXTF54H0T2Au3oHJIovcPMwC4R2X47sNxef0uUAy7Dd_zqdiVpm35CZRG9xR... 436 B
537 B 776ms
754ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioqRBHfQF0mmWjGUJX9Ynic7KIpIIIRun95wt9bLhERMnJ38xvYSZEPB-sC39P9uGpLV65ve_uhmfgJwew2DOGhXTF54H0T2Au3oHJIovcPMwC4R2X47sNxef0uUAy7Dd_zqdiVpm35CZRG9xRAtuCsmeSX0N7LYKPjUCesDPBL6OjzKa4T4qua8cr4TDa/s20/mobile-app.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0748598aeaee6f08911f0a3d7245046b8f18d26314242698cca9e11e17fbe3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2f9"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mobile-app.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 login2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXfnN61KKAIBuGF4NqpuW2gFYD56_l5ddj6KqhlvAKxcowhxePQ_YUW1RyASjhVKKFQSY5YsyhTYlq0lOMuVr6bwsVdxTYTHwuOWIVFWE3rSNUlY4Z52v1D2_1h4Uh571aHtno7CW0bTv2ikMd... 1 KB
1 KB 860ms
838ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXfnN61KKAIBuGF4NqpuW2gFYD56_l5ddj6KqhlvAKxcowhxePQ_YUW1RyASjhVKKFQSY5YsyhTYlq0lOMuVr6bwsVdxTYTHwuOWIVFWE3rSNUlY4Z52v1D2_1h4Uh571aHtno7CW0bTv2ikMdPQGamr1eYy8S8YoGox1rrzXFY5bOiUmmOYDjHoijC7Pd/s32/login2.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dc183b034f269eb1f397a0dceeecfffe106815b2309d7bad628a075ff436369d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2fa"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="login2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1156
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 promotion.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4gzhaGMpTHYXvXanwEyCIjCNQrHe04E4bPJ8-Q3ww1UcBTK4cfDyvKuv4KufKoF5ofE5bW5lwyYjDmumaEgV5b6kHU0ZsIp2EjNZHOyNTBzmAiDCiLkyPrQudBwXj-xziYSTD4Z_ccWzFaBsK... 1020 B
1 KB 820ms
798ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4gzhaGMpTHYXvXanwEyCIjCNQrHe04E4bPJ8-Q3ww1UcBTK4cfDyvKuv4KufKoF5ofE5bW5lwyYjDmumaEgV5b6kHU0ZsIp2EjNZHOyNTBzmAiDCiLkyPrQudBwXj-xziYSTD4Z_ccWzFaBsKpZvXOg2sVlA2lyDzEGMD_YQSmLhzJSDfFwpma9F0omrh/s42/promotion.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

74a2e420d0cf539132edb2bfc4d4c6ac687c0eba35dd5135f9eac478a70e3e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2fa"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="promotion.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1020
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 live-chat.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoXibLNWlRJFVTFW-Q8cojcteshDUHSPYtT2wxEajwkDbV_DzFJP_4c1QOwilRRLdc3dgwILfis_UU4ILJ69cAXLKHCQYl5e3VCvTlCPKI7YyM8eUDUKVeOoJ-scwFv12fkjuJ19aUlUuAn5Iz... 983 B
1 KB 859ms
838ms Image
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoXibLNWlRJFVTFW-Q8cojcteshDUHSPYtT2wxEajwkDbV_DzFJP_4c1QOwilRRLdc3dgwILfis_UU4ILJ69cAXLKHCQYl5e3VCvTlCPKI7YyM8eUDUKVeOoJ-scwFv12fkjuJ19aUlUuAn5Izj9K0GwtwGXkKspGu4PrVJ0h5oL8fH4MlDuepETwEiMBN/s42/live-chat.png

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6552413f6f9d485d2cf65f22f96c8b8accd0693dd2830fae76998a26b781ec68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2f8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="live-chat.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 983
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
3 KB 23ms
11ms Script
text/javascript 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
Origin: https://www.icminerals.com.candysweet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Aug 2024 11:11:28 GMT
age: 110098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Aug 2025 11:11:28 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 10ms
10ms Script
text/javascript 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
Origin: https://www.icminerals.com.candysweet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Aug 2024 09:54:14 GMT
age: 114732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Aug 2025 09:54:14 GMT

