Submitted URL: http://bm.canvasolutions.co.uk/
Effective URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Submission: On March 06 via api from US — Scanned from US

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 118.97.39.132, located in and belongs to . The main domain is ekinerja.ternatekota.go.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 2nd 2022. Valid for: a year.
This is the only time ekinerja.ternatekota.go.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 cdn.ampproject.org ekinerja.ternatekota.go.id
cdn.ampproject.org
4 res.cloudinary.com ekinerja.ternatekota.go.id
1 i.postimg.cc ekinerja.ternatekota.go.id
1 i.imgur.com ekinerja.ternatekota.go.id
1 ekinerja.ternatekota.go.id
1 www.google.com 1 redirects
1 google.com 1 redirects
1 bm.canvasolutions.co.uk
14 8

This site contains no links.

Subject Issuer Validity Valid
ekinerja.ternatekota.go.id
Sectigo RSA Domain Validation Secure Server CA
2022-08-02 -
2023-08-02
a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-03-16
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
postimg.cc
R3
2023-02-18 -
2023-05-19
3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2022-05-30 -
2023-07-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://ekinerja.ternatekota.go.id/slot-gacor/
Frame ID: 80ED3C4D0EB165D874E9E6B41DDF8C31
Requests: 18 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bm.canvasolutions.co.uk/ Page URL
  2. https://google.com/amp/s/ekinerja.ternatekota.go.id/slot-gacor/ HTTP 301
    https://www.google.com/amp/s/ekinerja.ternatekota.go.id/slot-gacor/ HTTP 302
    https://ekinerja.ternatekota.go.id/slot-gacor/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

1309 kB
Transfer

1636 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bm.canvasolutions.co.uk/ Page URL
  2. https://google.com/amp/s/ekinerja.ternatekota.go.id/slot-gacor/ HTTP 301
    https://www.google.com/amp/s/ekinerja.ternatekota.go.id/slot-gacor/ HTTP 302
    https://ekinerja.ternatekota.go.id/slot-gacor/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
bm.canvasolutions.co.uk/
335 B
533 B
Document
General
Full URL
http://bm.canvasolutions.co.uk/
Protocol
HTTP/1.1
Server
31.22.4.81 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv46.byethost46.org
Software
nginx /
Resource Hash
8a11f0b5e41f9931b047b13df6736efa7fc0567dc186d5797d3a9a8c65d42bcf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 04:33:22 GMT
Expires
Mon, 06 Mar 2023 04:33:22 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Primary Request /
ekinerja.ternatekota.go.id/slot-gacor/
Redirect Chain
  • https://google.com/amp/s/ekinerja.ternatekota.go.id/slot-gacor/
  • https://www.google.com/amp/s/ekinerja.ternatekota.go.id/slot-gacor/
  • https://ekinerja.ternatekota.go.id/slot-gacor/
70 KB
70 KB
Document
General
Full URL
https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
118.97.39.132 -, , ASN (),
Reverse DNS
Software
Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.4.10 / PHP/7.4.10
Resource Hash
b3de113bf74ed92c8c8c55e568e622811769ee97d65005c0c6e86240ab2649df

Request headers

Referer
http://bm.canvasolutions.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 04:33:30 GMT
Keep-Alive
timeout=3, max=500
Server
Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.4.10
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.10

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
243
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-ntdBl6BoJETWAamHIdM5Dw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 06 Mar 2023 04:33:29 GMT
location
https://ekinerja.ternatekota.go.id/slot-gacor/
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
0
oVNsykY.png
i.imgur.com/
1 MB
1 MB
Image
General
Full URL
https://i.imgur.com/oVNsykY.png
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 -, , ASN (),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
277c33fe96a427087282f2333dd976ae22ed4b3e20455d557ef0f482477098d0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:33:30 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
854452
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1121404
x-served-by
cache-iad-kiad7000091-IAD
last-modified
Fri, 24 Feb 2023 07:12:39 GMT
server
cat factory 1.0
x-timer
S1678077211.960372,VS0,VE4
etag
"5ec62e38094bf364b3c47942d2b4d71a"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
v0.js
cdn.ampproject.org/
277 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
60a6cf1b62a409ac88f87315e30a503ca22a65b043103366c9b8b32f3440793a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 04:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72759
x-xss-protection
0
server
sffe
etag
"863a7f05c6b67e0b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Mar 2023 04:33:30 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
110 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d4d42fbf9b075838997b6a71e574891e927bbd19145942835e2c8c1f3a6cf233
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 04:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32019
x-xss-protection
0
server
sffe
etag
"d4883273118b4543"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Mar 2023 04:33:30 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/
6 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
54e411fac21b80cdba9f606761985b97fd624dbdd5c0f0e9cbe7451735f36593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 04:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2478
x-xss-protection
0
server
sffe
etag
"000233be44a19b99"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Mar 2023 04:33:30 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/
38 KB
11 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
99b39b575ca019c8d3247ead0210a03691487a1c7fcf78333c68be600cad9597
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 04:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11538
x-xss-protection
0
server
sffe
etag
"604702e744b1d881"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Mar 2023 04:33:30 GMT
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
slot-gacor.png
i.postimg.cc/J0tmpS3G/
10 KB
11 KB
Image
General
Full URL
https://i.postimg.cc/J0tmpS3G/slot-gacor.png
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.150.190.236 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1645ad74bca85395c4234e671969ecaa50fc3cf98abd2308ff0e6cce1d8ffc28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:33:31 GMT
last-modified
Sun, 11 Sep 2022 15:17:23 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10539
expires
Thu, 31 Dec 2037 23:55:55 GMT
promotion_grigyn.svg
res.cloudinary.com/nomor-slot/image/upload/v1641283081/assets/
3 KB
2 KB
Image
General
Full URL
https://res.cloudinary.com/nomor-slot/image/upload/v1641283081/assets/promotion_grigyn.svg
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a741 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
23933c6341149c2b4ee02ec30b8609213a4d4ff5348fb3c32a6d145541decaa1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="promotion_grigyn.svg"
server-timing
cloudflare;dur=676;start=2023-03-06T04:33:31.238Z;desc=hit,rtt;dur=16
content-length
1606
last-modified
Tue, 04 Jan 2022 07:58:05 GMT
server
cloudflare
etag
W/"f46c6d33c49406a26b11fcab499c787f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
7a37e18a3b27d14f-BUF
timing-allow-origin
*
login_xofeph.svg
res.cloudinary.com/nomor-slot/image/upload/v1641283079/assets/
951 B
1 KB
Image
General
Full URL
https://res.cloudinary.com/nomor-slot/image/upload/v1641283079/assets/login_xofeph.svg
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a741 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6da3c6156dbf91d4edfd511e2334d4a18c55562ca9f08fab46d516f8c36fbb8b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:33:31 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
attachment; filename="login_xofeph.svg"
server-timing
cloudflare;dur=660;start=2023-03-06T04:33:31.237Z;desc=hit,rtt;dur=16
content-length
951
last-modified
Tue, 04 Jan 2022 07:58:01 GMT
server
cloudflare
etag
"2fb4526070f10f7d4faf65705ed45843"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
7a37e18a3b24d14f-BUF
timing-allow-origin
*
whatsapp_hsxye5_czkftf.webp
res.cloudinary.com/nomor-slot/image/upload/v1649496943/assets/
3 KB
3 KB
Image
General
Full URL
https://res.cloudinary.com/nomor-slot/image/upload/v1649496943/assets/whatsapp_hsxye5_czkftf.webp
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a741 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2e122a05eeb089857aa10fe899c5f856ae4a856ded79ae7a4aee30962c2d63c7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:33:31 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="whatsapp_hsxye5_czkftf.webp"
server-timing
cloudflare;dur=685;start=2023-03-06T04:33:31.236Z;desc=hit,rtt;dur=16
content-length
2882
last-modified
Sat, 09 Apr 2022 09:35:44 GMT
server
cloudflare
etag
"507573de790ce056ddb74a9d999483dd"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
7a37e18a3b25d14f-BUF
timing-allow-origin
*
live-chat_pph6fv.svg
res.cloudinary.com/nomor-slot/image/upload/v1641283082/assets/
3 KB
2 KB
Image
General
Full URL
https://res.cloudinary.com/nomor-slot/image/upload/v1641283082/assets/live-chat_pph6fv.svg
Requested by
Host: ekinerja.ternatekota.go.id
URL: https://ekinerja.ternatekota.go.id/slot-gacor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a741 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ekinerja.ternatekota.go.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="live-chat_pph6fv.svg"
server-timing
cloudflare;dur=684;start=2023-03-06T04:33:31.237Z;desc=hit,rtt;dur=16
content-length
1608
last-modified
Tue, 04 Jan 2022 07:58:04 GMT
server
cloudflare
etag
W/"8a41b6491e493bb1dccf005e3cb0d86e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
7a37e18a3b26d14f-BUF
timing-allow-origin
*
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012302171719000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
902c0494a12b94420c4040b4ce8e4bc8a2e09e022e5321afbdf3f7d5a8e811a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ekinerja.ternatekota.go.id/
Origin
https://ekinerja.ternatekota.go.id
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 22:01:27 GMT
age
455524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2981
x-xss-protection
0
server
sffe
etag
"aa70f7b46770e57e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Feb 2024 22:01:27 GMT
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
149 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012302171719000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012302171719000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ef631f16de88017ffa30fdaec505fe35da58c32a7ab476742b67670d9b2404f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ekinerja.ternatekota.go.id/
Origin
https://ekinerja.ternatekota.go.id
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 22:01:27 GMT
age
455524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3933
x-xss-protection
0
server
sffe
etag
"c21de78ba2e336d0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Feb 2024 22:01:27 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=bm5p4QCtOdgIafuL_DRBG70kXpUngxyrQLX8rGT-TE2470dug7b02IJFTwcAnk9u8DwhRinMMaYp6E-9WZzc0EmBG7xTnMcJOHOwm0ZkVIF2WgM2Kycz9z0aO5X1yM8CR8dci9lXCXnMbrn0Lc12ICMJ5YnHYP7yfGWkZ1AQIbg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bm.canvasolutions.co.uk
cdn.ampproject.org
ekinerja.ternatekota.go.id
google.com
i.imgur.com
i.postimg.cc
res.cloudinary.com
www.google.com
118.97.39.132
146.75.28.193
185.150.190.236
2606:4700::6813:a741
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2001
31.22.4.81
1645ad74bca85395c4234e671969ecaa50fc3cf98abd2308ff0e6cce1d8ffc28
23933c6341149c2b4ee02ec30b8609213a4d4ff5348fb3c32a6d145541decaa1
277c33fe96a427087282f2333dd976ae22ed4b3e20455d557ef0f482477098d0
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2e122a05eeb089857aa10fe899c5f856ae4a856ded79ae7a4aee30962c2d63c7
4ef631f16de88017ffa30fdaec505fe35da58c32a7ab476742b67670d9b2404f
54e411fac21b80cdba9f606761985b97fd624dbdd5c0f0e9cbe7451735f36593
60a6cf1b62a409ac88f87315e30a503ca22a65b043103366c9b8b32f3440793a
6da3c6156dbf91d4edfd511e2334d4a18c55562ca9f08fab46d516f8c36fbb8b
8a11f0b5e41f9931b047b13df6736efa7fc0567dc186d5797d3a9a8c65d42bcf
902c0494a12b94420c4040b4ce8e4bc8a2e09e022e5321afbdf3f7d5a8e811a8
99b39b575ca019c8d3247ead0210a03691487a1c7fcf78333c68be600cad9597
b3de113bf74ed92c8c8c55e568e622811769ee97d65005c0c6e86240ab2649df
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
d4d42fbf9b075838997b6a71e574891e927bbd19145942835e2c8c1f3a6cf233
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457