pub-2ede9864d946416fa0b58211d60fc807.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Submission Tags: @phish_report
Submission: On May 20 via api (May 20th 2024, 5:42:46 am UTC) from FI — Scanned from FI

Summary HTTP 34 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-2ede9864d946416fa0b58211d60fc807.r2.dev.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.

This is the only time pub-2ede9864d946416fa0b58211d60fc807.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
17	172.67.162.223 172.67.162.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	162.213.255.6 162.213.255.6	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
34	7

2 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-2ede9864d946416fa0b58211d60fc807.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.162.223 (United States)

ASN13335 (CLOUDFLARENET, US)

imgku.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.213.255.6 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business24-4.web-hosting.com

shj188.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shjhengheng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	imgku.io imgku.io — Cisco Umbrella Rank: 67965	381 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	123 KB
4	shjhengheng.com shjhengheng.com — Cisco Umbrella Rank: 758104	144 KB
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10405	15 KB
2	shj188.com shj188.com — Cisco Umbrella Rank: 623824	37 KB
2	r2.dev pub-2ede9864d946416fa0b58211d60fc807.r2.dev	469 KB
34	6

	Domain	Requested by
17	imgku.io	pub-2ede9864d946416fa0b58211d60fc807.r2.dev
7	cdn.ampproject.org	pub-2ede9864d946416fa0b58211d60fc807.r2.dev cdn.ampproject.org
4	shjhengheng.com	pub-2ede9864d946416fa0b58211d60fc807.r2.dev
2	blogger.googleusercontent.com	pub-2ede9864d946416fa0b58211d60fc807.r2.dev
2	shj188.com	pub-2ede9864d946416fa0b58211d60fc807.r2.dev
2	pub-2ede9864d946416fa0b58211d60fc807.r2.dev	pub-2ede9864d946416fa0b58211d60fc807.r2.dev
34	6

This site contains links to these domains. Also see Links.

Domain
bit.ly

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
imgku.io GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
shj188.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-16` - `2024-12-16`	a year	crt.sh
*.googleusercontent.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
shjhengheng.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Frame ID: F383E3D866E4CF27DE90D149F2D78516
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOP1TOTO SITUS JUDI ONLINE & SLOT ONLINE TEPERCAYA

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

34
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1169 kB
Transfer

1469 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/g0o0dd4y
Title: DOWNLOAD

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request amp.html Show response
pub-2ede9864d946416fa0b58211d60fc807.r2.dev/ 51 KB
52 KB 2016ms
1861ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17fef18d70921f9efa26dda28b4d8e8c9eebbe045a52694306b5c32b2a88744

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
CF-RAY: 886a01164d0a56b7-OSL
Connection: keep-alive
Content-Length: 52487
Content-Type: text/html
Date: Mon, 20 May 2024 05:42:37 GMT
ETag: "c994254c723e864a7b00c904e59cd95a"
Last-Modified: Thu, 16 May 2024 13:35:10 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 388ms
158ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea4072c2b7cb902ddb1dd07434f09fd105555039538d3546b36d3dcdfbc47f1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 20 May 2024 05:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73067
x-xss-protection: 0
server: sffe
etag: "0b3c227fb75e3151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 May 2024 05:42:37 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 330ms
100ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61aab1e0bd4d57e82667135e966dd9d670c46f7990afcc26eade9c207e5de9d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 20 May 2024 05:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: sffe
etag: "cd6e02731d849b18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 May 2024 05:42:37 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
16 KB 301ms
81ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed85b2763a4c2f4365fca1bada6edd2cfc7c269b4fd98528aa4bf6d07b64948f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 20 May 2024 05:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15393
x-xss-protection: 0
server: sffe
etag: "14d3480346e15b40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 May 2024 05:42:37 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 449ms
230ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d4254ce4bc11fd99881a716f4ee88aa2d7f8b6fe73975dc5cae6fec41c4149