GET
H2 200 new-game-pragmatic-6618becd8ce02.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiauK-EDjUE_yEklQQiXKWuR2aJWLpt43A3R3KqHaC3pRpffeMz78nyO7aR_Mzsf2PxLexeR5tjY6nt_UPhrS40vuHKUc42SL23IC-EINgAFE4PZDSGsynF5xVcbsKcxadbw_UOeAzzLHInSldb... 311 KB
312 KB 757ms
755ms Image
image/jpeg 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiauK-EDjUE_yEklQQiXKWuR2aJWLpt43A3R3KqHaC3pRpffeMz78nyO7aR_Mzsf2PxLexeR5tjY6nt_UPhrS40vuHKUc42SL23IC-EINgAFE4PZDSGsynF5xVcbsKcxadbw_UOeAzzLHInSldbddyFjofk1znLDaHK1Luwm3Td6QCsBg7r5RqA8VyGWR93/s1900/new-game-pragmatic-6618becd8ce02.jpg

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd79a07eb93d604fd1ca51cbd70fe3ad0076226295ae08b1886ce07bb7a8805d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2ef"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="new-game-pragmatic-6618becd8ce02.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318961
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 aksescepat-65f9e5fec052c.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaT9imZQ1UFiNyUIHvudSL6ZLiKyZmn9WmYBijqNRM_S1K0UAk8bV1ZuAtHJnfDf3h7VllafXYxe1W7X-hQ46BBrihacuxeEakoOnKYgbFlCOdaoGVxEaLhxn__hdSSE1Ws7JfIjZGXqBLlIvQ... 266 KB
266 KB 791ms
789ms Image
image/jpeg 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaT9imZQ1UFiNyUIHvudSL6ZLiKyZmn9WmYBijqNRM_S1K0UAk8bV1ZuAtHJnfDf3h7VllafXYxe1W7X-hQ46BBrihacuxeEakoOnKYgbFlCOdaoGVxEaLhxn__hdSSE1Ws7JfIjZGXqBLlIvQ3FC3iFQEu85r4XSungx807OJicGfXAfMEvD78yNvtT2r/s1900/aksescepat-65f9e5fec052c.jpg

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

708a4af0fa40c1d21a01c7acc3455f0e28865e46b18c7dcde2d25cc6b1305021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2ec"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="aksescepat-65f9e5fec052c.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272512
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:26 GMT

GET
H2 200 depositpulsa-65f9e60b443ec%20(1).jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU4mseOpLxcAxJ5EjEMZTssRV4Q2l-Qf2ctwIFy_W4dWRVWPjuLq34MFsvIgt9WlKg1WX7aD8Gw0uIlVlFnxdygvik0FlgJbvDNZCF3lm_dJ8qDJDywkjWmvS2didd5ZEw68VPOKq612nLU4h_... 291 KB
291 KB 1101ms
1100ms Image
image/jpeg 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU4mseOpLxcAxJ5EjEMZTssRV4Q2l-Qf2ctwIFy_W4dWRVWPjuLq34MFsvIgt9WlKg1WX7aD8Gw0uIlVlFnxdygvik0FlgJbvDNZCF3lm_dJ8qDJDywkjWmvS2didd5ZEw68VPOKq612nLU4h_tlQcisxkO5xXrf4wdm8uAhIiYH4JiMAhDoh3-4nRT1ul/s1900/depositpulsa-65f9e60b443ec%20(1).jpg

Requested by

Host: www.icminerals.com.candysweet.org
URL: https://www.icminerals.com.candysweet.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a366ab359e1b1b37f7c56807391497c230ee0d05d2d29b87a1153849ad4afae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2ef"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="depositpulsa-65f9e60b443ec (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298082
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:27 GMT

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012406131415000/v0/analytics-vendors/ 3 KB
956 B 6ms
6ms Fetch
application/json 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 08 Aug 2024 14:55:58 GMT
age: 96629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d77a8a769083755b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Aug 2025 14:55:58 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 1 KB
1 KB 20ms
5ms Fetch
application/json 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.icminerals.com.candysweet.org

