250160.8b.io Open in urlscan Pro
75.101.221.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://250160.8b.io/
Submission: On October 24 via manual (October 24th 2021, 3:32:53 pm UTC) from FR — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 29 HTTP transactions. The main IP is 75.101.221.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 250160.8b.io.
TLS certificate: Issued by Amazon on June 11th 2021. Valid for: a year.

This is the only time 250160.8b.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	75.101.221.170 75.101.221.170	14618 (AMAZON-AES) (AMAZON-AES)
1	64.20.41.188 64.20.41.188	19318 (IS-AS-1) (IS-AS-1)
1	190.166.228.18 190.166.228.18	6400 (Compania ...) (Compania Dominicana de Telefonos S. A.)
3	142.250.186.147 142.250.186.147	15169 (GOOGLE) (GOOGLE)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
7	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
1	52.217.67.22 52.217.67.22	16509 (AMAZON-02) (AMAZON-02)
8	172.67.215.39 172.67.215.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
1	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
29	12

1 75.101.221.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-221-170.compute-1.amazonaws.com

250160.8b.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.20.41.188 (Newark, United States)

ASN19318 (IS-AS-1, US)
PTR: thor.433eros.space

mega-scripts.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.166.228.18 (Dominican Republic)

ASN6400 (Compania Dominicana de Telefonos S. A., DO)
PTR: 18.228.166.190.l.static.claro.net.do

scontent.fhex4-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.147 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f19.1e100.net

yrjstueyrwt.agilecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats2.agilecrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f97.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.67.22 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.215.39 (United States)

ASN13335 (CLOUDFLARENET, US)

app.8b.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	8b.io 250160.8b.io app.8b.io	643 KB
7	ampproject.org cdn.ampproject.org	144 KB
3	agilecrm.com yrjstueyrwt.agilecrm.com stats2.agilecrm.com	18 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	fbcdn.net scontent.fhex4-1.fna.fbcdn.net static.xx.fbcdn.net	2 KB
1	amung.us whos.amung.us	29 B
1	amazonaws.com s3.amazonaws.com	39 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	mega-scripts.icu mega-scripts.icu	41 KB
0	Failed function sub() { [native code] }. Failed
29	10

	Domain	Requested by
8	app.8b.io	250160.8b.io
7	cdn.ampproject.org	250160.8b.io cdn.ampproject.org
2	fonts.gstatic.com	fonts.googleapis.com
2	yrjstueyrwt.agilecrm.com	250160.8b.io yrjstueyrwt.agilecrm.com
1	static.xx.fbcdn.net	250160.8b.io
1	whos.amung.us	250160.8b.io
1	s3.amazonaws.com	yrjstueyrwt.agilecrm.com
1	stats2.agilecrm.com	yrjstueyrwt.agilecrm.com
1	fonts.googleapis.com	250160.8b.io
1	scontent.fhex4-1.fna.fbcdn.net	250160.8b.io
1	mega-scripts.icu	250160.8b.io
1	250160.8b.io
0	agilecrm Failed	250160.8b.io
29	13

This site contains no links.

Subject Issuer	Validity	Valid
8b.io Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
mega-scripts.icu cPanel, Inc. Certification Authority	`2021-09-14` - `2021-12-13`	3 months	crt.sh
*.fhex4-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.agilecrm.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-29` - `2021-11-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-02` - `2021-10-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://250160.8b.io/
Frame ID: AD6B8FE8086E86AED1DDCA63FD56D4BD
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

29
Requests

93 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

920 kB
Transfer

1467 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
250160.8b.io/ 118 KB
118 KB 416ms
228ms Document
text/html 75.101.221.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.221.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-221-170.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2db81fe9b9df6b71a6309dce4fd7067346065cf301b08e09c60af57551acb362

Request headers

:method: GET
:authority: 250160.8b.io
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
content-type: text/html; charset=utf-8
content-length: 120851
server: nginx/1.14.0 (Ubuntu)
x-instance-id: IpUFytLnXiCry5cytjp35Q==
x-st-cache-status: MISS
etag: "b1fe06186773145fea54ea6614ac1f8f.0f82a48f1af621bdd7cad57451e2b373"

GET skeleton.min.css
agilecrm/pagebuilder/live/build/css/ 0
0

GET
H2 200 / Show response
mega-scripts.icu/ 167 KB
41 KB 628ms
274ms Script
text/html 64.20.41.188
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mega-scripts.icu/?token=9dddb6800088b1c73529f2c33581f9a1
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 64.20.41.188 Newark, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: thor.433eros.space
Software: LiteSpeed /
Resource Hash: 5996a58d1ea4cf83f755850141fe2419d6b1d5f6655517ca6bd1e00d9b03261b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 15:32:49 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 403 143668684_2718472111751815_2730132979278897816_n.jpg
scontent.fhex4-1.fna.fbcdn.net/v/t1.0-9/ 21 B
21 B 495ms
161ms Image
text/plain 190.166.228.18
Compania Dominica...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fhex4-1.fna.fbcdn.net/v/t1.0-9/143668684_2718472111751815_2730132979278897816_n.jpg?_nc_cat=106&ccb=2&_nc_sid=730e14&_nc_ohc=xs4Ux3ZkM0oAX_3A75C&_nc_ht=scontent.fhex4-1.fna&oh=e5a51a626f96278a6bd68d92da539a9a&oe=60364DED
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.166.228.18 , Dominican Republic, ASN6400 (Compania Dominicana de Telefonos S. A., DO),
Reverse DNS: 18.228.166.190.l.static.claro.net.do
Software: proxygen-bolt /
Resource Hash: 16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 15:32:49 GMT
server: proxygen-bolt
content-type: text/plain
content-length: 21
proxy-status: http_request_error; e_fb_vipaddr="AcI75GPQCqLLUztdb4NGWqYW81gqVRrRwzrNe9pV0-JDo7SZwKzkWxPFaJn5Ahb3ULwF4HP6q9I"; e_clientaddr="AcL0GsI-sHI5ewZUSv8qgx2nRHHpTyyi_00k17WQ-S2Z4cvKMtPOaiot8xJ26O7xiLEZqVphbUw2Kr90DHc"; e_fb_builduser="AcLhlKXDnF3iw_P-5NR_zszztbmwQVyo07I5BNkb9uBfSc9mSCyO5NMJIxYVZLuk78c"; e_proxy="AcJAJB0KjhEd5QRc4yosha-_WTqGPhTA368LYu34ClvBdipa2FDbF_eIWVfnrcG4B3FY5fCZX-JJ"; e_fb_binaryversion="AcJDr4mRS-gXgSHkQCjKEIvTGx2TWv_Qr8fQvBc_q1gj9VH2Ythjy3gct9YfM3LQGhELDIRliJsGC2wwfyY3xU0qb_i9LosHsWI"

GET elements.min.js
agilecrm/pagebuilder/beta/build/js/ 0
0

GET
H2 200 agile-min.js Show response
yrjstueyrwt.agilecrm.com/stats/min/ 63 KB
18 KB 79ms
16ms Script
application/javascript 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://yrjstueyrwt.agilecrm.com/stats/min/agile-min.js
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: ed65b5428ab2a5530280232bc6b31854e63395734447a8ba651848af52d1a609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:25:11 GMT
content-encoding: gzip
server: Google Frontend
age: 458
etag: "NCbPOA"
content-type: application/javascript
x-cloud-trace-context: 5560b5fcdb9cc6728f1903aa18120f16
cache-control: public, max-age=600
content-length: 18087
expires: Sun, 24 Oct 2021 15:35:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 38ms
16ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 13:56:29 GMT
server: ESF
date: Sun, 24 Oct 2021 15:32:49 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 15:32:49 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 270 KB
70 KB 207ms
171ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

dd33bf7cb75bb31858016496711f4f44cd67a1cf33d38167c1a950a50a426b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 71042
x-xss-protection: 0
server: sffe
date: Sun, 24 Oct 2021 15:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "890d5f316e372e21"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Oct 2021 15:32:49 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 39 KB
14 KB 60ms
25ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

bbcef968804f3acce006be08c78faf92fe17ea185fcb5f9e6e0a9f75da1eafa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14393
x-xss-protection: 0
server: sffe
date: Sun, 24 Oct 2021 15:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "7ef20c8bc8a34a74"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Oct 2021 15:32:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 100 KB
30 KB 53ms
17ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

8d99ad082ddaca5df51a077845df94ba2a8fe6b89b0e2f7552e604197ee6eb69

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30825
x-xss-protection: 0
server: sffe
date: Sun, 24 Oct 2021 15:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "b68e82777bf8338e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Oct 2021 15:32:49 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 27 KB
10 KB 51ms
16ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

cbcf1961930bfee7a0ffaa7a4b384f48f7499b0836f3fc4c0112f22c03e0f19b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8893
x-xss-protection: 0
server: sffe
date: Sun, 24 Oct 2021 15:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "24494e9efc970cb9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Oct 2021 15:32:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 45 KB
14 KB 61ms
26ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

875c42dcb94ae6112ae1d748883512cb3f1620abb7b724c56d2f345fb6120ee1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
server: sffe
date: Sun, 24 Oct 2021 15:32:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "5e6d8e378d42694c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Oct 2021 15:32:49 GMT

GET
H2 200 addstats Show response
stats2.agilecrm.com/ 0
83 B 211ms
194ms Script
text/html 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats2.agilecrm.com/addstats?callback=json5123418283931252&guid=7eb22504-5260-14ec-6f21-c041a04e6766&sid=9c5f5c49-bbc6-89db-67f5-be69e75aa6db&url=https%3A%2F%2F250160.8b.io%2F&agile=tkaca6hqgdbka0d8ts8eu3af9k&new=1&ref=&domain=yrjstueyrwt
Requested by: Host: yrjstueyrwt.agilecrm.com
URL: https://yrjstueyrwt.agilecrm.com/stats/min/agile-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cloud-trace-context: e58a886325ce995ec38b570c4e50ca07
server: Google Frontend
date: Sun, 24 Oct 2021 15:32:49 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK agile-webrules-min.js Show response
s3.amazonaws.com/agilecrm/web-rules-static/ 38 KB
39 KB 446ms
129ms Script
application/x-javascript 52.217.67.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/agilecrm/web-rules-static/agile-webrules-min.js
Requested by: Host: yrjstueyrwt.agilecrm.com
URL: https://yrjstueyrwt.agilecrm.com/stats/min/agile-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e260b9c304598205a322374408f2e2718acab63e585af74e41fb69179d3b4337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 15:32:50 GMT
Last-Modified: Thu, 20 Jul 2017 12:34:14 GMT
Server: AmazonS3
x-amz-request-id: 8CA6WZZABYEC6KVG
ETag: "8905dc1d776f9bce281cdbca7a515b7f"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 39245
x-amz-id-2: PfnG5RSvTOi/mMXjkvdkTPdDlYfkpceLcwXvwVY/YY3j3z1z5pUFztVA8gDg2Vm9Bvajynx0FkM=

GET
H2 200 02-1-1920x1279.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 261 KB
262 KB 342ms
288ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/02-1-1920x1279.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f08613f1b45147b3d63ad144170ad76c0308f5b888f6cea7712ddbf77bb054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Mar 2019 14:33:59 GMT
server: cloudflare
x-amz-request-id: 8CAC6E98NBP01A04
etag: "204834bacb39cf7f7feeab696c4ad099"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E01NMtkrid2W9qJMitiGfft0KeGxBjkECSOE%2BD%2BRFVktEx6cUF9tdEH2MIuLq%2BjtRiXt%2Bv8LuY%2Bw2FifA8Tklw58NsY%2Bvhbt4sWicEeSyIPbFmHdwkDVAUCVXVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344290a8094132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 267490
x-amz-id-2: SzWkh1Cyg5h0JhpjlF25zfXQVvhKm48JnPYl46/M0/C5rLbimHPvQGM9swNdKfSb5jhZ62fP+Ko=

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 33ms
11ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://250160.8b.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 221855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 01:55:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 28ms
7ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://250160.8b.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 342068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:31:41 GMT

GET
H2 200 01-640x426.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 16 KB
16 KB 245ms
243ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/01-640x426.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da1736e753b824fa680504e89e1f7e19f6f8a8d8737b5e5ccd8f7824ef1e5f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Mar 2019 14:33:52 GMT
server: cloudflare
x-amz-request-id: 8CAB5ESANEC0VZNJ
etag: "12940feecb3f528e26282f10c80cb579"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THiJSWNNlQMy%2Bd5sACs5tFFc4wm4lpTLQbdGySYQNAwGuuJnbVm4DzvLUKv3oqEg2oiesRqptBbA%2B85n%2F2XkdWmWFHrdsvae4TtLZzsS3PppOce8vOLvUVxQA7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca3e4132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15917
x-amz-id-2: Kjp3ng4629DhMHcysNLp/OBrgEwliGfvzkJ/4zAGv6bIg8ywkRDrWzuEEmnwG/7v3y2fRh/W3dE=