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 20 May 2024 05:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14976
x-xss-protection: 0
server: sffe
etag: "86e0678d964f7499"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 May 2024 05:42:37 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 374ms
154ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa448d7220331d1a0c3af0f736f6178533dcf6955d79f0a1c6375b7869630db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 20 May 2024 05:42:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2467
x-xss-protection: 0
server: sffe
etag: "ad028d762b997b5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 20 May 2024 05:42:37 GMT

GET
H3 200 lTXvZ3bo.png
imgku.io/download/ 6 KB
7 KB 2351ms
2279ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/lTXvZ3bo.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa05fa46fe77e355a9ccd0d615b3a79841849108f6c1950576b1077abd4e7e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:39 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx000004773f69dfeb9738f-0065def517-a2c45-default
x-ratelimit-remaining-second: 244
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 6184
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 07:59:36 GMT
server: cloudflare
etag: "e7d5fb6e2f06f6a279dcb444e5368ca0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4jl8HBKoXUM%2BJ%2BtB7pcBPAHZUDuNE%2BnWzQ2aT9hiZqOgtLWjbcPeB5ZxxUfGOzqwV4IrVeVdw9QkZXwfyPCHrsKPNvvOLd47LB2hLSSKmj3d7HpcEdfzVi%2FQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bf65699-OSL
ratelimit-remaining: 244
x-proxy-cache: HIT

GET
H3 200 VOTZpfk8.png
imgku.io/download/ 3 KB
4 KB 1082ms
1009ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/VOTZpfk8.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a81fc358bac023f4bd4e524ac6786147062fcb4348cd2a9a79e2af0b919d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx0000082ee55aa4ebd12fb-0065def517-a50fb-default
x-ratelimit-remaining-second: 249
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 3205
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:00:07 GMT
server: cloudflare
etag: "be131ca258d2e0c3d427ac23d94aa73a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BahrbPhW5F%2BbQaWmPbFpbGRoDE8wSvbb2cnijAlsoYjRIH5NJwZFuvxvrXfTjQ0fzvrCKaDG23sZuy%2Fg4Sn0ZHSbNguy3MEf9TY%2Fl40rCK49RvCsq2wlo64n0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bf55699-OSL
ratelimit-remaining: 249
x-proxy-cache: HIT

GET
H3 200 TIJ8ti3s.png
imgku.io/download/ 2 KB
3 KB 1071ms
1007ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/TIJ8ti3s.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f5a345a99303b2c6f1c299532f6fa9d636ca3cdb6ed396476ec10f11a05cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000c497f90998613363-0065def517-aa1bd-default
x-ratelimit-remaining-second: 244
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 2520
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:00:47 GMT
server: cloudflare
etag: "f5bdc6830092bef924803e41c8e1598b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKrtWPl9Exf9Vk3c6GytoRy%2BWObNvyAURDlhH%2BNckiqV9pf%2BQj3RJ9b9LL90K3lHFj%2Bu0H3eVj8Vwrld9a8U9evXOhwXnbYfhgMSVXrhevJdD2LAm4RvsCbUPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bf75699-OSL
ratelimit-remaining: 244
x-proxy-cache: HIT

GET
H3 200 1ocEfmbx.png
imgku.io/download/ 4 KB
4 KB 1071ms
1008ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/1ocEfmbx.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a978dc9d553dfe63d21ad363b6ba525e0ccbe73b9fd6b9bc1a0706dd18eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000cee818bb13c23bc6-0065def517-a50fb-default
x-ratelimit-remaining-second: 247
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 3779
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:01:03 GMT
server: cloudflare
etag: "c96f140b59f8bd0698dd0dde020356be"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2Bg7CaOBghrATmRa9GNy2iwuX1LgLRGzyHSuRdGmdJ3S87ca0NlKzRG%2Fum%2F74KuvDALDfm2hCzMswKPDbRk85j1Ud5vgvrFakAHt0Q9c%2FTQQXMP32%2FjoxsJ5mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bf85699-OSL
ratelimit-remaining: 247
x-proxy-cache: HIT

