usanaco.com Open in urlscan Pro
134.122.102.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login-dewaslot99.com/
Effective URL:
https://usanaco.com/
Submission: On October 26 via automatic, source certstream-suspicious (October 26th 2024, 3:01:50 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 134.122.102.157, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is usanaco.com.
TLS certificate: Issued by R11 on October 26th 2024. Valid for: 3 months.

This is the only time usanaco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:56a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	134.122.102.157 134.122.102.157	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	146.190.102.232 146.190.102.232	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	152.42.174.158 152.42.174.158	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
15	5

1 2606:4700:3036::6815:56a5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login-dewaslot99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.122.102.157 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: riverganga.org

usanaco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proseswede.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.190.102.232 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: jalurdewa.top

opsidewa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.42.174.158 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: aktualisasiconsulting.id

amp.aktualisasiconsulting.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	128 KB
3	aktualisasiconsulting.id amp.aktualisasiconsulting.id	691 KB
3	opsidewa.top opsidewa.top	11 KB
2	proseswede.top proseswede.top	317 KB
1	usanaco.com usanaco.com	7 KB
1	login-dewaslot99.com 1 redirects login-dewaslot99.com	706 B
15	6

	Domain	Requested by
6	cdn.ampproject.org	usanaco.com cdn.ampproject.org
3	amp.aktualisasiconsulting.id	usanaco.com
3	opsidewa.top	usanaco.com
2	proseswede.top	usanaco.com
1	usanaco.com
1	login-dewaslot99.com	1 redirects
15	6

This site contains links to these domains. Also see Links.

Domain
liga.win
linkasli.vip
okegas.win

Subject Issuer	Validity	Valid
usanaco.com R11	`2024-10-26` - `2025-01-24`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
opsidewa.top E6	`2024-08-06` - `2024-11-04`	3 months	crt.sh
proseswede.top R11	`2024-10-24` - `2025-01-22`	3 months	crt.sh
amp.aktualisasiconsulting.id R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://usanaco.com/
Frame ID: D17FFF52855385E38CF37FAAC3FC6798
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DEWASLOT99 | Promo 100%, 50% dan 25% Khusus New Member

Page URL History Show full URLs

https://login-dewaslot99.com/ HTTP 301
https://usanaco.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Page Statistics

15
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

1153 kB
Transfer

1529 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://liga.win/dewaslot99

Search URL Search Domain Scan URL

URL: https://linkasli.vip/dewaslot99
Title: LOGIN SLOT

Search URL Search Domain Scan URL

URL: https://liga.win/rtpdewaslot99
Title: RTP slot

Search URL Search Domain Scan URL

URL: https://okegas.win/servergacordewaslot99
Title: Server

Search URL Search Domain Scan URL

URL: https://liga.win/dewaslot99/register
Title: Daftar

Search URL Search Domain Scan URL

URL: https://liga.win/livechatdewaslot99
Title: Livechat

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login-dewaslot99.com/ HTTP 301
https://usanaco.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
usanaco.com/
Redirect Chain

https://login-dewaslot99.com/
https://usanaco.com/

47 KB
7 KB

181ms
35ms

Document
text/html

134.122.102.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://usanaco.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.122.102.157 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

riverganga.org

Software

nginx /

Resource Hash

10b275afd31cd4c46beb6bf3addb7babca49bb30b115f14ebb52a99dfabd09c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sat, 26 Oct 2024 03:01:42 GMT
etag: W/"671c53f0-bcac"
last-modified: Sat, 26 Oct 2024 02:29:04 GMT
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8d873406d9bbc7ec-DUS
content-length: 167
content-type: text/html
date: Sat, 26 Oct 2024 03:01:41 GMT
expires: Sat, 26 Oct 2024 04:01:41 GMT
location: https://usanaco.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xEV97NguTBl4JI0dD7iMhaE4Sc%2Frxw4AdoAp584CMJRnYKjuWI4%2FTnLiZPxQoDkcIeWzwldOd4sAVzKk608FnIBzi9Xl%2FFlQ8r9a1p%2BDSATRdSjlzssXKvR5jqXxW2oTsgSInXbhTxNBnOJR7NfWyUdqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=28665&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4345&delivery_rate=103337&cwnd=12000&unsent_bytes=0&cid=18184a376f18f172&ts=327&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 235ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: usanaco.com
URL: https://usanaco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b77daf37fab941ef88997626cfae15fefe296ab10e9d749cf72d5d20dbc844fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: "e817d4662ea197ba"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 03:01:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 03:01:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73137
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 239ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: usanaco.com
URL: https://usanaco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