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a80324fdc6ba012356db5943d7445dcf3955153b2465ac21e7cca264976ba517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 09 Aug 2024 17:46:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.icminerals.com.candysweet.org
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.icminerals.com.candysweet.org
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon-439244235.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO9QspUE4ocSieaAaRT9NfcMOCUo4s1YV3-rwTFtpwqZGG6S57LGgvkyqJ3j1GVtdFwlreIv2x7C6RBx-MTK7v_SV2CoZFw6t8lE7RvnG_aHZZ2t-huxu4VRkmyOPzSENdPd2qlnThzWK0Az4A... 3 KB
3 KB 602ms
601ms Other
image/png 2404:6800:4003:c1c::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO9QspUE4ocSieaAaRT9NfcMOCUo4s1YV3-rwTFtpwqZGG6S57LGgvkyqJ3j1GVtdFwlreIv2x7C6RBx-MTK7v_SV2CoZFw6t8lE7RvnG_aHZZ2t-huxu4VRkmyOPzSENdPd2qlnThzWK0Az4Aq3HOlv0WDxjA4pQQqdpYZeNGoZIPnv2qDvq0Cgq0PU_u/s32/favicon-439244235.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

291cd027b7b9e1809abd45b35264b9ee98760a4c17f25a0512dcd210b6aa5ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v236"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favicon-439244235.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2966
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:27 GMT

GET
H2 204 collect
www.google-analytics.com/g/ 0
201 B 19ms
6ms Image
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-E90GRJDR8Z&cid=amp-1RO-xLF4W38UD2wYK7JcaA&ul=en-sg&sr=1600x1200&sid=1723225587&sct=1&seg=1&dl=https%3A%2F%2Fwww.icminerals.com.candysweet.org%2F&dr=&dt=MPO878&en=page_view&_ee=1&_s=1&_et=1000&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&_fv=1&_p=957283753&_ss=1&dma=0&ep.groups=default&gtm=45De1110&npa=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 17:46:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 luckywheel-65f9e619949c9.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkI5Mu2hIzvH_W65LlWIPywL2Y-D-yy-uKG1Ggt3G2j8zCF0DHdwSuhs6OAHFLCt2krsUfoJXW6DJ6HfdnrmQYlKbA6cV-yDpUzQJLNy8TDzpc-_uGu_2xKwTpDe8yOWuLl7e_IPMxTFkW0gwW... 294 KB
294 KB 1462ms
1462ms Image
image/jpeg 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkI5Mu2hIzvH_W65LlWIPywL2Y-D-yy-uKG1Ggt3G2j8zCF0DHdwSuhs6OAHFLCt2krsUfoJXW6DJ6HfdnrmQYlKbA6cV-yDpUzQJLNy8TDzpc-_uGu_2xKwTpDe8yOWuLl7e_IPMxTFkW0gwW5k2RWGomg38Y0WyA3Zpsdaj1hskxCKjrXBmd1zjTDRV0/s1900/luckywheel-65f9e619949c9.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

fife /

Resource Hash

392b36abead1efe532015d64d30698faed17a6e67bdc9c9d2d985e9030305416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.icminerals.com.candysweet.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 17:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v2ee"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="luckywheel-65f9e619949c9.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 300964
x-xss-protection: 0
expires: Sat, 10 Aug 2024 17:46:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: icminerals.com
URL: https://icminerals.com/

