urlscan.io logo urlscan.io
SecurityTrails logo

situng138nov.xyz Open in urlscan Pro
172.67.155.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cultureheritage.go.ke/sites/default/files/culture/?login=dot77
Effective URL: https://situng138nov.xyz/forbidden
Submission Tags: @phish_report
Submission: On November 21 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 42 HTTP transactions. The main IP is 172.67.155.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is situng138nov.xyz.
TLS certificate: Issued by WE1 on November 15th 2024. Valid for: 3 months.
This is the only time situng138nov.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 102.210.149.88 328847 (KoTDA)
9 172.67.132.161 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 142.250.186.163 15169 (GOOGLE)
1 104.26.13.205 13335 (CLOUDFLAR...)
2 52.220.198.135 16509 (AMAZON-02)
1 52.219.125.94 16509 (AMAZON-02)
1 3 172.67.155.160 13335 (CLOUDFLAR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
42 12
1    102.210.149.88 (Kenya)

ASN328847 (KoTDA, KE)
www.cultureheritage.go.ke
9    172.67.132.161 (United States)

ASN13335 (CLOUDFLARENET, US)
mezink.app
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700::6812:52e (United States)

ASN13335 (CLOUDFLARENET, US)
mez.ink
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
mezink.com
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
2    52.220.198.135 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-198-135.ap-southeast-1.compute.amazonaws.com
api.cloudsuper.link
1    52.219.125.94 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
super-content.s3-ap-southeast-1.amazonaws.com
3    172.67.155.160 (United States)

ASN13335 (CLOUDFLARENET, US)
situng138nov.xyz
5    2606:4700:4400::ac40:9ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
images.linkcdn.cloud
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
9 mezink.app
mezink.app
116 KB
5 linkcdn.cloud
images.linkcdn.cloud — Cisco Umbrella Rank: 56625
15 KB
5 mez.ink
mez.ink — Cisco Umbrella Rank: 606471
9 KB
3 situng138nov.xyz
situng138nov.xyz
10 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
36 KB
2 cloudsuper.link
api.cloudsuper.link — Cisco Umbrella Rank: 876026
5 KB
1 amazonaws.com
super-content.s3-ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 713100
5 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
284 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 mezink.com
mezink.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
1 cultureheritage.go.ke
www.cultureheritage.go.ke
314 B
0 unpkg.com Failed
unpkg.com — Cisco Umbrella Rank: 740 Failed
42 13
Domain Requested by
9 mezink.app mezink.app
5 images.linkcdn.cloud situng138nov.xyz
5 mez.ink mezink.app
3 situng138nov.xyz 1 redirects mezink.app
situng138nov.xyz
2 cdnjs.cloudflare.com situng138nov.xyz
2 api.cloudsuper.link mezink.app
1 super-content.s3-ap-southeast-1.amazonaws.com
1 api.ipify.org mezink.app
1 fonts.gstatic.com fonts.googleapis.com
1 mezink.com mezink.app
1 fonts.googleapis.com mezink.app
1 www.cultureheritage.go.ke 1 redirects
0 unpkg.com Failed situng138nov.xyz
42 13

This site contains no links.

Subject Issuer Validity Valid
mezink.app
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
mez.ink
WE1		 2024-11-17 -
2025-02-16		 3 months crt.sh
mezink.com
WE1		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ipify.org
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.cloudsuper.link
Amazon RSA 2048 M02		 2024-07-14 -
2025-08-13		 a year crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon RSA 2048 M01		 2024-11-06 -
2025-10-23		 a year crt.sh
situng138nov.xyz
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
linkcdn.cloud
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://situng138nov.xyz/forbidden
Frame ID: D207DA35E06140616FF1F5C00C6F7625
Requests: 40 HTTP requests in this frame

Frame: https://mezink.com/widget/social?linkedin=https://www.linkedin.com/company/mezink&instagram=https://www.instagram.com/mezinkapp&whatsapp=https://wa.me/0919289463906&youtube=https://www.youtube.com/channel/UCx3fjEZ38BH-fAy_1LY1yqQ&mezinkUrl=https://mez.ink/mezink&color=white&backgroundColor=linear-gradient(213.61deg,rgb(221,21,126)19.96%,rgb(232,53,71)80.04%)&width=50&height=50&iconPadding=6px&gap=10px
Frame ID: C5DD10CF241F750040C8956A33291BB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.cultureheritage.go.ke/sites/default/files/culture/?login=dot77 HTTP 302
    https://mezink.app/Rekomendasi Page URL
  2. https://situng138nov.xyz/register/1DDJRB8P HTTP 302
    https://situng138nov.xyz/forbidden Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

