pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev Open in urlscan Pro
2606:4700::6812:223  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request surga99.html Show response pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/	26 KB 26 KB	1280ms 1153ms	Document text/html	2606:4700::6812:223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21d47b7301fcb8a0478e5b5bf8fa91057854a1080e79b0df957106c8acd7097e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Accept-Ranges bytes CF-RAY 8a5f15fdcb3ab51d-OSL Connection keep-alive Content-Length 26801 Content-Type text/html Date Sat, 20 Jul 2024 01:12:58 GMT ETag "8485de56fae90f45dee37e75670e127a" Last-Modified Fri, 19 Jul 2024 13:33:04 GMT Server cloudflare Vary Accept-Encoding
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	406ms 170ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sat, 20 Jul 2024 01:12:58 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73122 x-xss-protection 0 server sffe etag "2af4af216080b72b" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 20 Jul 2024 01:12:58 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/v0/	110 KB 32 KB	322ms 86ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.js Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sat, 20 Jul 2024 01:12:58 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32172 x-xss-protection 0 server sffe etag "d1ab60b03cd8a04e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 20 Jul 2024 01:12:58 GMT
GET		bloodred.jpg img.hotimg.com/	0 0
GET DATA	200 OK	truncated /	82 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	401	slot-gacor_bfoc6m.png res.cloudinary.com/dbga4whj0/image/upload/v1713371230/	32 B 32 B	426ms 273ms	Image text/plain	2606:4700::6811:c901 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/dbga4whj0/image/upload/v1713371230/slot-gacor_bfoc6m.png Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c901 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b28c6ea6be3dc3a1fef0c68e7354e9f2f49fed1d842a534d8152b67fba58c9e4 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers pragma no-cache date Sat, 20 Jul 2024 01:12:59 GMT strict-transport-security max-age=604800 server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * access-control-expose-headers Content-Length,Server-Timing cache-control private, no-transform, max-age=0, no-cache server-timing cld-cloudflare;dur=202;start=2024-07-20T01:12:59.158Z;desc=hit,rtt;dur=56 accept-ranges none timing-allow-origin * cf-ray 8a5f1609ac4956ae-OSL content-length 32
GET H2	200	cewek_sexy.png cdn.shopify.com/s/files/1/0692/5857/6090/files/	36 KB 37 KB	340ms 229ms	Image image/webp	2620:127:f00f:ff01:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0692/5857/6090/files/cewek_sexy.png Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce90e42f95b674d46a9900cd124c5d790d08af6fb1358459bc0b6d4692ee7c00 Security Headers Name Value Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Sat, 20 Jul 2024 01:12:59 GMT content-security-policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,gcp-us-central1 source-type image/png server-timing imagery;dur=257.442, imageryFetch;dur=135.957, imageryProcess;dur=120.842;desc="image", cfRequestDuration;dur=183.999777, ipv6 source-length 260615 content-length 36906 x-xss-protection 1; mode=block x-request-id 006a2a18-0cfb-4c97-9330-ea47035df64c-1720339259 alt-svc h3=":443"; ma=86400 last-modified Sun, 07 Jul 2024 08:00:59 GMT server cloudflare x-shopid 69258576090 vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMgIcMECY8dYR9Q4weEHq7Ur2LcP2qXlV4CaUYmrJ85WKNgKYwj9JaiZ9KvPL2dqbTw0zqXy35YFOqWKuv8TmfTy9o8sBwQ6BuSVlM8ISeFzvFGDRODhj0592QSyY02%2F461PGdjDy%2FtgpEWKTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0692/5857/6090/files/cewek_sexy.png>; rel="canonical" cf-ray 8a5f160969738d75-HEL
GET H2	200	gates-of-olympus.webp img.hotimg.com/	27 KB 28 KB	126ms 121ms	Image image/webp	3.161.82.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.hotimg.com/gates-of-olympus.webp Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.82.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-82-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 90a846fc2bbbf9fbe744eea81c158e3de868a4c2ea65b8574d58ec6edfc2952a Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Thu, 16 May 2024 11:34:54 GMT via 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront) last-modified Sun, 25 Feb 2024 22:00:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 5578686 etag "6d8a4aa744242b41f7f67fcca335c9a7" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 27906 x-amz-cf-id L1Tq6M_zHKMroojMm8n0VgOkziQmzSOGS9NcbhjcS2Cnq5oqi1SfvA==
GET H2	200	queen-bounty.webp img.hotimg.com/	24 KB 25 KB	271ms 267ms	Image image/webp	3.161.82.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.hotimg.com/queen-bounty.webp Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.82.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-82-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b2ed8071a2565731ec24f01932d291df6782add403e2817070c7636b7883e919 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Thu, 16 May 2024 11:34:54 GMT via 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront) last-modified Sun, 25 Feb 2024 22:00:15 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 5578686 etag "3334e231cd0a06faea548a98cf3cb7ab" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 24984 x-amz-cf-id FN01yr_zz2ViZiS1pFk5ZFUwf3vqWOekKrx7WGG9nN9c7pPllXpJzA==
GET H2	200	caishen-win.webp img.hotimg.com/	29 KB 29 KB	222ms 219ms	Image image/webp	3.161.82.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.hotimg.com/caishen-win.webp Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.82.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-82-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f309c047ab7df9db366200ea4b8c51ad8e61f993e7c1c6e3162b079d9efaa1dd Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Thu, 16 May 2024 11:34:54 GMT via 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront) last-modified Sun, 25 Feb 2024 22:00:15 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 5578685 etag "24496f5a483a2927d102363fc6c862ec" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 29368 x-amz-cf-id vDNxD_ltKQlu5bphOKLdsbqPLumNWdDOzWzaqfreMJWs5x8qvRfrlw==
GET H2	200	genie.webp img.hotimg.com/	24 KB 25 KB	286ms 283ms	Image image/webp	3.161.82.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.hotimg.com/genie.webp Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.82.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-82-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b580c377f235c7a4c538bee1ef7073563b010c7c78909e312b9d5949a98e4b41 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Sun, 26 May 2024 18:12:31 GMT via 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront) last-modified Sun, 25 Feb 2024 22:00:14 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 4690828 etag "b2e08b9429408b36aab9db8f39682351" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 24874 x-amz-cf-id AX45MluWaq5cLKbLQwFLJ_xefFEf5U4N_-4q85a9lxBIM7Ff6jYwXQ==
GET H2	200	mahjong-ways.webp img.hotimg.com/	27 KB 27 KB	99ms 97ms	Image image/webp	3.161.82.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.hotimg.com/mahjong-ways.webp Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.82.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-82-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 30d18a9d299cc8408f783e0da71dcf22e8292d413a1f0d319ee6e08bc45415be Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Tue, 25 Jun 2024 03:41:16 GMT via 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront) last-modified Sun, 25 Feb 2024 22:00:13 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 2151103 etag "2c672098f19c3393eb751ea016c580e0" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 27260 x-amz-cf-id PnQWS0O1URbrGG2e_Fcm8gLXK46gNAS4eO413bL3ZrWUrQXvhljM6w==
GET H2	200	fortune-tiger.webp img.hotimg.com/	32 KB 33 KB	192ms 189ms	Image image/webp	3.161.82.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.hotimg.com/fortune-tiger.webp Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.82.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-82-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b0a5abea760443eb20f8416a8dc1490d5f792550ef1574184b7dad1f6483567e Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Sun, 07 Apr 2024 16:27:38 GMT via 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront) last-modified Sun, 25 Feb 2024 22:00:16 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 8930721 etag "1b3f1400652caa163f8a6a91dfb3e2c5" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 32996 x-amz-cf-id 2tTDVsiYEdJdvNte3a5tOqCdl_tksh2k68V9GDxRNfN4vwZ_1bSeOw==
GET H2	200	pandaku.webp cdn.shopify.com/s/files/1/0692/5857/6090/files/	104 KB 105 KB	475ms 366ms	Image image/webp	2620:127:f00f:ff01:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0692/5857/6090/files/pandaku.webp?v=1708903401 Requested by Host: pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev URL: https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/surga99.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54322a29f62d346c13c9b497d1278a23e55145ed1086013b67957427b9e66d62 Security Headers Name Value Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Sat, 20 Jul 2024 01:12:59 GMT content-security-policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,gcp-us-east1 source-type image/webp server-timing imagery;dur=286.433, imageryFetch;dur=111.357, imageryProcess;dur=173.742;desc="image", cfRequestDuration;dur=319.999933, ipv6 source-length 463084 content-length 106914 x-xss-protection 1; mode=block x-request-id ef4ea509-676d-4741-9c5d-bdba75d2e247-1720910696 alt-svc h3=":443"; ma=86400 last-modified Sat, 13 Jul 2024 22:44:56 GMT server cloudflare x-shopid 69258576090 vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1%2BgfeN1KQ96lbrCePHuoCjkAkpg4YJXibiB7%2Bm9Wolq5Et756VYHrrGxsrLRB1aILK2Wqby1x9p8XBtZHSQkVm0kgGmEjrde781X4qR%2BC4SOkEh0IAEgOPw7WeVlq%2Fpggg09RHWs6rCqqPNjQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0692/5857/6090/files/pandaku.webp>; rel="canonical" cf-ray 8a5f160969758d75-HEL
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012406131415000/v0/	8 KB 3 KB	238ms 86ms	Script text/javascript	216.58.206.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f1.1e100.net Software sffe / Resource Hash 08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ Origin https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 Jul 2024 11:47:33 GMT age 307526 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2974 x-xss-protection 0 server sffe etag "3bb766b5672b9f2f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 16 Jul 2025 11:47:33 GMT
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012406131415000/v0/	12 KB 4 KB	220ms 76ms	Script text/javascript	216.58.206.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f1.1e100.net Software sffe / Resource Hash e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ Origin https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 17 Jul 2024 09:45:07 GMT age 228472 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3935 x-xss-protection 0 server sffe etag "db107aa2d6068f23" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 17 Jul 2025 09:45:07 GMT
GET H2	200	qleku5cbjc0u9jqamq79.webp res.cloudinary.com/dfwxjqnf8/image/upload/v1718921924/	98 KB 99 KB	433ms 432ms	Other image/webp	2606:4700::6811:c901 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://res.cloudinary.com/dfwxjqnf8/image/upload/v1718921924/qleku5cbjc0u9jqamq79.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c901 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c3e359809e8958c0467760f848e60c6c14fca78bc3c713050fc9c8b85ba3b4f Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Referer https://pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers date Sat, 20 Jul 2024 01:12:59 GMT strict-transport-security max-age=604800 x-content-type-options nosniff content-disposition inline; filename="qleku5cbjc0u9jqamq79.webp" server-timing cld-cloudflare;dur=369;start=2024-07-20T01:12:59.532Z;desc=miss,rtt;dur=56,content-info;desc="width=1024,height=1024,bytes=100294,o=1,ef=(17);";cloudinary;dur=35;start=2024-07-20T01:12:59.803Z content-length 100294 x-orig-request-id 30bbc41a80cb635bf6c3cd4de49550b6 last-modified Thu, 20 Jun 2024 22:18:45 GMT server cloudflare etag "3d6dc1b104c930cf1e183e8e7ca52d06" vary Accept-Encoding content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options cache-control public, no-transform, immutable, max-age=2592000 accept-ranges bytes cf-ray 8a5f160c0d1156ae-OSL timing-allow-origin *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

img.hotimg.com

URL

https://img.hotimg.com/bloodred.jpg

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://res.cloudinary.com/dbga4whj0/image/upload/v1713371230/slot-gacor_bfoc6m.png Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cdn.shopify.com
img.hotimg.com
pub-5a3a96a1da8a4ce697e80b55247e5ecd.r2.dev
res.cloudinary.com
img.hotimg.com
216.58.206.33
2606:4700::6811:c901
2606:4700::6812:223
2620:127:f00f:ff01::
2a00:1450:4001:81c::2001
3.161.82.24
02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
21d47b7301fcb8a0478e5b5bf8fa91057854a1080e79b0df957106c8acd7097e
30d18a9d299cc8408f783e0da71dcf22e8292d413a1f0d319ee6e08bc45415be
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
54322a29f62d346c13c9b497d1278a23e55145ed1086013b67957427b9e66d62
6c3e359809e8958c0467760f848e60c6c14fca78bc3c713050fc9c8b85ba3b4f
90a846fc2bbbf9fbe744eea81c158e3de868a4c2ea65b8574d58ec6edfc2952a
b0a5abea760443eb20f8416a8dc1490d5f792550ef1574184b7dad1f6483567e
b28c6ea6be3dc3a1fef0c68e7354e9f2f49fed1d842a534d8152b67fba58c9e4
b2ed8071a2565731ec24f01932d291df6782add403e2817070c7636b7883e919
b580c377f235c7a4c538bee1ef7073563b010c7c78909e312b9d5949a98e4b41
ce90e42f95b674d46a9900cd124c5d790d08af6fb1358459bc0b6d4692ee7c00
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
f309c047ab7df9db366200ea4b8c51ad8e61f993e7c1c6e3162b079d9efaa1dd
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457