Domain: icminerals.com
URL: https://icminerals.com/

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.candysweet.org/	1970-01-21 07:26:01	Name: _ga Value: amp-1RO-xLF4W38UD2wYK7JcaA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.icminerals.com.candysweet.org/ Message: Access to font at 'https://icminerals.com/' (redirected from 'https://www.icminerals.com.candysweet.org/fonts/digital_sans_ef_medium.woff2') from origin 'https://www.icminerals.com.candysweet.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://icminerals.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.icminerals.com.candysweet.org/ Message: Access to font at 'https://icminerals.com/' (redirected from 'https://www.icminerals.com.candysweet.org/fonts/digital_sans_ef_medium.woff') from origin 'https://www.icminerals.com.candysweet.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://icminerals.com/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdn.ampproject.org
d2rzzcn1jnr24x.cloudfront.net
icminerals.com
www.google-analytics.com
www.googletagmanager.com
www.icminerals.com.candysweet.org
icminerals.com
142.251.175.132
172.96.191.242
2404:6800:4003:c00::61
2404:6800:4003:c05::84
2404:6800:4003:c1a::71
2404:6800:4003:c1c::84
2600:9000:23d2:e200:c:5e6d:a440:21
0081e53a783f0fe43d01c530bedb2124d39fc3e8eca58a475bffcbdbbf5f4f2b
00fa93245d8c2577fa604a1254cd4a1d126139ac83959fe9ab52c3e1d0083b5b
02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0
049c52f75b19500768595bbf0b5a8dcb41d7c3f494e819dc407b98f62bdc643d
0748598aeaee6f08911f0a3d7245046b8f18d26314242698cca9e11e17fbe3fa
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
25ff6fb1fa6de0ff14c0b0a286f1c7e1213c0a0d27bbfc9aa0c97e58949a6d17
291cd027b7b9e1809abd45b35264b9ee98760a4c17f25a0512dcd210b6aa5ebe
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
392b36abead1efe532015d64d30698faed17a6e67bdc9c9d2d985e9030305416
3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
515ebc558b631a3e5a10c9b24a215d17abaa94395f3dea457f3217ada241f8f0
56b1fc0887fc3794ec71d2f067409aa3754dd71886483056bfa01b2cb97e94d0
58f13340f112f9037847130edcdf59b60e20af491112d290e85cc2bf1c3d54ec
5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056
5dacccdf04449eb70a5b22f3ce69198cf1442235723d2d19290c5ba00b80fc31
6552413f6f9d485d2cf65f22f96c8b8accd0693dd2830fae76998a26b781ec68
6c3918447739f27d8ab7f3b6e0fb75b077c793b22f58418bcae5a76a59adb0d3
6efa7d92b04eff08d94c65522282fb58535a8ec896ae6f32235cdd443d7a67c1
708a4af0fa40c1d21a01c7acc3455f0e28865e46b18c7dcde2d25cc6b1305021
7205df65ed0f2ffa228504161b1a75b61286c56c3693f8f2155bfc2a5605674b
74a2e420d0cf539132edb2bfc4d4c6ac687c0eba35dd5135f9eac478a70e3e6d
798530b7177fa43ba9981ca9c567a32119189fe28f13e15c2cf809d416407bbc
7a366ab359e1b1b37f7c56807391497c230ee0d05d2d29b87a1153849ad4afae
846519d41b6fd26f23a06c44718f72788df3e4b2e5db31d467473dc93baed27a
8d18027b8b1829794c1b9cab1b95ffa2905fb18486f4e86df18e03c96dc9968d
a779be57643c1bae1fd1549765fedc4dadc86fce52fa01082128577bb60f79d9
a80324fdc6ba012356db5943d7445dcf3955153b2465ac21e7cca264976ba517
abaecbecdd975803723dd290310c92f7c64e234fc8dfde7ccb5d3fbd9839ea0e
b4167006d8b8fd64ae3c764a7a1716857875e96aa846709adbd785ca0c9d60ea
b6318c43695c38e6ee713c3d71c5a7224b3607bd529b0c082dee4bff16dff300
bdd5ad0f5ff44678584aade156647170960683e152c8aa7afd29965212edfcc2
c0e38ef441c7169b89c0b268897f5d8d014f32ac4c10932971a67c10c56f8baa
d777d116483ab9c77fe0a8ab6b1c52fcfc4bdafbdf1058c0a0c2f1ff197d16f0
dc183b034f269eb1f397a0dceeecfffe106815b2309d7bad628a075ff436369d
dd79a07eb93d604fd1ca51cbd70fe3ad0076226295ae08b1886ce07bb7a8805d
e1925bd13c42ddb8308bbc57e6416c9822c48592135d4194c4d44cbae9be8fd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
e587ead12d272448d35f8c32981a474ff142c505be66b9fefdfad4633f21bc29
e9b1dc11019da0059685aebace3e7c050aef4c0b1531387551dab35f5b0079e3
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979
f86038be54b0e92134ae56f6fa3d6c32fb6fa835f9f3b842e2635892007be61a
fa902b48ee07d5bfd56e759db436fd4088fc781e34e2519092c09004774facbd
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

www.icminerals.com.candysweet.org Open in urlscan Pro 172.96.191.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

1497 kBTransfer

1862 kBSize

1 Cookies

6 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.icminerals.com.candysweet.org Open in urlscan Pro
172.96.191.242 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1497 kB
Transfer

1862 kB
Size

1
Cookies

45 HTTP transactions
5 data transactions