71 %
HTTPS

33 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

247 kB
Transfer

657 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cultureheritage.go.ke/sites/default/files/culture/?login=dot77 HTTP 302
    https://mezink.app/Rekomendasi Page URL
  2. https://situng138nov.xyz/register/1DDJRB8P HTTP 302
    https://situng138nov.xyz/forbidden Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.cultureheritage.go.ke/sites/default/files/culture/?login=dot77 HTTP 302
  • https://mezink.app/Rekomendasi
Request Chain 34
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Rekomendasi
mezink.app/
Redirect Chain
  • https://www.cultureheritage.go.ke/sites/default/files/culture/?login=dot77
  • https://mezink.app/Rekomendasi
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
21d4a64bf520c1804d94b9ca6ca7ea2c34906ea0497a65f0161887e0dd093b3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e5e230f9da9569d-OSL
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2024 05:04:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1FGh0jx3KUdLwn340F%2BxEZ3ulkruHEK8IffaM7VKeXNEo3p9MWfdQHmfd76CfAhSo3PVovIJfQyAoz%2BrH281dLtpAXX%2BsX8nu5WQWFt%2FQRnK61BJ5kh8JIrNUJK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=60315&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4487&delivery_rate=290&cwnd=12000&unsent_bytes=0&cid=817b64541d085a79&ts=504&x=1" cfExtPri cfHdrFlush;dur=0
service-worker-allowed
/
vary
Accept-Encoding
via
1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-id
lO8Og0Pi271aL7f1G3rrLm4ewtTApgMrJZY5VC4ITKJHDUKs4_niBg==
x-amz-cf-pop
OSL50-C1
x-cache
Miss from cloudfront
x-cache-status
EXPIRED
x-powered-by
Next.js

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Nov 2024 05:04:04 GMT
Location
https://mezink.app/Rekomendasi
Server
nginx
content-length
0
webpack-eb86ce35f1c4448e.js
mezink.app/_next/static/chunks/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/chunks/webpack-eb86ce35f1c4448e.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb85052aff6545f751e84dd9bf70804c882868b650eab13faa9870a506e18a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
gzip
service-worker-allowed
/
etag
W/"ea2-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaNlz%2FhROsn%2BJ8HrFHOZ6hZMN%2FavVhTyqsYrrcR3M7XVpcbUdIVDiaBVFuQjR47DwA%2BskDeGjqejdAu9TsMGvOZrMiJXu5JBaLAtodDYV%2FuZg6Pl5FnEHaa%2FKlrs"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
03d_1NdyhJDa4J3hAWNlO34GN7ZgYYaWJtIzpjDhqpQXQqv5TnuWcQ==
date
Thu, 21 Nov 2024 05:04:05 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=59935&sent=19&recv=20&lost=0&retrans=0&sent_bytes=8312&recv_bytes=6912&delivery_rate=69625&cwnd=12000&unsent_bytes=0&cid=817b64541d085a79&ts=804&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
cf-ray
8e5e2312ef5a569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
framework-4556c45dd113b893.js
mezink.app/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/chunks/framework-4556c45dd113b893.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
gzip
service-worker-allowed
/
etag
W/"22682-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6yialsx1nym%2BrT15WykegM63LXOxNFvKZ73bJpC%2Fyhjlc5xH1FJppw7MC8v9wahQ7CpxQYrlAtYi9VxdsfI5XsD83ZU2wQ6DIxIoJrEoWMOxwIsUZYpVHVF3ZUa"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
d2z6LlnrFrn9wK9MVKYKDWIScqRyRN1gLqL2l65YlVitfvaNzFrHLQ==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=69575&sent=42&recv=28&lost=0&retrans=0&sent_bytes=27942&recv_bytes=7257&delivery_rate=200439&cwnd=22800&unsent_bytes=0&cid=817b64541d085a79&ts=1171&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
cf-ray
8e5e2312ef61569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
main-10768c4ed82519cb.js
mezink.app/_next/static/chunks/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/chunks/main-10768c4ed82519cb.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5088a79f6675562ef2398901d9f99bc034312e4e8f2ffaf61e549922ada69607