GET
H3 200 cLoISpRC.png
imgku.io/download/ 2 KB
3 KB 3233ms
3170ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/cLoISpRC.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e7a9fca10a80b2d8e941d3a4fd5ded42b99fa0ee54d3f320c85a95ae72c96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:40 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx0000017c48358ee04dcc1-0065def517-aa172-default
x-ratelimit-remaining-second: 249
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 2000
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:01:56 GMT
server: cloudflare
etag: "7bd612e49e2d10270e31027b752db252"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gCdaALOs6b7kA67CpoH9cMVVcn7vFtIyhg%2BVJlrBUvf%2F%2BcuQ5OMarDs3A1X3tW6HO0%2Bi7rA5K3DBPbUKMrrh69maSowBq%2BlplANDCgVs2QcYwcvpQB04Pw5UHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bf95699-OSL
ratelimit-remaining: 249
x-proxy-cache: HIT

GET
H3 200 OAICsEfy.png
imgku.io/download/ 5 KB
6 KB 1879ms
1817ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/OAICsEfy.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0eecd2716bd1f2c068986235adb678770f051aacaa7f68c1ca445872867a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx000009b7a23ea71b1cc4e-0065def518-aa140-default
x-ratelimit-remaining-second: 248
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 5286
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:04:25 GMT
server: cloudflare
etag: "c0a4ccbec423d0ca7f9006197d4344cd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRBJ3SJBUq2UnG0y6h%2BmP9TMJnmbCXRGGqWSWKGBFmpVfMnVXT4RVKOcr21NI5kSeow3nslEUH63BSP1OS9zciu24ayOVEBS9LIv0cZwRGkbQOvwBG%2BMeo%2FM0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bfc5699-OSL
ratelimit-remaining: 248
x-proxy-cache: HIT

GET
H3 200 Tk5bf2Ls.png
imgku.io/download/ 2 KB
3 KB 1051ms
997ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/Tk5bf2Ls.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de17553dd6b2d65034af1ca45a18c1f8a7d746dfb24b34382e34caa2e2cb74a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000b6e2cc736c30fcab-0065def517-a5038-default
x-ratelimit-remaining-second: 249
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 2362
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:04:56 GMT
server: cloudflare
etag: "48825fadcc338c68169243762f7845f6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyJXv1UravVKC7mXQnyArM9Kg30EctR9boKvemOLSWpS62EQegrG2upWreqtuIvv%2BOFfQcMWpP%2F4W0acd4m9rK6Y3Wn1MJs%2BE5PDaJkux77sL7GRih0k7r6kzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bfe5699-OSL
ratelimit-remaining: 249
x-proxy-cache: HIT

GET
H3 200 0yxJch4P.png
imgku.io/download/ 3 KB
4 KB 4471ms
4417ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/0yxJch4P.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05a7fe0748e242b012477977e3efd5b5de04bcdd37c42473d05e380f71247dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:41 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000ab040fee8356630c-0065def517-a2b46-default
x-ratelimit-remaining-second: 248
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 3310
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 08:05:34 GMT
server: cloudflare
etag: "0fd9ace64419b6871485c874d1712ec5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pal8OZUV60BrLW3Jd9mKWcCZWUWPMUAZDNVoD%2ByBm8eDA6DZoNXlNsvVo3t1C0YNg3U%2FpP2rKz6QIE%2BH9c4bDapfosYw1WwW1pHRFEh3HkSnnka5W6Vja%2BkZ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bfa5699-OSL
ratelimit-remaining: 248
x-proxy-cache: HIT

GET
H3 200 JnRNzQrE.gif
imgku.io/download/ 23 KB
23 KB 1105ms
1052ms Image
image/gif 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/JnRNzQrE.gif

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bea378a7392fc87336003c7d1b155193d7e7ca6a59a5a3ed9a84acbeb1da1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx0000074d2048b3d0a72e5-0065def80a-a0601-default
x-ratelimit-remaining-second: 248
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 23062
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 09:04:21 GMT
server: cloudflare
etag: "45c9ce355774fd7aa0f8b3e362b11a8a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVFmH8PjFN%2FzBHH0EpBn%2Bb8lXw3OkmXnjemylfAcGrE9iXl%2Bof3NXVq52nom4LWLLTCP%2BDcp5Rn1aVPN1UvRfK9d4sBwRohg%2BYrettetW1U%2BcEG%2B18BziWuahg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226bfd5699-OSL
ratelimit-remaining: 248
x-proxy-cache: REVALIDATED

GET
H3 200 FVemTW58.gif
imgku.io/download/ 22 KB
23 KB 1160ms
1106ms Image
image/gif 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/FVemTW58.gif

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7d555a5a59587be49fc4a93cab93a35433e89e31558c318f216f9ed939d4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
x-ratelimit-limit-second: 250
x-amz-request-id: tx000002a28b851061768f4-0065def80a-aa19f-default
x-ratelimit-remaining-second: 247
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 22727
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Feb 2024 09:04:03 GMT
server: cloudflare
etag: "21ccf2a0893335aa84fcc542f553f578"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xb5hoLZ0whp1LWsTbjsj6UqmR6Pb0ERTPK6XEl0oJdUJqve23azjxGsMoIF6jqSNHBf8yGnNgMGqINXo8TNPGUOyPxz1i8CwVPDQkCThKEjTdRm21ZbnBzd3ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a01226c005699-OSL
ratelimit-remaining: 247
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53c500e24192a0625c5b1ee2f83159068a36ce929991c108869feec2fef839d8

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeff44402b29c49f113bf3a98bc87e4e75b3065cb858d07be080f8a26c2973b0

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 icontop1apk.png
shj188.com/img/top1/icon/ 6 KB
6 KB 675ms
226ms Image
image/png 162.213.255.6
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shj188.com/img/top1/icon/icontop1apk.png
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business24-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: cd0ce15e01d9ab06321bd8be8b5cd4dc6e6f3f1aff48a6fb673bd08ec0b796dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
last-modified: Sun, 17 Dec 2023 12:42:50 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5711
expires: Mon, 27 May 2024 05:42:38 GMT

GET
H2 200 logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiouNzjuvw-EELrs0IOZC4YHBWzy1DudlS49t9Lr-zvMRYpzrn-65UEE-1lvHXQYB8gdIHowVpgsZA37YvxK4Nx22w9FcVPTCpzMuQMX093f48aed9qjRGZXZsYvTKkQ4E3Pw8G_57tkrpI-VZF... 14 KB
14 KB 629ms
472ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiouNzjuvw-EELrs0IOZC4YHBWzy1DudlS49t9Lr-zvMRYpzrn-65UEE-1lvHXQYB8gdIHowVpgsZA37YvxK4Nx22w9FcVPTCpzMuQMX093f48aed9qjRGZXZsYvTKkQ4E3Pw8G_57tkrpI-VZFRjSNNp-oc2Z9LzX1HGOlkBfSVL-J8p8dVBwiLhaXDd4/s1600/logo.png?v=1

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd72f300c73216627725acaa8b92ebb5f04b6730a5a969a86918299da1bc7c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v3d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14193
x-xss-protection: 0
expires: Tue, 21 May 2024 05:42:38 GMT

GET
H2 200 ICONPREDIKSIGOLD-SHJ.png
shjhengheng.com/img/shj/ 35 KB
36 KB 875ms
430ms Image
image/png 162.213.255.6
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shjhengheng.com/img/shj/ICONPREDIKSIGOLD-SHJ.png
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business24-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 25b1aa9b791c7e2e523db0dc080400b04a31f00751d47d61af1bc1e67c16ba24

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
last-modified: Sun, 05 Nov 2023 17:18:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 36150
expires: Mon, 27 May 2024 05:42:38 GMT

GET
H2 200 ICONRTPGOLD-SHJ.png
shjhengheng.com/img/shj/ 35 KB
35 KB 1102ms
657ms Image
image/png 162.213.255.6
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shjhengheng.com/img/shj/ICONRTPGOLD-SHJ.png
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business24-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: b7b587a31d1b482b2885249eab1c5078ee2326c5c7d0f6795afc95414d86d606