GET
H2 200 mbr-1108x739.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 100 KB
101 KB 274ms
272ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/mbr-1108x739.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6ff8b85440c01317169c65aa0c17d9d41b1341b617a590037a70a920187c28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Mar 2019 14:34:08 GMT
server: cloudflare
x-amz-request-id: 8CA19MBSTS9QR397
etag: "efccc375434ed83349d96d7005de8815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6PqTp7dNF2%2B%2F14tsGJfV0EcDnfBGq0UsohMY65Xo92GUX%2FmksGALMHO8frk%2FLYSpSQpkVT7PzGIy%2F4XPNTDVbJNgRP9sjnQrRz75sSD3G9E3AtGLOoaKzmKf1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca3f4132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 102194
x-amz-id-2: oqxbpNDSRzMjHNLoJLklorl/3rUxcG6zMRuoV4x0xi7cBxAQC2+9ZZIS3uL02c4c3Xpb8BPtdoY=

GET
H2 200 04-1-640x426.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 24 KB
25 KB 273ms
272ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/04-1-640x426.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f075cf6c71d634b3239a0861f4734d3e6895ef7bb427579b3279e021de0dcdcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Mar 2019 14:34:02 GMT
server: cloudflare
x-amz-request-id: 8CAEMW93Q7RNTPSS
etag: "6b772e4716567fd2253afa955e8f683e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JASxzfM68mnRD3Wvm89rlMmI5PY88lcoDHDrJZjbzLByaiykckadAtpE%2BdNkGRYDMG5%2Bt0%2BBKYoKPa25LJ6FtMBVOP7uatoAbwx8uQye09V%2BONT6azKeH0bJx8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca424132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24912
x-amz-id-2: yWTvMavVmTnnJgdu+0YlUTg8q/k/cD4OTliBtovE/k/LzyQbQbxheZwpZ/1QFqyFLnwzpNFNMzI=

GET
H2 200 background3-1-674x449.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 48 KB
49 KB 261ms
260ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/background3-1-674x449.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cad55afb13970ba847d02efc5599313c58c9d5a679c0c7f398e0b6b65542eef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Mar 2019 14:34:04 GMT
server: cloudflare
x-amz-request-id: 8CA0DVY0B1S7PSW1
etag: "c0a91eee61effdd82a5123c0a2625b9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h6tRBHWgxkjUl6rHmFKVJiWiDj2%2Fh%2F%2B4Pz1xKDhY6N%2BkxopHtYSBEluVkEYwsFpA%2BW0t6XTySni%2FI7OlDgeWEHpR1b912VfRM1J95hqM98MqbnJ56JFBj8fVeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca454132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49392
x-amz-id-2: GD9aMMLKHQXArkajmC1NtJhPPAqVGiHgcA6BXlv2dVAIuizW5F/LsWLVv9608A0IkLOXlXxd0Bw=

GET
H2 200 08-426x426.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 23 KB
24 KB 275ms
274ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/08-426x426.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f049f0e524e57cc4ef85d727fcd11cf059f2dba4590f5fa03d545acaafb304

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Oct 2018 08:52:05 GMT
server: cloudflare
x-amz-request-id: 8CADV8QCM0AA3M9M
etag: "808b5ca3f13ad120c910d5fe56a022d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVJi0dVa4e5PVi1XN1Pd4auR5u3lK9QDb0Ry4489A6KRSTPt4ngtd2r%2FPB6hsOuFqQXj531RcTYKNtdIZc8ZpR%2B8%2B1bCKcU9ayLkcDqOSZnYhWDVq8RSqV9jWNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca464132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23902
x-amz-id-2: eCeCp/imzEtVmUKks+fYh7YY63miyymYQaR4ZdCzzeHcw9mUygXY41PM5ZYYtlmkXyFFFfV4uLk=

GET
H2 200 09-417x417.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 17 KB
18 KB 260ms
259ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/09-417x417.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088cd93f679fc0c91f86648fc8c55a6dd50d619b04c55d1711b0e8d122db78ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Oct 2018 08:52:05 GMT
server: cloudflare
x-amz-request-id: 8CAANYAP92BEKH0G
etag: "772c83d63d617999a8444d7c8978c28e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8cKVol9c2bstG3owbI1NOf22Bxg%2B8iFewXy3eaFwy7xwziXQlaWFJxZy1Raq%2B6S9axgwW%2BjWZE1qdwUtDGp%2FB0m0zG12HYTTPUrCkCgxDgRiPeNGHVKLUx4%2Bnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca494132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17808
x-amz-id-2: 9hYsdCAECDSLWMjGQomsvvjQG5c8SrMVD9f9VQNqpFWWv3qNjghUJAuyTVTDEUnTgrisEWomI8k=