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
gzip
service-worker-allowed
/
etag
W/"1860b-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iypNvIF8hoYwqf%2BstJ04yFAX%2Fq0ld%2BFf4yUdWj3t%2B48KFDUuY%2Bdtm5Y%2F2V9ZlRy%2FFS04j%2BRkxSN05HB9KWxH%2BbdIpFNSGeE3letvblno2qFEXHm%2FE0VSufvvKfT2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
WfgnMbEYV4hac4GGOCW-bgpy9Kgh-WXj4NlZ2h2qjhu56MwtSYtipQ==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=63348&sent=74&recv=40&lost=0&retrans=0&sent_bytes=59969&recv_bytes=7779&delivery_rate=383584&cwnd=34800&unsent_bytes=0&cid=817b64541d085a79&ts=1236&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
cf-ray
8e5e23132fad569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
_app-12ec51d19e6a1d7f.js
mezink.app/_next/static/chunks/pages/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/chunks/pages/_app-12ec51d19e6a1d7f.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7589decec28139907312610e51cb049d209d78caa30b339414cc197ddce234a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
gzip
service-worker-allowed
/
etag
W/"63f2-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhUpconOjlyA8XJLHfCjj1qYI99pf2T4udf83jZ4yRHai%2FotmENPymSMkk09cCpE5uB%2BQ%2FiSr4APb45k%2FI%2FctaqTJ2F8OeR%2FzUT%2BbgoXBkttPFvy4bbdy6q52PKZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
r7DHFOHKECfHwtKlByCU4qQsWgCJRwJpILLnFr02q9rYvfC435y52g==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=61600&sent=26&recv=22&lost=0&retrans=0&sent_bytes=13198&recv_bytes=6999&delivery_rate=9863&cwnd=12000&unsent_bytes=0&cid=817b64541d085a79&ts=1098&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
cf-ray
8e5e23132fae569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
886-4e9accb08fea681f.js
mezink.app/_next/static/chunks/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/chunks/886-4e9accb08fea681f.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e167c2909f8a9e038ff9c9dbd80681e1e4eaf7c12b355f2d751ccd07ce2f6b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
gzip
service-worker-allowed
/
etag
W/"bf10-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOSADW5wlnE8YEtkS8kyOLTmZ%2FZ6Pdzr3yOyB17DUomOmYeSWDsLCaFqzyzc5sAjkgIM%2BNel6h%2BBUV6EPX1hoWa6bVuD3uxj8dOPiVtzaSPx79bwqG5up1uw5bZ8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
y5HH9HQLe4JlYHbn32TdDs8fJLyUYZp0vRvoegjWMSbYMf2ykW8vtw==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=64560&sent=101&recv=44&lost=0&retrans=0&sent_bytes=91216&recv_bytes=7951&delivery_rate=371405&cwnd=40800&unsent_bytes=0&cid=817b64541d085a79&ts=1269&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
cf-ray
8e5e23132faf569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
%5Burlcode%5D-b323c33d05c7c437.js
mezink.app/_next/static/chunks/pages/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/chunks/pages/%5Burlcode%5D-b323c33d05c7c437.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e1a0af067f44f7b95969957208e318455166005274451d6926d9f1de24abbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
gzip
service-worker-allowed
/
etag
W/"1f7b-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5wnr4kYJmTP0BS9E7sxPfB01ya8a0Fr%2Fe3mux5uLj0w5zj9BTBDEVZbLFAzLtH4OqMccwOdbWxGO2k43a2dDUl3NArW9Hk1h6omUhkdB3d7pYHRA99JRWJVh0aO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
qK4c-x3UxMzwyixhGRujV7m-IU35pGorU_fWpVZ90s7EynPCf5bRLw==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=61600&sent=35&recv=22&lost=0&retrans=0&sent_bytes=23011&recv_bytes=6999&delivery_rate=9863&cwnd=12000&unsent_bytes=0&cid=817b64541d085a79&ts=1099&x=1", cfExtPri, cfHdrFlush;dur=35
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
cf-ray
8e5e23132fb0569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
_buildManifest.js
mezink.app/_next/static/T1FPZYW-5wKv4301BVQb2/ 		402 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/T1FPZYW-5wKv4301BVQb2/_buildManifest.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3db9d634e1075349eb122b1c0d910c503fcd03ec36ea5e17ea5a8197742c7e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
zstd
service-worker-allowed
/
etag
W/"192-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRb4EDKzXsf3Q%2Foo8UKt5VwPdhJbZneSwZQRt4OJ%2BEQuYShyIY1VN19d3JFApfQ3%2FjKljgMhiIfMlONcU5cd%2FywNGjsXKjR38mApwq6INhmkESL5O2WlHwsplMzy"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
syY7AXOs_QXQwmfu2od9taJTnH7nFEqWJmItEkc2Wlmv5P-L33lFnQ==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=61600&sent=24&recv=22&lost=0&retrans=0&sent_bytes=12007&recv_bytes=6999&delivery_rate=9863&cwnd=12000&unsent_bytes=0&cid=817b64541d085a79&ts=1080&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
cf-ray
8e5e23132fb1569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
_ssgManifest.js
mezink.app/_next/static/T1FPZYW-5wKv4301BVQb2/ 		77 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mezink.app/_next/static/T1FPZYW-5wKv4301BVQb2/_ssgManifest.js
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/Rekomendasi

Response headers

content-encoding
zstd
service-worker-allowed
/
etag
W/"4d-18e3207ba18"
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6CBp%2BF8w5Ij%2B4olu3WYdjDPZMyeUEHlJOaQU1RyWZwBxu4Xsxy5bWc0IRoCD%2BeetcrEESbDntn9ZmRcKEo4DKLv4cfKeGGgLs2vHLK3KZjfGvy6oUfha3WyM9vA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
615x6ZnCag-9RnyauVbWVfNidBtqk3eGd1TsiZLN2rGu28miR9r4zA==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Mar 2024 09:39:11 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=61600&sent=22&recv=22&lost=0&retrans=0&sent_bytes=11011&recv_bytes=6999&delivery_rate=9863&cwnd=12000&unsent_bytes=0&cid=817b64541d085a79&ts=1076&x=1", cfExtPri, cfHdrFlush;dur=0
x-cache-status
MISS
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
cf-ray
8e5e23132fb2569d-OSL
x-amz-cf-pop
OSL50-C1
server
cloudflare
css2
fonts.googleapis.com/ 		103 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Poppins:ital,wght@0,600;0,700;1,600;1,700&family=DM+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400&family=Arimo:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Josefin+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5f286c6a3143201fd1edf83591660f489b58d46a3253e0fefcbcabd996c0061
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 05:04:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 05:04:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 21 Nov 2024 05:04:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
faceHi.png
mez.ink/mezink-web/_next/static/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mez.ink/mezink-web/_next/static/images/faceHi.png
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:52e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0d2abea9a7e2f9d1d07299e7e10207706a24f14f9ae7c383def16072c0e4e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

service-worker-allowed
/
etag
W/"114f-1932a0d2d98"
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 09:04:06 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
UcCvEQE6BvH7OA_MM8IdGkjJso72187okP5o25RJ2BtwiLJaCmUd6Q==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 09:42:07 GMT
vary
Accept-Encoding
x-cache-status
EXPIRED
cache-control
public, max-age=14400
via
1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
cf-ray
8e5e2313d92356a9-OSL
accept-ranges
bytes
content-length
4431
x-amz-cf-pop
OSL50-C1
server
cloudflare
eyeBox.png
mez.ink/mezink-web/_next/static/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mez.ink/mezink-web/_next/static/images/eyeBox.png
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:52e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5435a84909645a0b9a29e71614a80aff4a1b2808ce0718b4dc6123ad6e00a06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

service-worker-allowed
/
etag
W/"4d5-1932a0d2d98"
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 09:04:06 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
LxgGWtsxgxmww2bLXgZ9Jh_bri_dyc37ZHK868_xfboTQ6mYocDePQ==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 09:42:07 GMT
vary
Accept-Encoding
x-cache-status
EXPIRED
cache-control
public, max-age=14400
via
1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
cf-ray
8e5e2313e92456a9-OSL
accept-ranges
bytes
content-length
1237
x-amz-cf-pop
OSL50-C1
server
cloudflare
mezinkEyes.png
mez.ink/mezink-web/_next/static/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mez.ink/mezink-web/_next/static/images/mezinkEyes.png
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:52e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32316d588b5358f71d2f4e3f2d8f55a6b88a123a147be84c23f8c20af6d1e20f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

service-worker-allowed
/
etag
W/"477-1932a0d3180"
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 09:04:06 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
4qNpbTePa3nmgsC7lX9JJpotT4U10PQ5ZDglu7MePo0y4UO90VKUPw==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 09:42:08 GMT
vary
Accept-Encoding
x-cache-status
EXPIRED
cache-control
public, max-age=14400
via
1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
cf-ray
8e5e2313e92756a9-OSL
accept-ranges
bytes
content-length
1143
x-amz-cf-pop
OSL50-C1
server
cloudflare
happySmile.png
mez.ink/mezink-web/_next/static/images/ 		340 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mez.ink/mezink-web/_next/static/images/happySmile.png
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:52e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9809bd5d0986286e6f374ef4ee72084a921bdf578ed724508ad570851eb3ab2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

service-worker-allowed
/
etag
W/"154-1932a0d2d98"
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 09:04:06 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
bLLgTH7BjFNq9AqQXogkeIne7a6PWQyl0Uj4e5Y-CIqRQNLrlV8Aow==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 09:42:07 GMT
vary
Accept-Encoding
x-cache-status
EXPIRED
cache-control
public, max-age=14400
via
1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
cf-ray
8e5e2313e92656a9-OSL
accept-ranges
bytes
content-length
340
x-amz-cf-pop
OSL50-C1
server
cloudflare
shadow.png
mez.ink/mezink-web/_next/static/images/ 		955 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mez.ink/mezink-web/_next/static/images/shadow.png
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:52e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0756288a3693b6026a464a2d3d105db6500a18daa3e4d338daa346f30be1c17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

service-worker-allowed
/
etag
W/"3bb-1932a0d3d38"
cf-cache-status
MISS
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 09:04:06 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
pKyUk0wzn_Ipplkw5Y6P4KAjIBOqLdExhPtG3QnOF0FweQ4LXq29fQ==
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 09:42:11 GMT
vary
Accept-Encoding
x-cache-status
HIT
cache-control
public, max-age=14400
via
1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
cf-ray
8e5e2313e92556a9-OSL
accept-ranges
bytes
content-length
955
x-amz-cf-pop
OSL50-C1
server
cloudflare
social
mezink.com/widget/ Frame C5DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mezink.com/widget/social?linkedin=https://www.linkedin.com/company/mezink&instagram=https://www.instagram.com/mezinkapp&whatsapp=https://wa.me/0919289463906&youtube=https://www.youtube.com/channel/UCx3fjEZ38BH-fAy_1LY1yqQ&mezinkUrl=https://mez.ink/mezink&color=white&backgroundColor=linear-gradient(213.61deg,rgb(221,21,126)19.96%,rgb(232,53,71)80.04%)&width=50&height=50&iconPadding=6px&gap=10px
Requested by
Host: mezink.app
URL: https://mezink.app/Rekomendasi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash

Request headers

Referer
https://mezink.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e5e231598300b3d-OSL
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 21 Nov 2024 05:04:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xO1ARt9fS2MWEhuXOwHHFy1NZFbOcEVNA8rslQCw8N64xk4zYt4RXCD3SpOiPAdLITqTVohIpkqZpQxt%2BUFhJUe%2FmDlDgrtoohAJWkLCrdvipMBNwXtVuNU3mtaaY%2B4lGeuC1BAWWXbo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=65791&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2636&delivery_rate=62026&cwnd=254&unsent_bytes=0&cid=71763d2ca8bf5b53&ts=453&x=0"
service-worker-allowed
/
vary
Accept-Encoding
via
1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-id
_7epJrEM8BXW1PRXHd4jDHQw6zeITucqjaGkGdeB69s-lMG4s-iVPw==
x-amz-cf-pop
OSL50-C1
x-cache
Miss from cloudfront
x-cache-status
HIT
x-powered-by
Next.js
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Poppins:ital,wght@0,600;0,700;1,600;1,700&family=DM+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400&family=Arimo:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Josefin+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mezink.app
Referer
https://fonts.googleapis.com/

Response headers

age
114355
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 21:18:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 21:18:10 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
/
api.ipify.org/ 		13 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/
Requested by
Host: mezink.app
URL: https://mezink.app/_next/static/chunks/pages/%5Burlcode%5D-b323c33d05c7c437.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9380e7eda61c0378856f3aaeeb03e16c02b6e2b81ea89ee2c305b9d73ce578a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e5e2319ab8e4c85-HEL
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=33290&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4044&recv_bytes=2280&delivery_rate=113845&cwnd=254&unsent_bytes=0&cid=1fa2dfe471ee3558&ts=207&x=0"
content-length
13
date
Thu, 21 Nov 2024 05:04:06 GMT
content-type
text/plain
vary
Origin
server
cloudflare
get
api.cloudsuper.link/shortener/v1/ 		6 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cloudsuper.link/shortener/v1/get
Requested by
Host: mezink.app
URL: https://mezink.app/_next/static/chunks/pages/%5Burlcode%5D-b323c33d05c7c437.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.198.135 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-198-135.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

timestamp
2024-11-21T05:04:06.822Z
source
Desktop
Referer
https://mezink.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-request-id
NgEXGbndBuuolsG7C5biWye72Idl59Xa
access-control-allow-origin
*
content-encoding
gzip
date
Thu, 21 Nov 2024 05:04:08 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx/1.18.0 (Ubuntu)
get
api.cloudsuper.link/shortener/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cloudsuper.link/shortener/v1/get
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.198.135 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-198-135.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,source,timestamp
Access-Control-Request-Method
POST
Origin
https://mezink.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, hash, Authorization, timestamp, source, Accept-Language, Device-Language, pageID, platform, appType
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH
access-control-allow-origin
*
access-control-max-age
1728000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 21 Nov 2024 05:04:07 GMT
server
nginx/1.18.0 (Ubuntu)
636aaab405b8761ed88b2a8d
super-content.s3-ap-southeast-1.amazonaws.com/users/16203/profile/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://super-content.s3-ap-southeast-1.amazonaws.com/users/16203/profile/636aaab405b8761ed88b2a8d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.125.94 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mezink.app/

Response headers

x-amz-id-2
wyi0YfM8MvZMg0pzfTd0lVF2jH9iCAVn68dxLX+xv6iB4h5CvUANF/C8mtvcNuht7YRigOX0uxw=
ETag
"95e1bceebccafa5b48d720c459cfac70"
x-amz-request-id
XREDBP70EPZ8WH2J
x-amz-storage-class
INTELLIGENT_TIERING
Accept-Ranges
bytes
Content-Length
4992
Date
Thu, 21 Nov 2024 05:04:09 GMT
Last-Modified
Tue, 08 Nov 2022 19:15:01 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
Primary Request forbidden
situng138nov.xyz/
Redirect Chain
  • https://situng138nov.xyz/register/1DDJRB8P
  • https://situng138nov.xyz/forbidden
23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://situng138nov.xyz/forbidden
Requested by
Host: mezink.app
URL: https://mezink.app/_next/static/chunks/pages/%5Burlcode%5D-b323c33d05c7c437.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e91cbf26760b3b8e7393377e205ccc1c26d046c03091c215e24208160bb72e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://mezink.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e5e23297dec569c-OSL
content-encoding
zstd
content-security-policy
default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 05:04:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJXEwrqiFKro5jVT81xIk012y%2BOtS%2F38iVriZF4MKn%2BkoL56gT6JHxId7xrpnLk61G4Usw8%2FTOycuEiNDJJ367fqb88fVqPyxYUIJYol7u%2B6OMFuMwpduyR4DAYXqQIhsO6V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=61549&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5447&recv_bytes=4988&delivery_rate=21296&cwnd=12000&unsent_bytes=0&cid=f90a7f3c4a17f601&ts=982&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e5e23256bf6569c-OSL
content-security-policy
default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 05:04:09 GMT
location
https://situng138nov.xyz/forbidden
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWzHBHt0HWvLeMz2HkpXGP0YkKjR8gb%2FkqFHYpVEhWDsec08AzhowlyqyZ4ogXmP3XLg%2BRozLMNm38MsqYF6HyY40zzhFB7RUGkxwjxh26qSIu8jcEybx%2BSkSHtRnwdjQ8oG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=61951&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4501&delivery_rate=334&cwnd=12000&unsent_bytes=0&cid=f90a7f3c4a17f601&ts=664&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block
fa-solid-900.woff2
situng138nov.xyz/themes/1/font/font-awesome/webfonts/ 		0
0
fa-brands-400.woff2
situng138nov.xyz/themes/1/font/font-awesome/webfonts/ 		0
0
global.css
situng138nov.xyz/themes/1/css/ 		0
0
all.min.css
situng138nov.xyz/themes/1/font/font-awesome/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://situng138nov.xyz/themes/1/font/font-awesome/css/all.min.css
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/forbidden

