pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Submission Tags: @phish_report
Submission: On June 21 via api (June 21st 2024, 4:12:13 am UTC) from FI — Scanned from FI

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 11 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev.
TLS certificate: Issued by E1 on June 3rd 2024. Valid for: 3 months.

This is the only time pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:ea00:10:6852:2c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	172.67.196.249 172.67.196.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.219.249 172.67.219.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	162.19.88.68 162.19.88.68	16276 (OVH) (OVH)
11	9

2 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ea00:10:6852:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

custom-images.strikinglycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.196.249 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gracecommunityfoodpantry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.219.249 (United States)

ASN13335 (CLOUDFLARENET, US)

ignitinganation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 486	79 KB
2	r2.dev pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev	31 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18042	290 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7896	88 KB
1	ignitinganation.com ignitinganation.com	364 KB
1	gracecommunityfoodpantry.com 1 redirects www.gracecommunityfoodpantry.com	512 B
1	strikinglycdn.com custom-images.strikinglycdn.com — Cisco Umbrella Rank: 214979	2 MB
1	gstatic.com fonts.gstatic.com	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
11	9

	Domain	Requested by
3	cdn.ampproject.org	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev cdn.ampproject.org
2	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
1	i.postimg.cc
1	i.imgur.com	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
1	ignitinganation.com	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
1	www.gracecommunityfoodpantry.com	1 redirects
1	custom-images.strikinglycdn.com	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
11	9

This site contains links to these domains. Also see Links.

Domain
pub-d7ba078d2a0a46a1a9b5146009f8d200.r2.dev
pub-d55fd078143e4402af63552d2d146343.r2.dev

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.strikinglycdn.com Amazon RSA 2048 M03	`2023-12-29` - `2025-01-26`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
postimg.cc R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Frame ID: 3EF95C34790AA44F47771CF3FD53678A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SLOT THAILAND 🔥 Daftar Situs Slot Online & Slot Gacor Terbaik Di Jamin Jackpot

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

2502 kB
Transfer

2720 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pub-d7ba078d2a0a46a1a9b5146009f8d200.r2.dev/gas.html

Search URL Search Domain Scan URL

URL: https://pub-d55fd078143e4402af63552d2d146343.r2.dev/gas.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.gracecommunityfoodpantry.com/image/daftar-disini.gif HTTP 301
https://ignitinganation.com/image/daftar-disini.gif

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request gas.html Show response
pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/ 15 KB
15 KB 2065ms
1901ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608799dffa6c865d60f57112944213ec303ae31df383cda119114f778adafab0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Accept-Ranges: bytes
CF-RAY: 8971288a3a6c0b51-OSL
Connection: keep-alive
Content-Length: 15515
Content-Type: text/html
Date: Fri, 21 Jun 2024 04:12:07 GMT
ETag: "1eaa0fdef63838077ba5276605b3a790"
Last-Modified: Sat, 08 Jun 2024 20:28:24 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 318ms
82ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfe919b7a91a4e6139549439e7bb05fbd5fcac3003dd0a66b06122e9649a942b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 04:12:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73110
x-xss-protection: 0
server: sffe
etag: "4b352ddb18ca8962"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jun 2024 04:12:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 240ms
82ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0d215ef5667a96fc7f1d72d23d6c54d2c854c429a5cd6babcd2d09b0f1520e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 04:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 21 Jun 2024 04:12:08 GMT

GET
H/1.1 200
OK gas.html
pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/ 15 KB
15 KB 0ms
0ms Image
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Requested by: Host: pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Fri, 21 Jun 2024 04:12:07 GMT
Last-Modified: Sat, 08 Jun 2024 20:28:24 GMT
Server: cloudflare
ETag: "1eaa0fdef63838077ba5276605b3a790"
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
CF-RAY: 8971288a3a6c0b51-OSL
Content-Length: 15515

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mhPy0.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 233ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mhPy0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e357b02137741b5640a01eb60531cc5b9f1ad6af0797abd26d34249073fb11b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 18 Jun 2024 15:15:24 GMT
x-content-type-options: nosniff
age: 219404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39372
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:44:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:15:24 GMT

GET
H2 200 434054_501413.gif
custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_9000,w_1200,f_auto,q_60/14400629/ 2 MB
2 MB 286ms
113ms Image
image/gif 2600:9000:211e:ea00:10:6852:2c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://custom-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_9000,w_1200,f_auto,q_60/14400629/434054_501413.gif
Requested by: Host: pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ea00:10:6852:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 32835977756f3f2fc918d9eb1ea8f1f739ed862f2b38996401dcf7b10eae13d1

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 20 Jun 2024 11:09:46 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront), 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2, FRA56-C2
age: 61342
x-amzn-trace-id: Root=1-66740dfa-7303b53f7eccf7e84234b2b3;Parent=4eddabed420bd407;Sampled=0;lineage=f935ec17:0
x-amzn-requestid: af8a77e7-1c37-48d1-b8f3-06d0b2116873
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-apigw-id: ZqcfJGQONjMEnJA=
content-length: 1646562
x-amz-cf-id: sXZ6tWdBsFPNl6iaFMZE7zCJYPpP9VgeN6jqvYpB1cy_Ldk-pb8mCQ==
alt-svc: h3=":443"; ma=86400

GET
H3

200

daftar-disini.gif
ignitinganation.com/image/
Redirect Chain

https://www.gracecommunityfoodpantry.com/image/daftar-disini.gif
https://ignitinganation.com/image/daftar-disini.gif