957bda233fe497e31c615015b07baf5c8b2bba1119791526f09e25f13e1b335f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: "6c2cb0a426715773"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 03:01:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 03:01:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 32191
x-xss-protection: 0
server: sffe

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 259ms
71ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: usanaco.com
URL: https://usanaco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cb81428af1c540b8ffb217f24d70049532fad0299c0a4b9d48bbf1e8869db3d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: "035f1180599c1495"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 03:01:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 03:01:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2469
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 260ms
73ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: usanaco.com
URL: https://usanaco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c9d0316c81fec29bb46d935e2c685acc13690de83147e8d6465c6e80f0834e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: "a51447c2be02b0f6"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 03:01:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 03:01:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 11508
x-xss-protection: 0
server: sffe

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 250ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: usanaco.com
URL: https://usanaco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

144cb2fb856a367b83d909f18f70bfcee7114f7b68803b3d9bc0a65eaa878a71

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: "1b390713ecebd562"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 03:01:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 03:01:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5834
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logodewaslot99.webp
opsidewa.top/images/logo/ 7 KB
7 KB 873ms
193ms Image
image/webp 146.190.102.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opsidewa.top/images/logo/logodewaslot99.webp
Requested by: Host: usanaco.com
URL: https://usanaco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.190.102.232 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jalurdewa.top
Software: LiteSpeed /
Resource Hash: c74a3d26a044306c372e1d90be49df6bc02011f1102d3bfe12d1b519bcfcd052

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=604800
etag: "1c98-6540c424-c6170;;;"
expires: Sat, 02 Nov 2024 03:01:43 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7320
date: Sat, 26 Oct 2024 03:01:43 GMT
last-modified: Tue, 31 Oct 2023 09:08:52 GMT
content-type: image/webp
server: LiteSpeed

GET
H2 200 dws99-3.webp
proseswede.top/img/ 62 KB
62 KB 666ms
37ms Image
image/webp 134.122.102.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proseswede.top/img/dws99-3.webp
Requested by: Host: usanaco.com
URL: https://usanaco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.102.157 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: riverganga.org
Software: nginx /
Resource Hash: 852bda91862dfb61cb523127e0e65f11d28328e0bea885038b0749f0c3bec41c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=315360000
etag: "668368cc-f80a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 63498
date: Sat, 26 Oct 2024 03:01:43 GMT
content-type: image/webp
last-modified: Tue, 02 Jul 2024 02:41:16 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 ace.png
amp.aktualisasiconsulting.id/images/ 197 KB
198 KB 998ms
369ms Image
image/png 152.42.174.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amp.aktualisasiconsulting.id/images/ace.png
Requested by: Host: usanaco.com
URL: https://usanaco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.42.174.158 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: aktualisasiconsulting.id
Software: nginx /
Resource Hash: 3cd2c87d520700a17f6256267bc5cb63f0eb31688b74c65a4e019070566b0c9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6660177d-3147e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 03:01:43 GMT
content-type: image/png
last-modified: Wed, 05 Jun 2024 07:45:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 regis.png
amp.aktualisasiconsulting.id/images/ 191 KB
190 KB 1182ms
554ms Image
image/png 152.42.174.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amp.aktualisasiconsulting.id/images/regis.png
Requested by: Host: usanaco.com
URL: https://usanaco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.42.174.158 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: aktualisasiconsulting.id
Software: nginx /
Resource Hash: dc4342accbd1e21c022629992d7f980b50dbb46e8dedd0a665c06599e3ed01f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6660177d-2fa1a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 03:01:43 GMT
content-type: image/png
last-modified: Wed, 05 Jun 2024 07:45:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lc.png
amp.aktualisasiconsulting.id/images/ 302 KB
303 KB 1182ms
554ms Image
image/png 152.42.174.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amp.aktualisasiconsulting.id/images/lc.png
Requested by: Host: usanaco.com
URL: https://usanaco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.42.174.158 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: aktualisasiconsulting.id
Software: nginx /
Resource Hash: aa5cfe1ebbfc4bfb0274e19f6f0a06d6b727569daf68a853557ece172b8dbb4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"6660177d-4b8c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 03:01:43 GMT
content-type: image/png
last-modified: Wed, 05 Jun 2024 07:45:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 purss.png
proseswede.top/img/ 255 KB
255 KB 739ms
111ms Image
image/png 134.122.102.157
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proseswede.top/img/purss.png
Requested by: Host: usanaco.com
URL: https://usanaco.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.102.157 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: riverganga.org
Software: nginx /
Resource Hash: c33466579239808f6209cb150903248669bf230953a359a107e544cb05c5229d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=315360000
content-encoding: br
etag: W/"66712d18-3fa44"
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 03:01:43 GMT
content-type: image/png
last-modified: Tue, 18 Jun 2024 06:45:44 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012410081535000/v0/ 12 KB
4 KB 67ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410081535000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c66d924b749aa56a0f88866c51723b185df8cf2f65a1f703a7504fa0db32c84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://usanaco.com
Referer

Response headers

content-encoding: br
etag: "bdc0497b6c018b18"
age: 292443
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 17:47:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 17:47:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3941
x-xss-protection: 0
server: sffe

GET
H2 200 dewaslot99logo.webp
opsidewa.top/images/logo/ 3 KB
3 KB 202ms
201ms Other
image/webp 146.190.102.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://opsidewa.top/images/logo/dewaslot99logo.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.190.102.232 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jalurdewa.top
Software: LiteSpeed /
Resource Hash: 37b0fd49c462ea45a7b27018edd0bae901c4f398516c7f688d5158efde3b7eab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=604800
etag: "c66-6540c3f6-c616f;;;"
expires: Sat, 02 Nov 2024 03:01:44 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3174
date: Sat, 26 Oct 2024 03:01:44 GMT
last-modified: Tue, 31 Oct 2023 09:08:06 GMT
content-type: image/webp
server: LiteSpeed

GET
H2 200 dewaslot99logo.webp
opsidewa.top/images/logo/ 3 KB
0 1ms
1ms Other
image/webp 146.190.102.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://opsidewa.top/images/logo/dewaslot99logo.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.190.102.232 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jalurdewa.top
Software: LiteSpeed /
Resource Hash: 37b0fd49c462ea45a7b27018edd0bae901c4f398516c7f688d5158efde3b7eab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=604800
etag: "c66-6540c3f6-c616f;;;"
expires: Sat, 02 Nov 2024 03:01:44 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3174
date: Sat, 26 Oct 2024 03:01:44 GMT
last-modified: Tue, 31 Oct 2023 09:08:06 GMT
content-type: image/webp
server: LiteSpeed

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.aktualisasiconsulting.id
cdn.ampproject.org
login-dewaslot99.com
opsidewa.top
proseswede.top
usanaco.com
134.122.102.157
146.190.102.232
152.42.174.158
2606:4700:3036::6815:56a5
2a00:1450:4001:831::2001
08c9d0316c81fec29bb46d935e2c685acc13690de83147e8d6465c6e80f0834e
10b275afd31cd4c46beb6bf3addb7babca49bb30b115f14ebb52a99dfabd09c8
144cb2fb856a367b83d909f18f70bfcee7114f7b68803b3d9bc0a65eaa878a71
37b0fd49c462ea45a7b27018edd0bae901c4f398516c7f688d5158efde3b7eab
3c66d924b749aa56a0f88866c51723b185df8cf2f65a1f703a7504fa0db32c84
3cb81428af1c540b8ffb217f24d70049532fad0299c0a4b9d48bbf1e8869db3d
3cd2c87d520700a17f6256267bc5cb63f0eb31688b74c65a4e019070566b0c9f
852bda91862dfb61cb523127e0e65f11d28328e0bea885038b0749f0c3bec41c
957bda233fe497e31c615015b07baf5c8b2bba1119791526f09e25f13e1b335f
aa5cfe1ebbfc4bfb0274e19f6f0a06d6b727569daf68a853557ece172b8dbb4d
b77daf37fab941ef88997626cfae15fefe296ab10e9d749cf72d5d20dbc844fc
c33466579239808f6209cb150903248669bf230953a359a107e544cb05c5229d
c74a3d26a044306c372e1d90be49df6bc02011f1102d3bfe12d1b519bcfcd052
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
dc4342accbd1e21c022629992d7f980b50dbb46e8dedd0a665c06599e3ed01f7
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

usanaco.com Open in urlscan Pro 134.122.102.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

40 %IPv6

6 Domains

6 Subdomains

5 IPs

4 Countries

1153 kBTransfer

1529 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

usanaco.com Open in urlscan Pro
134.122.102.157 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

1153 kB
Transfer

1529 kB
Size

0
Cookies

15 HTTP transactions
2 data transactions