45.61.166.19 Open in urlscan Pro
45.61.166.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf
Effective URL:
https://45.61.166.19/
Submission: On July 18 via api (July 18th 2024, 9:09:26 pm UTC) from US — Scanned from SG

Summary HTTP 16 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 16 HTTP transactions. The main IP is 45.61.166.19, located in Dallas, United States and belongs to ROUTERHOSTING, US. The main domain is 45.61.166.19.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on July 1st 2024. Valid for: 3 months.

This is the only time 45.61.166.19 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	172.96.191.182 172.96.191.182	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 1	104.194.152.90 104.194.152.90	14956 (ROUTERHOS...) (ROUTERHOSTING)
1	45.61.166.19 45.61.166.19	14956 (ROUTERHOS...) (ROUTERHOSTING)
1	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::61	15169 (GOOGLE) (GOOGLE)
3	172.67.207.180 172.67.207.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.190.170 172.67.190.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.200.132 74.125.200.132	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1c::8a	15169 (GOOGLE) (GOOGLE)
16	8

2 172.96.191.182 (Singapore, Singapore) 2 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.182-static.reverse.arandomserver.com

curriculocerto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
janejohnsonphotography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.194.152.90 (Singapore, Singapore) 1 redirects

ASN14956 (ROUTERHOSTING, US)

104.194.152.90	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.166.19 (Dallas, United States)

ASN14956 (ROUTERHOSTING, US)
PTR: 19.166.61.45.static.cloudzy.com

45.61.166.19	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c00::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.207.180 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rbtasset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.190.170 (United States)

ASN13335 (CLOUDFLARENET, US)

winner69.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1c::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	144 KB
3	rbtasset.com cdn.rbtasset.com — Cisco Umbrella Rank: 96552	821 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	winner69.site winner69.site	113 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	102 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	janejohnsonphotography.com 1 redirects janejohnsonphotography.com	1023 B
1	curriculocerto.com 1 redirects curriculocerto.com	1 KB
16	8

	Domain	Requested by
7	cdn.ampproject.org	45.61.166.19 cdn.ampproject.org
3	cdn.rbtasset.com	45.61.166.19
2	www.google-analytics.com	www.googletagmanager.com
1	winner69.site	45.61.166.19
1	www.googletagmanager.com	45.61.166.19
1	fonts.googleapis.com	45.61.166.19
1	janejohnsonphotography.com	1 redirects
1	curriculocerto.com	1 redirects
16	8

This site contains links to these domains. Also see Links.

Domain
167.88.170.38
rgoods1.site

Subject Issuer	Validity	Valid
45.61.166.19 ZeroSSL RSA Domain Secure Site CA	`2024-07-01` - `2024-09-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
rbtasset.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
winner69.site WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://45.61.166.19/
Frame ID: 4515742E33E37BEDEE3398DD440AC26C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winner69: Where Slot Dreams Come True

Page URL History Show full URLs

http://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf HTTP 307
https://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf HTTP 301
https://104.194.152.90/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf HTTP 301
https://janejohnsonphotography.com/ HTTP 301
https://45.61.166.19/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Page Statistics

16
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1188 kB
Transfer

1794 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://167.88.170.38/
Title: Winner69

Search URL Search Domain Scan URL

URL: https://rgoods1.site/winner69
Title: LOGIN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf HTTP 307
https://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf HTTP 301
https://104.194.152.90/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf HTTP 301
https://janejohnsonphotography.com/ HTTP 301
https://45.61.166.19/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
45.61.166.19/
Redirect Chain

http://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf
https://curriculocerto.com/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf
https://104.194.152.90/wp-content/uploads/2022/07/adobe_photoshop_cs6_key_generator_activator.pdf
https://janejohnsonphotography.com/
https://45.61.166.19/

19 KB
6 KB

753ms
250ms

Document
text/html

45.61.166.19
ROUTERHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://45.61.166.19/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.166.19 Dallas, United States, ASN14956 (ROUTERHOSTING, US),
Reverse DNS: 19.166.61.45.static.cloudzy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5a73c79d86cea22ad33c7edc6c5dd72f3aaf485c94cd3a36f1a766e238361f6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 18 Jul 2024 21:09:15 GMT
ETag: W/"6682dea8-4a94"
Last-Modified: Mon, 01 Jul 2024 16:51:52 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 795
content-type: text/html
date: Thu, 18 Jul 2024 21:09:15 GMT
location: https://45.61.166.19/
server: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 22ms
7ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abel%7COswald:400%7CPT+Sans:400,700%7COpen+Sans:300,400,700,800