GET
H2 200 10-425x425.jpg
app.8b.io/app/themes/webamp/projects/agency/assets/images/ 30 KB
31 KB 304ms
304ms Image
image/jpeg 172.67.215.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.8b.io/app/themes/webamp/projects/agency/assets/images/10-425x425.jpg
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.215.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e040d7a2466be8b4e2a3908fe42d7296ffa67953e77fdecf6970fbc0558ec36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 18 Oct 2018 08:52:06 GMT
server: cloudflare
x-amz-request-id: 8CA1WVXMCFC49SQM
etag: "396f9f0bbe3b8b4e36a960653a62da4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wavs6ehSyBJQErOdCYOHWtdeCEUq4%2BvKm69zM6YgiGJdBg3AOU1vpxArU7cWLtaOctGgzkjVfweq%2BUnVuHIm5X3VuyI6MgWjW869eq48taBiMABtx4C33UYCCys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 6a344291ca4b4132-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30898
x-amz-id-2: LZBpT8i6jM7qKwIJWtFYbG6iKBNWImnyjLe5JHmLpn5ogDtED2y9uJgi7n7nUorsFYFLTpVDaXg=

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012110011758000/v0/ 7 KB
3 KB 41ms
13ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110011758000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

81357d5396e008da027bc9346a0662a4ee090503dbac99cd37e7bb316ce573be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://250160.8b.io/
Origin: https://250160.8b.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 252207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2914
x-xss-protection: 0
server: sffe
date: Thu, 21 Oct 2021 17:29:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f63269c6dc6042cd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Oct 2022 17:29:22 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012110011758000/v0/ 15 KB
4 KB 31ms
14ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110011758000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

sffe /

Resource Hash

7ac14b356ae0adf5701877a861769687d71ebe6cdfb23a481e1372dbc2350d85

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://250160.8b.io/
Origin: https://250160.8b.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 261420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3694
x-xss-protection: 0
server: sffe
date: Thu, 21 Oct 2021 14:55:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f93790c16d0166fa"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Oct 2022 14:55:49 GMT

GET
H2 200 web-rules Show response
yrjstueyrwt.agilecrm.com/core/js/api/ 56 B
245 B 233ms
233ms Script
application/javascript 142.250.186.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://yrjstueyrwt.agilecrm.com/core/js/api/web-rules?callback=json5276470812727281&id=tkaca6hqgdbka0d8ts8eu3af9k
Requested by: Host: yrjstueyrwt.agilecrm.com
URL: https://yrjstueyrwt.agilecrm.com/stats/min/agile-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f19.1e100.net
Software: Google Frontend /
Resource Hash: 8f6608fbe8504406db01f3d8267d4ad28d3012a028ac9d5b9e3412f5e8e0eb18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:50 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: 22862c41b1577eeb726cb1c950d71635
cache-control: private
content-length: 74
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
whos.amung.us/pingjs/ 29 B
29 B 347ms
119ms Image
text/javascript 67.202.94.93
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=b4cdf055000&t=Blacksar%20Inc.&x=https://whos.amung.us/&y=https://whos.amung.us/&a=-1&d=0&v=27&r=8195
Requested by: Host: 250160.8b.io
URL: https://250160.8b.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:32:50 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ 2 KB
2 KB 31ms
7ms Image
image/svg+xml 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg

Requested by

Host: 250160.8b.io
URL: https://250160.8b.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src .fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://250160.8b.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: br
x-content-type-options: nosniff
content-md5: NiMA5zHIsmaYxSYEaw9fHg==
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1027
x-xss-protection: 0
x-fb-debug: crnkNYNrWCMTR4y4ECZG0BFzjNrviM22tbvAcjf0aNKCqKrDSn6DNDUvt5qaph4YmR9Vn/UYBBhVfWOl0R2F1g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
date: Sun, 24 Oct 2021 15:32:49 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
timing-allow-origin: *
priority: u=3,i
expires: Thu, 20 Oct 2022 18:19:19 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: agilecrm
URL: https://agilecrm/pagebuilder/live/build/css/skeleton.min.css

Domain: agilecrm
URL: https://agilecrm/pagebuilder/beta/build/js/elements.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
250160.8b.io/	1970-01-21 17:59:29	Name: tkaca6hqgdbka0d8ts8eu3af9k-agile-crm-guid Value: 7eb22504-5260-14ec-6f21-c041a04e6766
250160.8b.io/	1969-12-31 23:59:59	Name: tkaca6hqgdbka0d8ts8eu3af9k-agile-crm-session_id Value: 9c5f5c49-bbc6-89db-67f5-be69e75aa6db
250160.8b.io/	1969-12-31 23:59:59	Name: tkaca6hqgdbka0d8ts8eu3af9k-agile-crm-session_start_time Value: 49

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://agilecrm/pagebuilder/live/build/css/skeleton.min.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://agilecrm/pagebuilder/beta/build/js/elements.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://scontent.fhex4-1.fna.fbcdn.net/v/t1.0-9/143668684_2718472111751815_2730132979278897816_n.jpg?_nc_cat=106&ccb=2&_nc_sid=730e14&_nc_ohc=xs4Ux3ZkM0oAX_3A75C&_nc_ht=scontent.fhex4-1.fna&oh=e5a51a626f96278a6bd68d92da539a9a&oe=60364DED Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

250160.8b.io
agilecrm
app.8b.io
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
mega-scripts.icu
s3.amazonaws.com
scontent.fhex4-1.fna.fbcdn.net
static.xx.fbcdn.net
stats2.agilecrm.com
whos.amung.us
yrjstueyrwt.agilecrm.com
agilecrm
142.250.186.147
142.250.186.99
157.240.20.19
172.217.18.97
172.67.215.39
190.166.228.18
216.58.212.170
52.217.67.22
64.20.41.188
67.202.94.93
75.101.221.170
06f049f0e524e57cc4ef85d727fcd11cf059f2dba4590f5fa03d545acaafb304
088cd93f679fc0c91f86648fc8c55a6dd50d619b04c55d1711b0e8d122db78ac
0da1736e753b824fa680504e89e1f7e19f6f8a8d8737b5e5ccd8f7824ef1e5f9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d
29f08613f1b45147b3d63ad144170ad76c0308f5b888f6cea7712ddbf77bb054
2db81fe9b9df6b71a6309dce4fd7067346065cf301b08e09c60af57551acb362
4cad55afb13970ba847d02efc5599313c58c9d5a679c0c7f398e0b6b65542eef
5996a58d1ea4cf83f755850141fe2419d6b1d5f6655517ca6bd1e00d9b03261b
7ac14b356ae0adf5701877a861769687d71ebe6cdfb23a481e1372dbc2350d85
81357d5396e008da027bc9346a0662a4ee090503dbac99cd37e7bb316ce573be
875c42dcb94ae6112ae1d748883512cb3f1620abb7b724c56d2f345fb6120ee1
8d99ad082ddaca5df51a077845df94ba2a8fe6b89b0e2f7552e604197ee6eb69
8e6ff8b85440c01317169c65aa0c17d9d41b1341b617a590037a70a920187c28
8f6608fbe8504406db01f3d8267d4ad28d3012a028ac9d5b9e3412f5e8e0eb18
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9e040d7a2466be8b4e2a3908fe42d7296ffa67953e77fdecf6970fbc0558ec36
bbcef968804f3acce006be08c78faf92fe17ea185fcb5f9e6e0a9f75da1eafa6
cbcf1961930bfee7a0ffaa7a4b384f48f7499b0836f3fc4c0112f22c03e0f19b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dd33bf7cb75bb31858016496711f4f44cd67a1cf33d38167c1a950a50a426b72
e260b9c304598205a322374408f2e2718acab63e585af74e41fb69179d3b4337
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed65b5428ab2a5530280232bc6b31854e63395734447a8ba651848af52d1a609
f075cf6c71d634b3239a0861f4734d3e6895ef7bb427579b3279e021de0dcdcc

250160.8b.io Open in urlscan Pro 75.101.221.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

29 Requests

93 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

12 IPs

2 Countries

920 kBTransfer

1467 kBSize

3 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

250160.8b.io Open in urlscan Pro
75.101.221.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

93 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

920 kB
Transfer

1467 kB
Size

3
Cookies

29 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!