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
last-modified: Sun, 05 Nov 2023 17:17:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35892
expires: Mon, 27 May 2024 05:42:38 GMT

GET
H2 200 jadwaltogel.png
shj188.com/img/top1/ 32 KB
32 KB 891ms
443ms Image
image/png 162.213.255.6
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shj188.com/img/top1/jadwaltogel.png
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business24-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3df1760c209960308cb9bb30ae09f35e4a33d9a4034ffa358e5f4f06f4beea58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
last-modified: Sat, 16 Dec 2023 10:06:54 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32264
expires: Mon, 27 May 2024 05:42:38 GMT

GET
H2 200 ICONPROMOGOLD-SHJ.png
shjhengheng.com/img/shj/ 38 KB
38 KB 1303ms
859ms Image
image/png 162.213.255.6
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shjhengheng.com/img/shj/ICONPROMOGOLD-SHJ.png
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business24-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6f228f91cd721df6a9d894bc194e3a8f20fcc6f6f3dcc28c0991425ba886a8f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
last-modified: Sun, 05 Nov 2023 17:17:52 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 38649
expires: Mon, 27 May 2024 05:42:38 GMT

GET
H2 200 ICONBUKTIGOLD-SHJ.png
shjhengheng.com/img/shj/ 35 KB
35 KB 1089ms
644ms Image
image/png 162.213.255.6
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shjhengheng.com/img/shj/ICONBUKTIGOLD-SHJ.png
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.6 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business24-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 323ba6ceb6f078b14699a43bfa4c00b8862eb99997512e3d8fba8621400ef98e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
last-modified: Sun, 05 Nov 2023 17:17:59 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35818
expires: Mon, 27 May 2024 05:42:38 GMT

GET
H3 200 k3TMcsiP.png
imgku.io/download/ 21 KB
22 KB 119ms
119ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/k3TMcsiP.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b2e738a78e6a8ce277808cab159f82c338f04f86978ee317d5168a916b942c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: HIT
x-ratelimit-limit-second: 250
x-amz-request-id: tx000005baded8200d19236-0065cd5f1a-a50e7-default
age: 5347
x-ratelimit-remaining-second: 248
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 21723
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 09:47:19 GMT
server: cloudflare
etag: "ab82e58104f05e85cc9e3820b4ad5865"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQkzvcYpN5723S4ZMGgcfzzG4rgJ5Goiga1n0dwxSf8jDlWgsa1Fu4oSEIlKB%2BXdgnfeu6%2BdC2YuTkT%2FbedrnJ0TN%2FtriwElq3%2FPX41ledyjnpwOKM03T7pIDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aec95699-OSL
ratelimit-remaining: 248
x-proxy-cache: HIT

GET
H3 200 Zp1xesBS.png
imgku.io/download/ 23 KB
24 KB 162ms
162ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/Zp1xesBS.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2447c8bc5911be5581701e12bf9a92bcd54ecc32c3b6ff4edb7747064696016f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: HIT
x-ratelimit-limit-second: 250
x-amz-request-id: tx000006f6079a110224606-0065cd5f1a-a50fb-default
age: 5347
x-ratelimit-remaining-second: 247
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 23508
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 09:53:58 GMT
server: cloudflare
etag: "baaf6a21bdebd086f9a5bdc16e117770"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkMEt6JBUXeOExVJ10dtTivEaFUC%2BuHcYyOId5qZ8OnYiZ8J42foin5aFNM5kjPVtCXBJUnicj%2F1Iu9ZhCTZO7HynBvV2FAebx4LeGzLhlg6SFe%2Fi6aPDC0k%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aecb5699-OSL
ratelimit-remaining: 247
x-proxy-cache: HIT

GET
H3 200 xAI0Lqzv.png
imgku.io/download/ 20 KB
21 KB 172ms
172ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/xAI0Lqzv.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c138a01935e1a4d435bcd7c5b47acd3bb2ff486e5915ded73ad079989eacc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: HIT
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000d7640557f1a900dc-0065cd5f1a-a2c45-default
age: 5347
x-ratelimit-remaining-second: 241
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 20308
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 09:47:58 GMT
server: cloudflare
etag: "06467d11312f21b6df08e1d45fb096cc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4F6HDNHZ3Ol7QPhkgAAsUdnioSJf4EVFEc9KNmIIvyOvWT7dUd3tuVL9W6KBAYvhWcfUdJSPRQ0HSlbahH9rBVT1J0Kk9S03zjpomL%2FfDYEAHXrx8YxLVAgYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aecc5699-OSL
ratelimit-remaining: 241
x-proxy-cache: HIT

GET
H3 200 2ZrPltK8.png
imgku.io/download/ 20 KB
20 KB 174ms
173ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/2ZrPltK8.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead8f4bc2dea12d0d67619e4789685b1abf97772ff84caf222cf28cc4d59f682

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:38 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: HIT
x-ratelimit-limit-second: 250
x-amz-request-id: tx0000081503a366efcc5ca-0065cd5bea-a2c6d-default
age: 5347
x-ratelimit-remaining-second: 249
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 20191
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Feb 2024 09:48:13 GMT
server: cloudflare
etag: "f563681205f71c7cb2756f4720f0a495"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRzsE1S%2Bby6eIlXgyVzI2NQI19aCz9bItNLP4KSiEZaVIf0Wom%2BeYGDBoXMooWiGzFv21BEpkZ9XvaLtLdBIN%2BfsUA5Lj45QlVEOVK4uMOyMfVCTxO7j4LtKAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aece5699-OSL
ratelimit-remaining: 249
x-proxy-cache: HIT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012405022220000/v0/ 8 KB
3 KB 223ms
76ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

f1f25edc30e6b376bf4f8b518e99fc81885771cb393babd3978f62324a87f389

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Origin: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 May 2024 19:47:53 GMT
age: 122084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "96b1871d1c29947c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 18 May 2025 19:47:53 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012405022220000/v0/ 12 KB
4 KB 212ms
72ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405022220000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

347c53e5ce920d3ec2c5edec7315789a404971931e41079a16fad49ff30ecb08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Origin: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 May 2024 19:52:06 GMT
age: 121831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3932
x-xss-protection: 0
server: sffe
etag: "86c668af5f77f061"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 18 May 2025 19:52:06 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK BANNERLOMBA-TOP1.jpg
pub-2ede9864d946416fa0b58211d60fc807.r2.dev/ 417 KB
417 KB 716ms
716ms Image
image/jpeg 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/BANNERLOMBA-TOP1.jpg
Requested by: Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47caedf50e83f123a2c4f677ad0108c15b5d1084659cd650a3d8566fd109ab69

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 05:42:38 GMT
Last-Modified: Sun, 28 Apr 2024 13:40:20 GMT
Server: cloudflare
ETag: "35e2b3a7f482f6b97c43d2411f09a1b8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 886a01257d9c56b7-OSL
Content-Length: 427118

GET
H3 200 wWBlQFjT.png
imgku.io/download/ 71 KB
72 KB 2674ms
2673ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/wWBlQFjT.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a9f257173ac4045f02155ca945faf78ffe893ea6dbd51a009e309fea7cc52f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:40 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: MISS
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000eeba1974bcd5c02e-0065f524f4-a05d9-default
x-ratelimit-remaining-second: 240
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 72619
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2024 06:24:34 GMT
server: cloudflare
etag: "3879e4011bb6dd1a83d5da05a43f28fc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1JwiOCQfHKx86H3w8mCCI5EAQVhMbKIAOecc%2F9728YRixbpWPEhQ7pjuo8J%2B2m9EWJj4ySL4QtHOtsweCV8OYbZlRky8LUhDp7%2BBOQ0ncvPTa2no9XyLn2VdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aecf5699-OSL
ratelimit-remaining: 240
x-proxy-cache: HIT