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

399e9452651cbb26dbcbd471451a03ce59411bbe67f1fe41fcf809bbaba61815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jul 2024 21:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jul 2024 21:09:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 23ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Jul 2024 21:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 11ms
10ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Jul 2024 21:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2467
x-xss-protection: 0
server: sffe
etag: "5afdd0604fa01f3c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H2 200 amp-video-0.1.js Show response
cdn.ampproject.org/v0/ 52 KB
16 KB 14ms
10ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-video-0.1.js

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f92eb0255e0c85c8e9c0cefc183438851a8e4020008ce83ee24f874ce234f516

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Jul 2024 21:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15934
x-xss-protection: 0
server: sffe
etag: "6dc1ff43a4ecd922"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Jul 2024 21:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32172
x-xss-protection: 0
server: sffe
etag: "d1ab60b03cd8a04e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fa3336a40a94aa993e77e58243ee944bcec9084f71f4ed34399c96224c4e2eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Jul 2024 21:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15359
x-xss-protection: 0
server: sffe
etag: "878b797225258d2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
102 KB 45ms
21ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X34P1017EQ

Requested by

Host: 45.61.166.19
URL: https://45.61.166.19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2458483eecb168d681f436656ab56a8cee550c1f9057bba17d8e1f8f6d90e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 21:09:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jul 2024 21:09:15 GMT

GET
H3 200 logo.gif
cdn.rbtasset.com/assets/tpl/eb03a2719e/images/ 819 KB
820 KB 82ms
57ms Image
image/gif 172.67.207.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rbtasset.com/assets/tpl/eb03a2719e/images/logo.gif
Requested by: Host: 45.61.166.19
URL: https://45.61.166.19/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baeb6d588824b39e447c684102420d724e7a032711a68c5d7744000e86d52ea9

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 21:09:16 GMT
x-amz-version-id: z.8Dmnrx_t8fpT6sPC_l.FPFWb0Dx8cJ
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7EFRM32KSA6R8B10
alt-svc: h3=":443"; ma=86400
content-length: 838558
x-amz-id-2: QDXtxTl3CtPb1/rxX/TsHDhLSA73I5OqRaQZczUid+18qjjZ6sk9zOvK0nPHgcmBw5A2sXNCQVg=
last-modified: Tue, 01 Aug 2023 13:23:42 GMT
server: cloudflare
etag: "4ac5923703739610eac9fdcec053f926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egBYqnu1q7HtlPXVCGWKjn537LcmBv9YjAaNVR%2FlOwwZAbJErjMqaqXr9z7lwEDwK2EdWAQBwAgoNbKEhhFzdsAB3dFxgtM3mnZmsmg6wey0bgzfw7piUuGLoFPb1KDgKwn2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a5573a7488a5cd7-SIN

GET
H3 200 RTP.jpg
winner69.site/ 112 KB
113 KB 37ms
15ms Image
image/jpeg 172.67.190.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winner69.site/RTP.jpg
Requested by: Host: 45.61.166.19
URL: https://45.61.166.19/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14287fb96fb85c03cd0d4129c59bd55145a8ea6afd31b7e780f89d584950624

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 21:09:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 185133
alt-svc: h3=":443"; ma=86400
content-length: 115124
last-modified: Thu, 26 Oct 2023 18:39:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybvoGdmkSh%2BuYG0e0Q1Re9Y2Zr9yY0KvO1po1RFw3Cy2JsXHdVPNqf5Nms2sTipK9c3HYcXJNprOqEIrSF5R7MvLTNFvS9shL64FEbTewS5bcEDxw93CmaRPqv9T%2BSFy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a5573a74a1a895c-SIN
expires: Tue, 23 Jul 2024 17:43:43 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
3 KB 16ms
5ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
Origin: https://45.61.166.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jul 2024 14:44:35 GMT
age: 23081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 18 Jul 2025 14:44:35 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 7ms
5ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45.61.166.19/
Origin: https://45.61.166.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jul 2024 17:59:37 GMT
age: 97779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Jul 2025 17:59:37 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 96ms
26ms Fetch
text/plain 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X34P1017EQ&gtm=45je47h0v9180401509za200&_p=1721336955928&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=511928108.1721336956&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721336956&sct=1&seg=0&dl=https%3A%2F%2F45.61.166.19%2F&dt=Winner69%3A%20Where%20Slot%20Dreams%20Come%20True&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1033&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X34P1017EQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 21:09:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://45.61.166.19
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
cdn.rbtasset.com/assets/tpl/eb03a2719e/images/ 1 KB
1 KB 14ms
14ms Other
image/vnd.microsoft.icon 172.67.207.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rbtasset.com/assets/tpl/eb03a2719e/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8975b9bcf379626822b2b95e6d0559f335cc8b67347f5de3d45e7314569f06f3

