refhlt.kosongsatu.click Open in urlscan Pro
2606:4700:3035::6815:1c16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://refhlt.kosongsatu.click/
Submission: On December 30 via api (December 30th 2023, 8:08:19 am UTC) from US — Scanned from US

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3035::6815:1c16, located in United States and belongs to CLOUDFLARENET, US. The main domain is refhlt.kosongsatu.click.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.

This is the only time refhlt.kosongsatu.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::6815:1c16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3033::6815:8c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	4

1 2606:4700:3035::6815:1c16 (United States)

ASN13335 (CLOUDFLARENET, US)

refhlt.kosongsatu.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3033::6815:8c6 (United States)

ASN13335 (CLOUDFLARENET, US)

hlt.asets.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icon.asets.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	asets.click hlt.asets.click icon.asets.click	683 KB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	151 KB
1	kosongsatu.click refhlt.kosongsatu.click	7 KB
20	3

	Domain	Requested by
9	cdn.ampproject.org	refhlt.kosongsatu.click cdn.ampproject.org
6	icon.asets.click	refhlt.kosongsatu.click
4	hlt.asets.click	refhlt.kosongsatu.click
1	refhlt.kosongsatu.click
20	4

This site contains links to these domains. Also see Links.

Domain
daftar.tv
kosongsatu.click

Subject Issuer	Validity	Valid
kosongsatu.click GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
asets.click GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://refhlt.kosongsatu.click/
Frame ID: 8CF56DEF2E712382629CA588DFE431A6
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Halobet - Pilihan Tepat Bermain Slot Gacor

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

841 kB
Transfer

1239 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://daftar.tv/refhlt/
Title: Beranda

Search URL Search Domain Scan URL

URL: https://daftar.tv/refhlt
Title: Daftar

Search URL Search Domain Scan URL

URL: https://kosongsatu.click/
Title: Halobet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
refhlt.kosongsatu.click/ 26 KB
7 KB 519ms
486ms Document
text/html 2606:4700:3035::6815:1c16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44dc3e17e2de0d8d8faea3fa372923664f6858a3f65eef7488ec419a3094b18e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83d8cb2738e9433e-EWR
content-encoding: br
content-type: text/html
date: Sat, 30 Dec 2023 08:08:13 GMT
last-modified: Fri, 29 Dec 2023 08:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lFmD7nrsfaQcAMFJvLd93HiMjqBwzS5Q8N3tp3gB%2Fn92AWJMGXZkGqmFJVXdovEZ%2BkzxBRqDbwkSUiC1XjuomU88Yi%2FFLBYKYDtpKK4lvHdd1m1C9XMaRRMsRQo6DvqxYh3FkS00NqINt441KPhZWyIy0gW6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 118ms
52ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 106ms
40ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11509
x-xss-protection: 0
server: sffe
etag: "89fd1f55c72a0a94"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 89ms
43ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9639
x-xss-protection: 0
server: sffe
etag: "13e0a16aa728157d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 85ms
38ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2473
x-xss-protection: 0
server: sffe
etag: "f9ec7b9cfb04b32c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
10 KB 82ms
36ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8936
x-xss-protection: 0
server: sffe
etag: "983117833e8e8e62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 94ms
49ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8507
x-xss-protection: 0
server: sffe
etag: "97039edf12d9673b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 38ms
36ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 30 Dec 2023 08:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Dec 2023 08:08:13 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4bfe175a79d1a5ac0ffb60e879d653a9a995f6fc372ea7063896806c326b36e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logo-halobet.webp
hlt.asets.click//logo/ 3 KB
4 KB 354ms
253ms Image
image/webp 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hlt.asets.click//logo/logo-halobet.webp
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 531c367b59836a3e4af45f28df4a9bc9669b3dea4a313a26f1abb5cfa016f40c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Oct 2023 12:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c8c-651abde6-c18e0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mihLn4jrX9Kf7ECXGFWF8RK0MpQ%2BOZXA0iGLFJJlWtIPhdkVJKqTed6f7OMFyfsk3mn6muMks%2FsNu3Qon3tasgKTfTg3cwRmxPUi%2BXKy%2BfnPDTpptoHgxMAiR53MvCDjPriXQ1pNTE9UuuH7c2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6dcd0f77-EWR
alt-svc: h3=":443"; ma=86400
content-length: 3212
expires: Sat, 18 Nov 2023 10:04:07 GMT

GET
H2 200 Haloplay.webp
hlt.asets.click/logo/ 9 KB
9 KB 366ms
266ms Image
image/webp 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hlt.asets.click/logo/Haloplay.webp
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a7b1cd79d5e3ea160a8287c84fa5e4cd4a0af6092a638c519e02c87ebdde784

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 13:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2366-651ac12b-c18e4;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oioOlQXUd8XpQ5XPhMX0gdUE5ayitNv%2BwP2v6euADhdfNb5yGlC%2BZRa%2FUPIbvk9Ix%2B%2Br2D2nPH%2FhvqEF28b8bkItJNg7VrHNSrJbpIaqlfIqXJog7M2ujhyWXr7ogzWOWPJKHwQUr8VSpd1F%2BCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6dd00f77-EWR
alt-svc: h3=":443"; ma=86400
content-length: 9062
expires: Tue, 07 Nov 2023 21:06:28 GMT

GET
H2 200 Home.png
icon.asets.click/ 11 KB
12 KB 110ms
10ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icon.asets.click/Home.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94743e85fccd0c6e660fefade6803f884006617e7e275d30aae99a2352e05f41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21590
alt-svc: h3=":443"; ma=86400
content-length: 11532
last-modified: Mon, 02 Oct 2023 12:55:35 GMT
server: cloudflare
etag: "2d0c-651abdc7-c18dd;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOQEiN8ktgF4YT9l54k7EeypAyqpRiX1LZx82sr4UT6olPfzvys4BjR5MWEK%2FtWFRmkOETyS6yXprWPwqfVK9Vz1XidMqpFOL9wFCrTSDYd2P%2Bk3lAGclaGFb1j5AADWImtMazRawRqNXAjYtSgU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6be9c463-EWR
expires: Fri, 08 Dec 2023 01:05:32 GMT

GET
H2 200 Whatsapp.png
icon.asets.click/ 8 KB
8 KB 120ms
19ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icon.asets.click/Whatsapp.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef90f6bf8fcd368bdeaaf143a23c507c1490d949fe3dfe8eb038edcb6da898e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21590
alt-svc: h3=":443"; ma=86400
content-length: 7885
last-modified: Mon, 02 Oct 2023 12:55:35 GMT
server: cloudflare
etag: "1ecd-651abdc7-c18db;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kErTSX9zcjMZXfL75IpGIW1a3%2BTtLGtZQDvRSYEEi8RlqVZ%2FEv3fAtrpkreneIi6RfMyTOAZ1DJbguzAYHtM%2Fxucru3H%2FcXdtOF8XQXwOvgw7vOcfMLB%2BW7C2TjfJsgvqo5N9NaSSL1E2hSLlhd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6be8c463-EWR
expires: Tue, 05 Dec 2023 21:36:06 GMT

GET
H2 200 daftar.png
icon.asets.click/ 12 KB
13 KB 119ms
19ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icon.asets.click/daftar.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d65f9676c52253f6548bb1fb1040a858bda5f16705f5485488bd4ccf651c7676

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21589
alt-svc: h3=":443"; ma=86400
content-length: 12711
last-modified: Mon, 02 Oct 2023 12:55:35 GMT
server: cloudflare
etag: "31a7-651abdc7-c18dc;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPTN65lElhNAUclWMOlnNnHCkL8o9WS9JhFDTKT%2FeRuDiXlvPk33llKlC%2BS1Tcrw5zTAS2p0HHcOMatU0b7nRscmFO%2FpMoFku6Vujp3j%2BNsxs0lZ6rOEZSL3VlLLlGUrbuUIOP9WtSh0i6dH1kaB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6be7c463-EWR
expires: Thu, 16 Nov 2023 00:28:09 GMT

GET
H2 200 Promotion.webp
icon.asets.click/ 74 KB
74 KB 111ms
11ms Image
image/webp 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icon.asets.click/Promotion.webp
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3761dca32c52a1db006c74176d91441f68e50f1c84c95ff10ae0812889246c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21590
alt-svc: h3=":443"; ma=86400
content-length: 75728
last-modified: Mon, 02 Oct 2023 12:55:36 GMT
server: cloudflare
etag: "127d0-651abdc8-c18df;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orhsZjCHcJdTT4LDjK%2FZw7dcmehIXYANQQ2Br88qv8eJi%2BNfDC%2FTzjt1Qkbys0SKrpRoo2i%2BdhKgrDzDF5R7CxdMIfcvhlAFvlvHHUbDnBIQt8Wjlia2PHetybERamQY1k3mB%2FePFUbCWE0bRnFL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6beac463-EWR
expires: Fri, 08 Dec 2023 03:30:34 GMT

GET
H2 200 Live-Chat.png
icon.asets.click/ 5 KB
5 KB 118ms
18ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icon.asets.click/Live-Chat.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1aa3da4eaa1af67468ae42e496f28d882728a4d54df125d5ad32aa14b37997b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21589
alt-svc: h3=":443"; ma=86400
content-length: 5054
last-modified: Mon, 02 Oct 2023 14:04:37 GMT
server: cloudflare
etag: "13be-651acdf5-c18ef;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Su%2FpbYYmWyQmJK9kFeqBP7u2nU986KT%2FSFS%2BjUpMQkBuS%2FP7WYqeGSM65MsrlMBqXqRbCHWaQ%2B%2BLVQCLm2oQYaF9%2B3nLLOLnH5wlGJnaXsHt6E0%2BBMGJ7rNPYnGrrqJX6smkjoEfAMTAjY6GID3P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6bebc463-EWR
expires: Wed, 03 Jan 2024 01:29:02 GMT

GET
H2 200 nexus-footer-logo.png
icon.asets.click/ 5 KB
5 KB 119ms
20ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icon.asets.click/nexus-footer-logo.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bcad12b677e0adc0194ea1f51dad8e65ae382eb8a91804cf832a2f88edd905

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21589
alt-svc: h3=":443"; ma=86400
content-length: 5039
last-modified: Mon, 02 Oct 2023 16:54:02 GMT
server: cloudflare
etag: "13af-651af5aa-c190b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKMBeI1Q8fbtJ3IjCPPSZuNMgJjbqnKgVTb27uk9elos7DCctghQqYbyAGQlIt6MTJvUh6TFmOR3OmAoUA0r0AhF1l9ptqnEAuIL733zgJQmsYydK8lUHEnvxXAheOQOizPGCIwwY%2BrqAFCWqAwq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6becc463-EWR
expires: Thu, 14 Dec 2023 01:38:58 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 40ms
13ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refhlt.kosongsatu.click/
Origin: https://refhlt.kosongsatu.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 18:05:41 GMT
age: 50552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Dec 2024 18:05:41 GMT

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 20ms
15ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refhlt.kosongsatu.click/
Origin: https://refhlt.kosongsatu.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 18:05:37 GMT
age: 50556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Dec 2024 18:05:37 GMT

GET
H2 200 halobet-situs-slot-terlengkap.png
hlt.asets.click/banner/ 249 KB
249 KB 1276ms
1228ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hlt.asets.click/banner/halobet-situs-slot-terlengkap.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdc4751e7eeed4906af9da48491827f8f1d776acc81ade37c1ba1788c8557dd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:14 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 13:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e23a-651ac264-c18e5;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk3V7piE29TJaHYQnJNvomT8mF2Ynec6tByRUKjyx48g5QbPo06%2Bm3Q39Aigqk5pS%2F1nLR3nSKcLvHW%2BZ8GwsBu76%2Bu29Wlx6Zuruu3LGrwyw8poErAICdEw9FGcQCSSfING4W6ty%2Bu%2BdgTv6Tk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6dd20f77-EWR
alt-svc: h3=":443"; ma=86400
content-length: 254522
expires: Thu, 09 Nov 2023 04:10:49 GMT

GET
H2 200 Situs-SLot-Online-Terpercaya.png
hlt.asets.click/banner/ 302 KB
303 KB 554ms
506ms Image
image/png 2606:4700:3033::6815:8c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hlt.asets.click/banner/Situs-SLot-Online-Terpercaya.png
Requested by: Host: refhlt.kosongsatu.click
URL: https://refhlt.kosongsatu.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:8c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e9864b46405568954329dd1a479ee17b0b5595847bbeda118c3ad72d0983ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://refhlt.kosongsatu.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 08:08:14 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 13:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4b94b-651ac09e-c18e3;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M7dYpkPuCG4p2u%2BAEUceZa0ajmesSxnbkMlFYPB6RssXe6ZGbzvZNvOEa9w77Eb8Ag4yn47Vd270VGdsxxn8knb%2FBZ8z4ujKt9fP21rPhmMhwVwnVmDQFk0t8XEkq%2FnYLb%2BiLK6u%2FmzLVDSQTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83d8cb2c6dd10f77-EWR
alt-svc: h3=":443"; ma=86400
content-length: 309579
expires: Thu, 07 Dec 2023 23:43:26 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
hlt.asets.click
icon.asets.click
refhlt.kosongsatu.click
2606:4700:3033::6815:8c6
2606:4700:3035::6815:1c16
2607:f8b0:4020:806::2001
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
2a7b1cd79d5e3ea160a8287c84fa5e4cd4a0af6092a638c519e02c87ebdde784
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3ef90f6bf8fcd368bdeaaf143a23c507c1490d949fe3dfe8eb038edcb6da898e
4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450
44dc3e17e2de0d8d8faea3fa372923664f6858a3f65eef7488ec419a3094b18e
531c367b59836a3e4af45f28df4a9bc9669b3dea4a313a26f1abb5cfa016f40c
71bcad12b677e0adc0194ea1f51dad8e65ae382eb8a91804cf832a2f88edd905
73e9864b46405568954329dd1a479ee17b0b5595847bbeda118c3ad72d0983ff
85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b
94743e85fccd0c6e660fefade6803f884006617e7e275d30aae99a2352e05f41
b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b
c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4
cdc4751e7eeed4906af9da48491827f8f1d776acc81ade37c1ba1788c8557dd7
d4bfe175a79d1a5ac0ffb60e879d653a9a995f6fc372ea7063896806c326b36e
d65f9676c52253f6548bb1fb1040a858bda5f16705f5485488bd4ccf651c7676
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa
f1aa3da4eaa1af67468ae42e496f28d882728a4d54df125d5ad32aa14b37997b
f3761dca32c52a1db006c74176d91441f68e50f1c84c95ff10ae0812889246c3
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

refhlt.kosongsatu.click Open in urlscan Pro 2606:4700:3035::6815:1c16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

841 kBTransfer

1239 kBSize

0 Cookies

3 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Indicators

refhlt.kosongsatu.click Open in urlscan Pro
2606:4700:3035::6815:1c16 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

841 kB
Transfer

1239 kB
Size

0
Cookies

20 HTTP transactions
4 data transactions