GET
H3 200 8ZVjdGC4.png
imgku.io/download/ 69 KB
70 KB 2418ms
2417ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/8ZVjdGC4.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d3764199c2ac412e05dc9a4bb2da219267afb57c9f7c3620150603861f45c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:40 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: MISS
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000ae6d75a6eedb3761-00660a2f33-a0633-default
x-ratelimit-remaining-second: 240
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 70726
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2024 06:24:20 GMT
server: cloudflare
etag: "2f8aed58ee192c99295741c6b9204653"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYO5RSiKzdkUNm6tS0v2Jy1yJzKkILdLWqgg4TmLCh7RoTsQky0PPBUGQ2YUQWqckhkxGF5Nvl3maK6CXd%2FbE9GPlX3794KOATOzv%2FE3hw7VeMH%2FZB%2BKEr4Wew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aed05699-OSL
ratelimit-remaining: 240
x-proxy-cache: HIT

GET
H3 200 Bn9ZSba5.png
imgku.io/download/ 73 KB
73 KB 1927ms
1927ms Image
image/png 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/Bn9ZSba5.png

Requested by

Host: pub-2ede9864d946416fa0b58211d60fc807.r2.dev
URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a9ca753b324bade0370a176f64a0e1cb89ca8bec241b8a2bb8f48fc42c99fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:40 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: MISS
x-ratelimit-limit-second: 250
x-amz-request-id: tx0000004bed74887549af9-00660c8fa8-a2c6d-default
x-ratelimit-remaining-second: 248
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 74266
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2024 06:24:27 GMT
server: cloudflare
etag: "658f3d7614a09601ed1ceea8c8ab5c2d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2RZHWnLf2vs9UF%2BMQNdysux7FCMzLQZ%2BrWgL3ECcscLyjHXwrB61F0JMJli13ypmWgc%2F8aQm6CYg%2Fmfs1IHGa27dYbRBRtXQ9j1LhD4ZNKYBOS8lo%2FRI%2FEIkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 886a0128aed15699-OSL
ratelimit-remaining: 248
x-proxy-cache: HIT