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 21:09:16 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VJBKJ10KATQGW4VQ
age: 2817
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vzhLVL9FUu/c7Bf7ZPE67yjFirSuEINtX1cS0a/PzKf5JaESbigbGVHb6y/G1oRB2nSaDbgtQLM=
last-modified: Mon, 26 Sep 2022 13:29:18 GMT
server: cloudflare
etag: W/"bb02d02d34e1328e531877f34a7b5abb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u01kciZQv9m3bXjZCEYscy6uKyzMi1AoXwzWMjE%2FnP7iwwCI2lVOSKnGP8dLLCuST0crn6wCenoZTrUJrJcYZkZrrL%2F9Qo%2FAUFJjb2qVLjMKkMs%2FB8PGNDSUvCrYseVsgb3z"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 8a5573a859875cd7-SIN

GET
H3 200 favicon.ico
cdn.rbtasset.com/assets/tpl/eb03a2719e/images/ 1 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 172.67.207.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rbtasset.com/assets/tpl/eb03a2719e/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8975b9bcf379626822b2b95e6d0559f335cc8b67347f5de3d45e7314569f06f3

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 21:09:16 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VJBKJ10KATQGW4VQ
age: 2817
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vzhLVL9FUu/c7Bf7ZPE67yjFirSuEINtX1cS0a/PzKf5JaESbigbGVHb6y/G1oRB2nSaDbgtQLM=
last-modified: Mon, 26 Sep 2022 13:29:18 GMT
server: cloudflare
etag: W/"bb02d02d34e1328e531877f34a7b5abb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u01kciZQv9m3bXjZCEYscy6uKyzMi1AoXwzWMjE%2FnP7iwwCI2lVOSKnGP8dLLCuST0crn6wCenoZTrUJrJcYZkZrrL%2F9Qo%2FAUFJjb2qVLjMKkMs%2FB8PGNDSUvCrYseVsgb3z"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 8a5573a859875cd7-SIN

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 8ms
6ms Fetch
text/plain 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X34P1017EQ&gtm=45je47h0v9180401509za200&_p=1721336955928&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=511928108.1721336956&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1721336956&sct=1&seg=0&dl=https%3A%2F%2F45.61.166.19%2F&dt=Winner69%3A%20Where%20Slot%20Dreams%20Come%20True&en=scroll&epn.percent_scrolled=90&_et=10&tfd=6047&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X34P1017EQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://45.61.166.19/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jul 2024 21:09:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://45.61.166.19
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			45.61.166.19/	1970-01-21 07:44:56	Name: _ga Value: GA1.1.511928108.1721336956
			45.61.166.19/	1970-01-21 07:44:56	Name: _ga_X34P1017EQ Value: GS1.1.1721336956.1.0.1721336956.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cdn.rbtasset.com
curriculocerto.com
fonts.googleapis.com
janejohnsonphotography.com
winner69.site
www.google-analytics.com
www.googletagmanager.com
104.194.152.90
172.67.190.170
172.67.207.180
172.96.191.182
2404:6800:4003:c00::5f
2404:6800:4003:c00::84
2404:6800:4003:c01::61
2404:6800:4003:c1c::8a
45.61.166.19
74.125.200.132
02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
2458483eecb168d681f436656ab56a8cee550c1f9057bba17d8e1f8f6d90e1e4
399e9452651cbb26dbcbd471451a03ce59411bbe67f1fe41fcf809bbaba61815
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
5a73c79d86cea22ad33c7edc6c5dd72f3aaf485c94cd3a36f1a766e238361f6a
8975b9bcf379626822b2b95e6d0559f335cc8b67347f5de3d45e7314569f06f3
8fa3336a40a94aa993e77e58243ee944bcec9084f71f4ed34399c96224c4e2eb
a14287fb96fb85c03cd0d4129c59bd55145a8ea6afd31b7e780f89d584950624
baeb6d588824b39e447c684102420d724e7a032711a68c5d7744000e86d52ea9
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
ecc9a646c8fecfa4e12f32a06800977bd039ce2e91d1cc7c94b3c7b7b0999979
f92eb0255e0c85c8e9c0cefc183438851a8e4020008ce83ee24f874ce234f516

45.61.166.19 Open in urlscan Pro 45.61.166.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

40 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

1188 kBTransfer

1794 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

Indicators

45.61.166.19 Open in urlscan Pro
45.61.166.19 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1188 kB
Transfer

1794 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions