aa.b8r.pro Open in urlscan Pro
118.139.177.8  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response aa.b8r.pro/omzet/3/	16 KB 3 KB	121ms 62ms	Document text/html	118.139.177.8 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://aa.b8r.pro/omzet/3/?brerok=RTP%20KOI%20TOTO Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 118.139.177.8 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 8.177.139.118.host.secureserver.net Software Apache / PHP/8.1.29 Resource Hash 8efbff4737aaa4e9757f54219f4134d9c30eb83d19a1740e095ce807f4c9599b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-encoding br content-length 3213 content-type text/html; charset=UTF-8 date Mon, 08 Jul 2024 21:13:21 GMT server Apache vary Accept-Encoding x-powered-by PHP/8.1.29
GET H2	200	css2 fonts.googleapis.com/	6 KB 1 KB	686ms 111ms	Stylesheet text/css	74.125.200.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap Requested by Host: aa.b8r.pro URL: https://aa.b8r.pro/omzet/3/?brerok=RTP%20KOI%20TOTO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f95.1e100.net Software ESF / Resource Hash f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 08 Jul 2024 21:13:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 08 Jul 2024 20:55:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 08 Jul 2024 21:13:22 GMT
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	434ms 35ms	Script text/javascript	172.217.194.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: aa.b8r.pro URL: https://aa.b8r.pro/omzet/3/?brerok=RTP%20KOI%20TOTO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f132.1e100.net Software sffe / Resource Hash 416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Mon, 08 Jul 2024 21:13:22 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73122 x-xss-protection 0 server sffe etag "2af4af216080b72b" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 08 Jul 2024 21:13:22 GMT
GET H2	200	02-34-11-741_512.gif cdn.pixabay.com/animation/2023/03/19/02/34/	254 KB 255 KB	437ms 75ms	Image image/gif	172.64.147.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pixabay.com/animation/2023/03/19/02/34/02-34-11-741_512.gif Requested by Host: aa.b8r.pro URL: https://aa.b8r.pro/omzet/3/?brerok=RTP%20KOI%20TOTO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a159d7c7b2d4f49a4584a36f6b41a1c0a89f5e21a82ffdaf818e57103fe8224f Request headers Referer https://aa.b8r.pro/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 21:13:22 GMT x-amz-version-id EMbl7PuxNm0amztnr8Xh4Pkp3kbDrcoO cf-cache-status HIT age 5107407 x-amz-request-id KFZZNM3KTK57VJ60 cf-polished origSize=388700, status=webp_bigger x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 content-length 259769 x-amz-id-2 hej2/MPLlvX/UTSPAVlFpC9HNDwsjiNsPX9dkSHR5DRtSInbe5fQr8ck+tJ/YromfQWiH1dJWSZTGqfyAs8YnE/qePntdIYgaePHnYaFq1c= last-modified Sun, 19 Mar 2023 02:34:13 GMT cf-bgj imgq:85,h2pri server cloudflare etag "dfad07f4a517fbc8071a39a9aa6337dc" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes cf-ray 8a0313eda83f6004-SIN expires Tue, 08 Jul 2025 21:13:22 GMT
GET H2	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012406131415000/v0/	8 KB 4 KB	591ms 28ms	Script text/javascript	172.217.194.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f132.1e100.net Software sffe / Resource Hash 08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ Origin https://aa.b8r.pro User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 06 Jul 2024 13:28:38 GMT age 200685 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2974 x-xss-protection 0 server sffe etag "3bb766b5672b9f2f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 06 Jul 2025 13:28:38 GMT
GET H2	200	MELEDAK-4-16-2024-removebg-preview.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgopQNRFePAXjIoBkm4596tMlxBHA11R-UgRGOP5lGp2Ew79ZNeyQeu2Ej2f3QKCg4TFHoVo7BqXNCpdFvAOdzrPG1yEBDgNq0W_tUj3hGphn4pqh1gGZaEVHNMwRxOCBzV3FVC9syP3QqQjlYe...	197 KB 198 KB	862ms 458ms	Image image/png	74.125.24.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgopQNRFePAXjIoBkm4596tMlxBHA11R-UgRGOP5lGp2Ew79ZNeyQeu2Ej2f3QKCg4TFHoVo7BqXNCpdFvAOdzrPG1yEBDgNq0W_tUj3hGphn4pqh1gGZaEVHNMwRxOCBzV3FVC9syP3QqQjlYeNbljM2bZ6bnDwr21g4R42i4AEFNvgwXL55sy0apJq2c/s905/MELEDAK-4-16-2024-removebg-preview.png Requested by Host: aa.b8r.pro URL: https://aa.b8r.pro/omzet/3/?brerok=RTP%20KOI%20TOTO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f132.1e100.net Software fife / Resource Hash b5e351670d1023eb5cdf27f38cf18f705df773143b86dd01f4df2b6a32ff088f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 21:13:23 GMT x-content-type-options nosniff server fife etag "v27" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="MELEDAK-4-16-2024-removebg-preview.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 202071 x-xss-protection 0 expires Tue, 09 Jul 2024 21:13:23 GMT
GET H2	200	8.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhahsAUvueiIFeVX9NAsZzpiwYGnD2LpSleZzr2s7R2ehv-hfxHbh0yZc8vjI5FRTw4m-5MeKyXXc-mQNGzpnCrPVPeATqDnR7MvjZcReo65cPO5oEkYwWBjJ8IWDuLgomWIINsVSgMM-Fczs0J...	212 KB 213 KB	590ms 315ms	Image image/png	74.125.24.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhahsAUvueiIFeVX9NAsZzpiwYGnD2LpSleZzr2s7R2ehv-hfxHbh0yZc8vjI5FRTw4m-5MeKyXXc-mQNGzpnCrPVPeATqDnR7MvjZcReo65cPO5oEkYwWBjJ8IWDuLgomWIINsVSgMM-Fczs0J_sJYVXOmtEJF11tC38UR_FrOEihbC0EB2xnk6Dhvm8w/s320/8.png Requested by Host: aa.b8r.pro URL: https://aa.b8r.pro/omzet/3/?brerok=RTP%20KOI%20TOTO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f132.1e100.net Software fife / Resource Hash add091cdc173c3a39197214a7489f86268f5511f1757e40e7df72e8d1abcd7cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 21:13:23 GMT x-content-type-options nosniff server fife etag "v25" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="8.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 217284 x-xss-protection 0 expires Tue, 09 Jul 2024 21:13:23 GMT
GET H2	200	o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 fonts.gstatic.com/s/notosans/v36/	38 KB 39 KB	533ms 19ms	Font font/woff2	74.125.68.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f94.1e100.net Software sffe / Resource Hash 91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://aa.b8r.pro User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 02 Jul 2024 00:23:46 GMT x-content-type-options nosniff age 593377 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39412 x-xss-protection 0 last-modified Wed, 14 Feb 2024 22:43:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 00:23:46 GMT
GET H2	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012406131415000/v0/	12 KB 4 KB	180ms 179ms	Script text/javascript	172.217.194.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f132.1e100.net Software sffe / Resource Hash e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ Origin https://aa.b8r.pro User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 05 Jul 2024 17:54:43 GMT age 271120 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3935 x-xss-protection 0 server sffe etag "db107aa2d6068f23" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 05 Jul 2025 17:54:43 GMT
GET H2	200	imgpsh_fullsize_anim.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyrfwTWS_Nj3i_WDIP_GjXiEXGoglgJ-BG1CcedWqknz5CK1YZBfUP1Dd-iPsrV-fG8DwOkXooGHpGO8EkYJi3LjOaPA1Dz8qMQQtK0UXcY8nGysw6ySi3Duqy2aH2RUcxqrGR9cA-RknC707y...	120 KB 120 KB	247ms 246ms	Other image/png	74.125.24.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyrfwTWS_Nj3i_WDIP_GjXiEXGoglgJ-BG1CcedWqknz5CK1YZBfUP1Dd-iPsrV-fG8DwOkXooGHpGO8EkYJi3LjOaPA1Dz8qMQQtK0UXcY8nGysw6ySi3Duqy2aH2RUcxqrGR9cA-RknC707ypJQ5Ip-zCVIEhTWO7nMKqE1fpUeROJ3LAsIr4MIhdkI/s320/imgpsh_fullsize_anim.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f132.1e100.net Software fife / Resource Hash 12fe2fc7b486eb70d73c6c76ba27849cb25360908b2c44446f8e07f7144bb032 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa.b8r.pro/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 21:13:23 GMT x-content-type-options nosniff server fife etag "v2a" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="imgpsh_fullsize_anim.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123011 x-xss-protection 0 expires Tue, 09 Jul 2024 21:13:23 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pixabay.com/	1970-01-20 21:54:35	Name: __cf_bm Value: 85v2VodZNyWYoiiPNGul0piLSusLZGUlv_KzsZ3rdKA-1720473202-1.0.1.1-EEaF9Mhe1G0xGPWX3LuJ7TNeSG.dvJU7gLOCnZnbqs.beqCEDKsqId5DloI.d8K5gwZcwVLMcmuVo8GFTSHMpQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.b8r.pro
blogger.googleusercontent.com
cdn.ampproject.org
cdn.pixabay.com
fonts.googleapis.com
fonts.gstatic.com
118.139.177.8
172.217.194.132
172.64.147.160
74.125.200.95
74.125.24.132
74.125.68.94
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
12fe2fc7b486eb70d73c6c76ba27849cb25360908b2c44446f8e07f7144bb032
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
8efbff4737aaa4e9757f54219f4134d9c30eb83d19a1740e095ce807f4c9599b
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
a159d7c7b2d4f49a4584a36f6b41a1c0a89f5e21a82ffdaf818e57103fe8224f
add091cdc173c3a39197214a7489f86268f5511f1757e40e7df72e8d1abcd7cc
b5e351670d1023eb5cdf27f38cf18f705df773143b86dd01f4df2b6a32ff088f
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b