GET
H2 200 favicon.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMNo2ZW5v71vupvYGdkuyV4gQbLdw-EsIl5br6RnDoh-7wx9UI2xbtvc4M7T1_3vZ_mdUy3upxHZZ-zqB4sBA-vX-i-o8tapj4vpqJLlgsDmg4dJ3juXyDjL8ylxVDsRHIIBWD2Jo-ZAWX7eGj... 704 B
825 B 292ms
291ms Other
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMNo2ZW5v71vupvYGdkuyV4gQbLdw-EsIl5br6RnDoh-7wx9UI2xbtvc4M7T1_3vZ_mdUy3upxHZZ-zqB4sBA-vX-i-o8tapj4vpqJLlgsDmg4dJ3juXyDjL8ylxVDsRHIIBWD2Jo-ZAWX7eGjFzKKqfwY7GmxDV95jIYQXwmVIZKQbXq47twPeroiov0/s1600/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3771e2521e8a19a3bc9c42c4c5ba075701e76d3af3ba6589ab065923de96b32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 05:42:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v3f"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="favicon.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 704
x-xss-protection: 0
expires: Tue, 21 May 2024 05:42:41 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://pub-2ede9864d946416fa0b58211d60fc807.r2.dev/amp.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdn.ampproject.org
imgku.io
pub-2ede9864d946416fa0b58211d60fc807.r2.dev
shj188.com
shjhengheng.com
142.250.184.225
162.213.255.6
172.67.162.223
2606:4700::6812:323
2a00:1450:4001:812::2001
2a00:1450:4001:831::2001
05a7fe0748e242b012477977e3efd5b5de04bcdd37c42473d05e380f71247dc3
076f5a345a99303b2c6f1c299532f6fa9d636ca3cdb6ed396476ec10f11a05cb
21c138a01935e1a4d435bcd7c5b47acd3bb2ff486e5915ded73ad079989eacc1
2447c8bc5911be5581701e12bf9a92bcd54ecc32c3b6ff4edb7747064696016f
25b1aa9b791c7e2e523db0dc080400b04a31f00751d47d61af1bc1e67c16ba24
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
323ba6ceb6f078b14699a43bfa4c00b8862eb99997512e3d8fba8621400ef98e
347c53e5ce920d3ec2c5edec7315789a404971931e41079a16fad49ff30ecb08
3771e2521e8a19a3bc9c42c4c5ba075701e76d3af3ba6589ab065923de96b32e
3a9ca753b324bade0370a176f64a0e1cb89ca8bec241b8a2bb8f48fc42c99fdc
3df1760c209960308cb9bb30ae09f35e4a33d9a4034ffa358e5f4f06f4beea58
45e7a9fca10a80b2d8e941d3a4fd5ded42b99fa0ee54d3f320c85a95ae72c96f
47caedf50e83f123a2c4f677ad0108c15b5d1084659cd650a3d8566fd109ab69
4d3764199c2ac412e05dc9a4bb2da219267afb57c9f7c3620150603861f45c87
51a9f257173ac4045f02155ca945faf78ffe893ea6dbd51a009e309fea7cc52f
53c500e24192a0625c5b1ee2f83159068a36ce929991c108869feec2fef839d8
5bea378a7392fc87336003c7d1b155193d7e7ca6a59a5a3ed9a84acbeb1da1f9
61aab1e0bd4d57e82667135e966dd9d670c46f7990afcc26eade9c207e5de9d1
6f228f91cd721df6a9d894bc194e3a8f20fcc6f6f3dcc28c0991425ba886a8f0
75b2e738a78e6a8ce277808cab159f82c338f04f86978ee317d5168a916b942c
95a978dc9d553dfe63d21ad363b6ba525e0ccbe73b9fd6b9bc1a0706dd18eed3
9d0eecd2716bd1f2c068986235adb678770f051aacaa7f68c1ca445872867a9f
a17fef18d70921f9efa26dda28b4d8e8c9eebbe045a52694306b5c32b2a88744
a9a81fc358bac023f4bd4e524ac6786147062fcb4348cd2a9a79e2af0b919d2c
aa05fa46fe77e355a9ccd0d615b3a79841849108f6c1950576b1077abd4e7e7f
aeff44402b29c49f113bf3a98bc87e4e75b3065cb858d07be080f8a26c2973b0
b7b587a31d1b482b2885249eab1c5078ee2326c5c7d0f6795afc95414d86d606
c3d4254ce4bc11fd99881a716f4ee88aa2d7f8b6fe73975dc5cae6fec41c4149
cd0ce15e01d9ab06321bd8be8b5cd4dc6e6f3f1aff48a6fb673bd08ec0b796dc
de17553dd6b2d65034af1ca45a18c1f8a7d746dfb24b34382e34caa2e2cb74a6
dfa448d7220331d1a0c3af0f736f6178533dcf6955d79f0a1c6375b7869630db
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ead8f4bc2dea12d0d67619e4789685b1abf97772ff84caf222cf28cc4d59f682
ed85b2763a4c2f4365fca1bada6edd2cfc7c269b4fd98528aa4bf6d07b64948f
eea4072c2b7cb902ddb1dd07434f09fd105555039538d3546b36d3dcdfbc47f1
ef7d555a5a59587be49fc4a93cab93a35433e89e31558c318f216f9ed939d4bf
f1f25edc30e6b376bf4f8b518e99fc81885771cb393babd3978f62324a87f389
fd72f300c73216627725acaa8b92ebb5f04b6730a5a969a86918299da1bc7c67

pub-2ede9864d946416fa0b58211d60fc807.r2.dev Open in urlscan Pro 2606:4700::6812:323 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

1169 kBTransfer

1469 kBSize

0 Cookies

1 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pub-2ede9864d946416fa0b58211d60fc807.r2.dev Open in urlscan Pro
2606:4700::6812:323 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1169 kB
Transfer

1469 kB
Size

0
Cookies

34 HTTP transactions
4 data transactions