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"e7d0-62b2b50e-bc853;br"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nh%2F1oXx9tEll2vcGvZVGYFo76MPyQsNgTOUB1k00NqPoFhvW8DVbaVvFzGgKgX%2F89aKx4Oe9avkz0FkUNad7pEiMBX7EA9oF%2BK2M8i7c2XL%2FXKU7Dvs9Sqv%2BFInibDytDagu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 05:04:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60766&sent=26&recv=23&lost=0&retrans=0&sent_bytes=14620&recv_bytes=12056&delivery_rate=28773&cwnd=12000&unsent_bytes=0&cid=f90a7f3c4a17f601&ts=1639&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 05:04:10 GMT
content-type
text/css
last-modified
Wed, 22 Jun 2022 06:22:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000
content-security-policy
default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e5e232b8f2c569c-OSL
x-xss-protection
1;mode=block
server
cloudflare
style.css
situng138nov.xyz/custom/css/ 		0
0
custom.css
situng138nov.xyz/themes/1/sass/ 		0
0
eg.png
images.linkcdn.cloud/global/error/flag/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.linkcdn.cloud/global/error/flag/eg.png
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575750d9922f6e69cb2a465bb52cb5265ae2506f932ea6f1767caa19b7275577

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-bgj
imgq:100,h2pri
etag
"e155178d1dc7e9aee9c26f033f6bc12a"
age
626155
cf-cache-status
HIT
expires
Fri, 21 Nov 2025 05:04:09 GMT
cf-polished
origFmt=png, origSize=4385
date
Thu, 21 Nov 2024 05:04:09 GMT
content-type
image/webp
content-disposition
inline; filename="eg.webp"
vary
Accept
last-modified
Fri, 25 Aug 2023 14:17:30 GMT
cache-control
public, max-age=31536000
cf-ray
8e5e232c7bd756b1-OSL
accept-ranges
bytes
access-control-allow-origin
*
content-length
3446
server
cloudflare
id.png
images.linkcdn.cloud/global/error/flag/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.linkcdn.cloud/global/error/flag/id.png
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
823d0dc44fc4070cb915fdcfcdce16f3142b6b5a6627a8018dd4a9959ded9f42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-bgj
imgq:100,h2pri
etag
"92e82ec701b4ede7531d32b148dd0d56"
age
13884911
cf-cache-status
HIT
expires
Fri, 21 Nov 2025 05:04:09 GMT
cf-polished
origFmt=png, origSize=3157
date
Thu, 21 Nov 2024 05:04:09 GMT
content-type
image/webp
content-disposition
inline; filename="id.webp"
vary
Accept
last-modified
Fri, 25 Aug 2023 14:17:31 GMT
cache-control
public, max-age=31536000
cf-ray
8e5e232c7bd856b1-OSL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2056
server
cloudflare
ph.png
images.linkcdn.cloud/global/error/flag/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.linkcdn.cloud/global/error/flag/ph.png
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9de6305141cc0f43f639b6025292d7e6d236af9b0fe0e35579300b1e8d02e9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-bgj
imgq:100,h2pri
etag
"51e89e6344152e991a0061631085a7fd"
age
11990326
cf-cache-status
HIT
expires
Fri, 21 Nov 2025 05:04:09 GMT
cf-polished
origFmt=png, origSize=4476
date
Thu, 21 Nov 2024 05:04:09 GMT
content-type
image/webp
content-disposition
inline; filename="ph.webp"
vary
Accept
last-modified
Fri, 25 Aug 2023 14:17:31 GMT
cache-control
public, max-age=31536000
cf-ray
8e5e232cfc3856b1-OSL
accept-ranges
bytes
access-control-allow-origin
*
content-length
3474
server
cloudflare
th.png
images.linkcdn.cloud/global/error/flag/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.linkcdn.cloud/global/error/flag/th.png
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9914f2ed66f224f1a399b14eb7f7923244fa97b6523adb487542e3d94465a4a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-bgj
imgq:100,h2pri
etag
"b46372ead9777387a4be1d1cd2b677fa"
age
102203
cf-cache-status
HIT
expires
Fri, 21 Nov 2025 05:04:09 GMT
cf-polished
origFmt=png, origSize=3371
date
Thu, 21 Nov 2024 05:04:09 GMT
content-type
image/webp
content-disposition
inline; filename="th.webp"
vary
Accept
last-modified
Fri, 25 Aug 2023 14:17:31 GMT
cache-control
public, max-age=31536000
cf-ray
8e5e232cfc3a56b1-OSL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2450
server
cloudflare
cn.png
images.linkcdn.cloud/global/error/flag/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.linkcdn.cloud/global/error/flag/cn.png
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b23b6deceb1f832a4135cdd637f0a49fe5772ffa2b799ff90249fa9d15fc8eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-bgj
imgq:100,h2pri
etag
"931b25f7d986b89bb2ac8e252318b328"
age
2608777
cf-cache-status
HIT
expires
Fri, 21 Nov 2025 05:04:09 GMT
cf-polished
origFmt=png, origSize=3878
date
Thu, 21 Nov 2024 05:04:09 GMT
content-type
image/webp
content-disposition
inline; filename="cn.webp"
vary
Accept
last-modified
Fri, 25 Aug 2023 14:17:30 GMT
cache-control
public, max-age=31536000
cf-ray
8e5e232d7c6d56b1-OSL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2976
server
cloudflare
vn.png
images.linkcdn.cloud/global/error/flag/ 		0
0
br.png
images.linkcdn.cloud/global/error/flag/ 		0
0
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
0
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-1514f"
age
6338
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOe2QyC5BSFFoE5iCXPzMn8UIH6kwqf0SYV90wWxMV0Nk6bdf4X4tRLrHXoLwytf7ZIJOr0XAzXL3yAZJjc%2F5dCFi86R%2BcdWJ77unX4OgXOXUD45Z4xZvykEqOQB26bpevVpykcx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 05:04:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 21 Nov 2024 05:04:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5e232e39134c7e-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
27198
server
cloudflare
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: situng138nov.xyz
URL: https://situng138nov.xyz/forbidden
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://situng138nov.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb04010-90b5"
age
110209
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3b7mR%2F6VrBCiaxlq1C7fELhu7CUDhbs7xzGblPVYn9IgZLAHnVpv0xNP5jNE85l7lNTuihOX1PG1drwghhz%2B%2FKJsEJyFxcXZdheFPPJboIfZ%2F4RmFZyR9tnGRewE7GPXIkRhhHF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 05:04:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 21 Nov 2024 05:04:10 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5e232ed9784c7e-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
8722
server
cloudflare
vendor.js
situng138nov.xyz/themes/1/js/ 		0
0
global.js
situng138nov.xyz/themes/1/js/ 		0
0
index.js
situng138nov.xyz/themes/1/js/ 		0
0
jquery.validate.min.js
situng138nov.xyz/themes/1/vendor/jquery-validate/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/font/font-awesome/webfonts/fa-solid-900.woff2
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/font/font-awesome/webfonts/fa-brands-400.woff2
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/css/global.css
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/custom/css/style.css
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/sass/custom.css?v=2.0.1791
Domain
images.linkcdn.cloud
URL
https://images.linkcdn.cloud/global/error/flag/vn.png
Domain
images.linkcdn.cloud
URL
https://images.linkcdn.cloud/global/error/flag/br.png
Domain
unpkg.com
URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/js/vendor.js
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/js/global.js?v=2.0.1791
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/js/index.js?v=2.0.1791
Domain
situng138nov.xyz
URL
https://situng138nov.xyz/themes/1/vendor/jquery-validate/jquery.validate.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
www.cultureheritage.go.ke/ Name: cookiesession1
Value: 678A3E132A2223EE83C8622E8EBF7252
situng138nov.xyz/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdlWFJMNE1BK1BKcWZUVG5xUTNwdFE9PSIsInZhbHVlIjoiTytMdlVpaGYxL1RQNXJTZHN3aHRsMm9ybHVRVld6YXo5QnVIaG5nT0U2WExtMmR1VFdwOGx6TWlqZTFsaE11U3JZSHNlNE8rRVRlOVRyN2FDNE1IVGNwZkhBTUoyeXN1cGVkMHowdGlIdzR5NnAyN2xxeDR4SG44d3R6R2xsNFMiLCJtYWMiOiJjNmExOTBlMmM0Yjc0ODFjOTY2MGE4NTUzNjk4OGNmMWM1NGNjYTQzZmZjYzk5MTczNWUzNmE5NDdmZjgzOWVlIiwidGFnIjoiIn0%3D
situng138nov.xyz/ Name: mpoplay_frontend_session
Value: eyJpdiI6IlZzaDF2SkJEYk1oeTVnRWY0YTRhZmc9PSIsInZhbHVlIjoiYWtMeHdvajVzaXhXUzlJemRrYkdWb0lEUjNUaUFnR29ldnVYU1JmYXVJOHFhcG9FSXNIWXVNTEJsNWkwazJJaTM5VnJoL0lrT2tYaTFmMWMzaGpBa1dVanl2Uk1BakY5SmZGcEE1Q01OSnhMQjdWNVk3c2pjNFh3a2RyaWFOYkYiLCJtYWMiOiJhOTdiNDM1N2Q5NTMxMGFjYWVkYzVlYjI0ZTg0YmE4N2IxNmM1NzMwNmExMWY2YjkyMjNlNmIxMzI0NWJkNTMwIiwidGFnIjoiIn0%3D
situng138nov.xyz/ Name: modal1484
Value: eyJpdiI6ImtNUVhhMnk5SUFYc3pzWXUvNWhHRnc9PSIsInZhbHVlIjoiZy9pejNuaVlQd0NxbjhxR3luWFB4UnBaNG1XSHRGaU1kdm5lZnFQeUNnNU1QOFNXRWJVWVN6cThlak93NkswZCIsIm1hYyI6Ijc0YTU5MTliZjZlNmQzYmYzNjVmYTcwMDJhYzFjYTZmNWIzYmY0ZGI2YWFjOThjMTc2ZmRkNGM3YjY1NjE4NTEiLCJ0YWciOiIifQ%3D%3D
.linkcdn.cloud/ Name: __cf_bm
Value: 5.hYpPg03VbPoMXnvQSWkl6xnAVWv3m35nGVI3DPlM8-1732165449-1.0.1.1-cOHjlMCi3TRM2pGrdLG.lbVuSAIN5l4_8PK6z_ZqJ2LyorZg2w_eCjQaSTJvcY853UrmWmMMZp3pjIsGqGiUUA

1 Console Messages

Source Level URL
Text
network error URL: https://situng138nov.xyz/forbidden
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cloudsuper.link
api.ipify.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
images.linkcdn.cloud
mez.ink
mezink.app
mezink.com
situng138nov.xyz
super-content.s3-ap-southeast-1.amazonaws.com
unpkg.com
www.cultureheritage.go.ke
images.linkcdn.cloud
situng138nov.xyz
unpkg.com
102.210.149.88
104.17.25.14
104.26.13.205
142.250.186.163
172.67.132.161
172.67.155.160
2606:4700:4400::ac40:9ac7
2606:4700::6812:52e
2a00:1450:4001:80b::200a
2a06:98c1:3120::3
52.219.125.94
52.220.198.135
1b23b6deceb1f832a4135cdd637f0a49fe5772ffa2b799ff90249fa9d15fc8eb
21d4a64bf520c1804d94b9ca6ca7ea2c34906ea0497a65f0161887e0dd093b3d
32316d588b5358f71d2f4e3f2d8f55a6b88a123a147be84c23f8c20af6d1e20f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5088a79f6675562ef2398901d9f99bc034312e4e8f2ffaf61e549922ada69607
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
575750d9922f6e69cb2a465bb52cb5265ae2506f932ea6f1767caa19b7275577
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7e167c2909f8a9e038ff9c9dbd80681e1e4eaf7c12b355f2d751ccd07ce2f6b7
823d0dc44fc4070cb915fdcfcdce16f3142b6b5a6627a8018dd4a9959ded9f42
83e1a0af067f44f7b95969957208e318455166005274451d6926d9f1de24abbd
89e91cbf26760b3b8e7393377e205ccc1c26d046c03091c215e24208160bb72e
9380e7eda61c0378856f3aaeeb03e16c02b6e2b81ea89ee2c305b9d73ce578a1
9809bd5d0986286e6f374ef4ee72084a921bdf578ed724508ad570851eb3ab2d
9914f2ed66f224f1a399b14eb7f7923244fa97b6523adb487542e3d94465a4a0
a7589decec28139907312610e51cb049d209d78caa30b339414cc197ddce234a
b3db9d634e1075349eb122b1c0d910c503fcd03ec36ea5e17ea5a8197742c7e4
b5f286c6a3143201fd1edf83591660f489b58d46a3253e0fefcbcabd996c0061
d9de6305141cc0f43f639b6025292d7e6d236af9b0fe0e35579300b1e8d02e9a
dc0d2abea9a7e2f9d1d07299e7e10207706a24f14f9ae7c383def16072c0e4e9
ddb85052aff6545f751e84dd9bf70804c882868b650eab13faa9870a506e18a2
e5435a84909645a0b9a29e71614a80aff4a1b2808ce0718b4dc6123ad6e00a06
f0756288a3693b6026a464a2d3d105db6500a18daa3e4d338daa346f30be1c17
f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3