363 KB
364 KB

1289ms
1215ms

Image
image/gif

172.67.219.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ignitinganation.com/image/daftar-disini.gif
Requested by: Host: pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188
Protocol: H3
Server: 172.67.219.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60432bef019f7f59bc205f9f5c492e8b57e36fd56cf00e606d0de305c20b73b8

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 21 Jun 2024 04:12:10 GMT
cf-cache-status: HIT
last-modified: Sun, 16 Jun 2024 17:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ac29-666f27fb-17a020;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cprZrSlC0qy21VaKOKh9PHNz1aqqrzDULfV4bm4%2Fd0VeU%2Fcnd8mK6KJRzPS0UBiSuRNWcHl4Qy03TLh9p%2BMrL60f2oqQHT1Zum9RvsXGgF0VyvqbHrvteuZ7yf%2F%2FhC01aNwG6vX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 8971289fbd535697-OSL
alt-svc: h3=":443"; ma=86400
content-length: 371753
expires: Sun, 23 Jun 2024 17:59:24 GMT

Redirect headers

date: Fri, 21 Jun 2024 04:12:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kykScSOgrJwdotGwnupaac0FbKU40BVchnv6yPjg1WVDSG7mipoybQg4CREt%2FLJDMhHjt0QzGWMz3Lrywszz%2FaX6bB4PFjYkaF7zJ9rak4FfgJnIfZUx1GHG11dJYtnFk%2Bmyv6cwpdnKCDXh4ZwA%2BLLh%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://ignitinganation.com/image/daftar-disini.gif
cache-control: max-age=14400
cf-ray: 89712899da5ab517-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 QVYzKS8.gif
i.imgur.com/ 88 KB
88 KB 148ms
45ms Image
image/gif 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/QVYzKS8.gif

Requested by

Host: pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
URL: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/gas.html?page_id=SULTAN188

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

af31dd0afba2ba5290ddd6593af697e8834035850837776157ed76bcd9fe1d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 21 Jun 2024 04:12:08 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P6
age: 740503
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 89906
x-served-by: cache-iad-kiad7000174-IAD, cache-hel1410028-HEL
last-modified: Sun, 21 Apr 2024 19:13:08 GMT
server: cat factory 1.0
x-timer: S1718943129.634889,VS0,VE1
etag: "db8714358b0079e72c468e834dc7a32b"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NFx8lCIoIByalIJmeKd1SjxMeai-QD339Uo5VADrn3XI93-Yjfogpw==
x-cache-hits: 40, 0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406071948000/v0/ 8 KB
3 KB 224ms
75ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406071948000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

81c62c86ae6312a2d659fbb98d2c1f96df9f17750c243d3a7187c81d06b3943e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
Origin: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 18:02:52 GMT
age: 209356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2977
x-xss-protection: 0
server: sffe
etag: "a476e4d9b6073913"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Jun 2025 18:02:52 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406071948000/v0/ 12 KB
4 KB 229ms
82ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406071948000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

edecc4722ba79a432957aef7b0592457f23e4354c9d35ba9ad6110a169d99df5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
Origin: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 18:02:52 GMT
age: 209356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "fa3972d0647e9996"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Jun 2025 18:02:52 GMT

GET
H2 200 lambo-bos-removebg-preview.png
i.postimg.cc/CKMysWBN/ 289 KB
290 KB 252ms
80ms Other
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://i.postimg.cc/CKMysWBN/lambo-bos-removebg-preview.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 5f18cb9ff232ce7a4eb1863ed3d622036b19c49bdd44322dc908aef9112d4bd5

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 21 Jun 2024 04:12:11 GMT
last-modified: Wed, 22 May 2024 05:08:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 295896
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
custom-images.strikinglycdn.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
i.postimg.cc
ignitinganation.com
pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev
www.gracecommunityfoodpantry.com
142.250.184.225
162.19.88.68
172.67.196.249
172.67.219.249
199.232.192.193
2600:9000:211e:ea00:10:6852:2c80:93a1
2606:4700::6812:323
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:831::2001
32835977756f3f2fc918d9eb1ea8f1f739ed862f2b38996401dcf7b10eae13d1
5f18cb9ff232ce7a4eb1863ed3d622036b19c49bdd44322dc908aef9112d4bd5
60432bef019f7f59bc205f9f5c492e8b57e36fd56cf00e606d0de305c20b73b8
608799dffa6c865d60f57112944213ec303ae31df383cda119114f778adafab0
81c62c86ae6312a2d659fbb98d2c1f96df9f17750c243d3a7187c81d06b3943e
af31dd0afba2ba5290ddd6593af697e8834035850837776157ed76bcd9fe1d68
bfe919b7a91a4e6139549439e7bb05fbd5fcac3003dd0a66b06122e9649a942b
e357b02137741b5640a01eb60531cc5b9f1ad6af0797abd26d34249073fb11b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edecc4722ba79a432957aef7b0592457f23e4354c9d35ba9ad6110a169d99df5
f0d215ef5667a96fc7f1d72d23d6c54d2c854c429a5cd6babcd2d09b0f1520e0

pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev Open in urlscan Pro 2606:4700::6812:323 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

9 Domains

9 Subdomains

9 IPs

3 Countries

2502 kBTransfer

2720 kBSize

0 Cookies

2 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

Indicators

pub-6213159a91494e4a8f635b1cbb7e8cca.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

2502 kB
Transfer

2720 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions