Submitted URL: http://freekenneth.com/
Effective URL: https://niwrb-gov.org/
Submission: On November 03 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is niwrb-gov.org.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time niwrb-gov.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 16 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
22 5
Apex Domain
Subdomains
Transfer
15 niwrb-gov.org
niwrb-gov.org
193 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 517
86 KB
1 nomorkiajit.com
nomorkiajit.com — Cisco Umbrella Rank: 244037
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6375
490 KB
1 tamuk-isee.com
tamuk-isee.com
677 B
1 freekenneth.com
freekenneth.com
642 B
22 6
Domain Requested by
15 niwrb-gov.org niwrb-gov.org
5 cdn.ampproject.org niwrb-gov.org
cdn.ampproject.org
1 nomorkiajit.com cdn.ampproject.org
1 static.wixstatic.com niwrb-gov.org
1 tamuk-isee.com 1 redirects
1 freekenneth.com 1 redirects
22 6
Subject Issuer Validity Valid
niwrb-gov.org
WE1
2024-09-18 -
2024-12-17
3 months crt.sh
misc-sni.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.wixstatic.com
R11
2024-09-09 -
2024-12-08
3 months crt.sh
nomorkiajit.com
WE1
2024-10-17 -
2025-01-15
3 months crt.sh

This page contains 2 frames:

Primary Page: https://niwrb-gov.org/
Frame ID: C8A29BEA1EA22A5D1D75F2D6D01C6065
Requests: 22 HTTP requests in this frame

Frame: https://nomorkiajit.com/hksgpsdy
Frame ID: EE2C1B66AAA3B8A912D4074DD94A5DCD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Togel Hongkong Togel Singapore Keluaran HK Pengeluaran SGP Data HK SGP Hari Ini

Page URL History Show full URLs

  1. http://freekenneth.com/ HTTP 307
    https://freekenneth.com/ HTTP 301
    https://tamuk-isee.com/ HTTP 301
    https://niwrb-gov.org/ Page URL

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

768 kB
Transfer

1029 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://freekenneth.com/ HTTP 307
    https://freekenneth.com/ HTTP 301
    https://tamuk-isee.com/ HTTP 301
    https://niwrb-gov.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
niwrb-gov.org/
Redirect Chain
  • http://freekenneth.com/
  • https://freekenneth.com/
  • https://tamuk-isee.com/
  • https://niwrb-gov.org/
84 KB
15 KB
Document
General
Full URL
https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d053f6f66e81a815814809e0444725caf4c47b655951e60c52ac5ccc87297f44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dc831e5ed2b0482-FRA
content-encoding
br
content-type
text/html
date
Sun, 03 Nov 2024 00:19:48 GMT
last-modified
Mon, 29 Jul 2024 10:20:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FtKZKwQqhWstn2G3VZUkvJtkvxHCNGcdieiS4nAkKgFxyfDVMk9XMhctk6XYLNCvlBHp1CL2SfVn2p2GqBi4Yi%2FWeH5Qv%2FOjx6E23YGkGPJi8cG607WRWXgbjUzk8uwCihMACu4lVcNhHJp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33337&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4172&recv_bytes=4424&delivery_rate=455&cwnd=12000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=234&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dc831e43f38d280-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 03 Nov 2024 00:19:48 GMT
location
https://niwrb-gov.org/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbntJmo18bUCzGbw6IuFve0nLSuOqZxMU%2BfCe1ANfyxk1Aw15XF3qe7hHs7OEXcAQKnWzUbZfo5ovqT%2F1YDgq6bpI5%2F%2BQfegF9gwGQLWlegLPhmDfVDa%2Fy0qDGrNF02XvAPB0pD%2BQYxe81v7sw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=38079&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4218&recv_bytes=4473&delivery_rate=487&cwnd=12000&unsent_bytes=0&cid=b646979163b29cf5&ts=302&x=1" cfExtPri cfHdrFlush;dur=0
keluaran-sgp.webp
niwrb-gov.org/img/
31 KB
32 KB
Image
General
Full URL
https://niwrb-gov.org/img/keluaran-sgp.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba026ae5fa9e60911bed391044ae1702e3fb8334e49013d06245210b79b40fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"7d4a-63861d64-37231b;;;"
age
210596
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmWk6TvoRVEjIoBv9McN8xTlZhaKn5zQSPdqyQD4WivDqeqn5m8V1cxX3VNK8Wj9CZMdSD1elXG5uz4XMiS3AtxVQVQ6JNUeB3HgtNE61ChWEB7nNzgw4%2FJYdeS4BjMgFQYowaI0%2FoYQotEE"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 03:35:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33893&sent=26&recv=17&lost=0&retrans=0&sent_bytes=19368&recv_bytes=5022&delivery_rate=138359&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=303&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 14:55:32 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e77dbc0482-FRA
accept-ranges
bytes
content-length
32074
server
cloudflare
v0.mjs
cdn.ampproject.org/
223 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://niwrb-gov.org
Referer
https://niwrb-gov.org/

Response headers

content-encoding
br
etag
"23abcdba7c36547b"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 00:19:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
63634
x-xss-protection
0
server
sffe
amp-iframe-0.1.mjs
cdn.ampproject.org/v0/
20 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3455099e8637ee1149c53004c6272414364dbefc8ef761d7557858f8a30a61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://niwrb-gov.org
Referer
https://niwrb-gov.org/

Response headers

content-encoding
br
etag
"5f2ac68ab3ea6ace"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 00:19:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
7399
x-xss-protection
0
server
sffe
amp-sidebar-0.1.mjs
cdn.ampproject.org/v0/
25 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.mjs
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1670ecf47930487a200edbf898f22955a6c38250ceab7c79a4d2da2679c3b23
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://niwrb-gov.org
Referer
https://niwrb-gov.org/

Response headers

content-encoding
br
etag
"117f24fcfdfffee8"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 00:19:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
8225
x-xss-protection
0
server
sffe
69eebd_19b7d73325124115af8b5e9d8190c23e~mv2.gif
static.wixstatic.com/media/
489 KB
490 KB
Image
General
Full URL
https://static.wixstatic.com/media/69eebd_19b7d73325124115af8b5e9d8190c23e~mv2.gif
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7800:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.25.3.2 /
Resource Hash
f466739bdbd82564a71a525db423d970caeccf7d90da1e5582375457559369e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
etag
"b101dcc528b9752f1a0725b4df328f08"
age
4060363
expires
Tue, 17 Sep 2024 01:27:06 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NczH2lN847GzH50KhbF9FRImOQRWLkmAy6GUNpPC99ZRSi8aIXWvHw==
date
Tue, 17 Sep 2024 00:27:06 GMT
content-type
image/gif
last-modified
Fri, 02 Dec 2022 04:45:53 GMT
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
via
1.1 google, 1.1 355f72364b4c8f8829ae95f886a03f56.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-seen-by
gcp.us-central-1.media-router-56f88799f9-dkmnh
content-length
500341
x-amz-cf-pop
MUC50-P1
server
openresty/1.25.3.2
truncated
/
198 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
nenektogel4d-togel.webp
niwrb-gov.org/img/
10 KB
11 KB
Image
General
Full URL
https://niwrb-gov.org/img/nenektogel4d-togel.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403f0a0bb11fdf7c7276f962c7a2d58c943d60b88b3c9c5773894077a733a90f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"276e-6386313b-372323;;;"
age
41120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kdd9ObMKH9UyJufacPNHhf1bX4UhneVYPa00Ojj4v%2Fl8vEw2EwMb9So6GQ4nBDLim3Qk5LqCC5ZUBc2wjY7vCB9AwvQWcHwgy73pSb3zzT9PCzfO2FXm0nZ3Ta8SHzA6cef9azIcCpO1Fmjl"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 16:52:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33767&sent=45&recv=23&lost=0&retrans=0&sent_bytes=40968&recv_bytes=7104&delivery_rate=160612&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=324&x=1", cfHdrFlush;dur=10
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 16:20:11 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e7adc80482-FRA
accept-ranges
bytes
content-length
10094
server
cloudflare
nenektogel4d-slot.webp
niwrb-gov.org/img/
12 KB
13 KB
Image
General
Full URL
https://niwrb-gov.org/img/nenektogel4d-slot.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a4dcf87571c6db5a4c5e201d75f5167d1f503e9a0ef868a81167a2b914f6f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"30de-6386313d-372326;;;"
age
41119
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byEdQjawuMLy0uZuPj4XHqGb%2Bhj9dRF7H35SDuV4Yj5vb3BESHerkduCIGqW1XWSFkeHEv4yBEfWgYZSfiYHBs3G8HSSuaolfPEf6bVa3PCqDSUsVk34nXfumm9kZepEve7j5PzDzAcPRhL6"}],"group":"cf-nel","max_age":604800}
expires
Sun, 03 Nov 2024 15:12:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33767&sent=45&recv=23&lost=0&retrans=0&sent_bytes=40968&recv_bytes=7104&delivery_rate=160612&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=326&x=1", cfHdrFlush;dur=8
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 16:20:13 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e7adc90482-FRA
accept-ranges
bytes
content-length
12510
server
cloudflare
nenektogel4d-liveball.webp
niwrb-gov.org/img/
10 KB
10 KB
Image
General
Full URL
https://niwrb-gov.org/img/nenektogel4d-liveball.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba77e3e286bbe8bcc9d42e00073267c65b342dcda23e0c64d941ccade3cd3f6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"271a-6386313c-372324;;;"
age
41120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0wRw5opryEHuHHN5owpW5IQrK6uhG0YGd1c0Z6XYmzFLl98DvmJyn%2BZRDwyfvxsuk9SFDyQ2CBUO2tXTr%2Fek6CgKshMx%2BQLlphX4YdBJWThXsdsKCdjbEiZ2tIGYXmUBciQ27waISoJTQL1h"}],"group":"cf-nel","max_age":604800}
expires
Sun, 03 Nov 2024 15:19:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33767&sent=45&recv=23&lost=0&retrans=0&sent_bytes=40968&recv_bytes=7104&delivery_rate=160612&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=325&x=1", cfHdrFlush;dur=9
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 16:20:12 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e7adca0482-FRA
accept-ranges
bytes
content-length
10010
server
cloudflare
nenektogel4d-casino.webp
niwrb-gov.org/img/
13 KB
14 KB
Image
General
Full URL
https://niwrb-gov.org/img/nenektogel4d-casino.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5d4c7789ff745e1cfea1738cadecddf792ab7060569736c0c1444bfd435376

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"351c-6386313c-37232d;;;"
age
152432
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MV%2BLwhAV7ulzoptmA1oztCJ0IpoP7nbuDqKNCQb1ns53bF0Rtrs3TtZX9wENiXNG13bDJqEF6q3GSmyt7I542WS7fJVIggE4Kf%2FavOtr5jAl5024ps4GUX%2FKbJEvkemYU8sMJNonP4fKDoVT"}],"group":"cf-nel","max_age":604800}
expires
Wed, 06 Nov 2024 15:14:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33767&sent=45&recv=23&lost=0&retrans=0&sent_bytes=40968&recv_bytes=7104&delivery_rate=160612&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=325&x=1", cfHdrFlush;dur=9
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 16:20:12 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e7adcb0482-FRA
accept-ranges
bytes
content-length
13596
server
cloudflare
nenektogel4d-sports.webp
niwrb-gov.org/img/
12 KB
12 KB
Image
General
Full URL
https://niwrb-gov.org/img/nenektogel4d-sports.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc07403a9b2fe962a3af94908d82039443513fd0740f2161fbbfd39bcaa6ecad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"2e18-6386313c-372327;;;"
age
41119
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0cxPHpGsAwrieSnr6gbDqIdDHt1RmrLelAjB17me6zaobx40KUUHowc%2BmGSHTS8NwXXEA8JdfOn1WWqDI1pl3Io%2BlX80P2pfFYwaeJxIM13Y%2Fmqpr1PwqiH7uY5GPhAY7I2DaPe0NGdBEJQ"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 12:46:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33767&sent=45&recv=23&lost=0&retrans=0&sent_bytes=40968&recv_bytes=7104&delivery_rate=160612&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=326&x=1", cfHdrFlush;dur=8
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 16:20:12 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e7adcc0482-FRA
accept-ranges
bytes
content-length
11800
server
cloudflare
nenektogel4d-pokerv.webp
niwrb-gov.org/img/
9 KB
10 KB
Image
General
Full URL
https://niwrb-gov.org/img/nenektogel4d-pokerv.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648c0ff9c33caae39be4c667ee05fcee759f4dbd461e4df6a14f463f8bd56dd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"25b2-63861f5d-37232a;;;"
age
41120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTy%2B1qYSC8lH7PQ1K4z6pl7%2Bpm0bX9S8KfngJk55ES2QYeIx9k%2BN2NbnZZp7HFWSMLqduyaiGSLlKPrDfEeTqkPV2E8TQgBNA8Q9nujN%2FZ6p1nVrBM9IyxTX978SSPR176OhZBCujEq5xmei"}],"group":"cf-nel","max_age":604800}
expires
Wed, 06 Nov 2024 15:14:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33767&sent=45&recv=23&lost=0&retrans=0&sent_bytes=40968&recv_bytes=7104&delivery_rate=160612&cwnd=21600&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=327&x=1", cfHdrFlush;dur=7
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 15:03:57 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e7adcd0482-FRA
accept-ranges
bytes
content-length
9650
server
cloudflare
logo.webp
niwrb-gov.org/img/
6 KB
7 KB
Image
General
Full URL
https://niwrb-gov.org/img/logo.webp
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f8601ae85c83500b1c27df232672c0b89ab66033920a9e931963eaa8a382e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"1752-63861d21-372317;;;"
age
91205
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mdhvSbfaVR9XWm4VQFp2%2BddJZ%2F2TGUZeazoctbHUjAmbCybvdFwoeWMUuhdI5Eg72sbebwq9tXyP0QoIU6VmzE%2BTDlKu%2F1bWivSEXf6cLwqgPTd51cdmQhCIN9y7fJP3UtVRhbB85cr8Jeo"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 16:52:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34927&sent=128&recv=72&lost=0&retrans=0&sent_bytes=126445&recv_bytes=11016&delivery_rate=1389044&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=564&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 14:54:25 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e92e6f0482-FRA
accept-ranges
bytes
content-length
5970
server
cloudflare
speaker.png
niwrb-gov.org/img/
554 B
1 KB
Image
General
Full URL
https://niwrb-gov.org/img/speaker.png
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3053c61f8abc23222de0576c198fcc2d10eddad66372f2ad63a6d233affaf0f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"22a-638ce582-37231e;;;"
age
41120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0WpeErhOqoAvJdifcCOFIdvsotZGfLKnaOk9XHq1dID8GW4Ii6ZeyBJ1U%2FJdKgNdoBBjxvDT77CTk2XajL6LDllGs5iKl3ShUMS%2FpMwyNlwBBOS0ybaiOvFpapW0YPXM%2FNW1qA5wKjFYBxU"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 12:52:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34927&sent=139&recv=72&lost=0&retrans=0&sent_bytes=138096&recv_bytes=11016&delivery_rate=1389044&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=565&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/png
last-modified
Sun, 04 Dec 2022 18:22:58 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e92e700482-FRA
accept-ranges
bytes
content-length
554
server
cloudflare
Whatsapp.png
niwrb-gov.org/img/
4 KB
5 KB
Image
General
Full URL
https://niwrb-gov.org/img/Whatsapp.png
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78524ac58adc90022782506cc83eb347102ea6ce544b15893311cf2332270a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"fd3-63861dc3-372328;;;"
age
41119
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogYJQlVvsvw%2BKkSKyNmbA3vwZD0SF7Tq7tHe%2FoFr4ABStv9y%2B0CIHjwCytt6XicPMvxGPC14fEKYwgQX%2BK8mllehd64yATsHH2LCOUO7YEAvJ9Kbh7QH7CfTOh1YKzXj8ykgaRoDTBfmfbk5"}],"group":"cf-nel","max_age":604800}
expires
Wed, 18 Sep 2024 12:09:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34927&sent=134&recv=72&lost=0&retrans=0&sent_bytes=133246&recv_bytes=11016&delivery_rate=1389044&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=565&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/png
last-modified
Tue, 29 Nov 2022 14:57:07 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e92e720482-FRA
accept-ranges
bytes
content-length
4051
server
cloudflare
home.png
niwrb-gov.org/img/
1 KB
2 KB
Image
General
Full URL
https://niwrb-gov.org/img/home.png
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39ba7aa5622d872b20817a3588c067080ef054ffe57cdd15ee930939e597dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"592-63861dc3-372316;;;"
age
209540
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7myxEYqtS%2B%2BuJGXr7NLU27hfykERb0mDpBd1v0whSOZULkhOAu5cOc8nRKmrwaz1jcTsqwQtATvdO8oHpW8ccEbdXwvI16CbxfyvMKOrvh5tsb208PBJ2pn5YKNaW0IiylmQSP3TOI%2BgGVbV"}],"group":"cf-nel","max_age":604800}
expires
Sun, 03 Nov 2024 11:32:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34927&sent=141&recv=72&lost=0&retrans=0&sent_bytes=139374&recv_bytes=11016&delivery_rate=1389044&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=565&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/png
last-modified
Tue, 29 Nov 2022 14:57:07 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e92e730482-FRA
accept-ranges
bytes
content-length
1426
server
cloudflare
daftar.png
niwrb-gov.org/img/
2 KB
2 KB
Image
General
Full URL
https://niwrb-gov.org/img/daftar.png
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e025be8c8518ba517a8f6a182c2982d5179db6028e164db712774d28fcbc382

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"71c-63861dc2-372318;;;"
age
41120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPHiz4W8tZEAuY4rdZiHY0HQskxfW5MzBcWPCwEuERXEscVROS%2FbGzn2QK99qlukMA77Y5CfNdqx8oDVVxnZgrZaJNZY6fNJf4MZ%2FGr0Yai7H9ZqosPfp%2BhYwnExr2cqGs%2F0LWmJQR1wdjLY"}],"group":"cf-nel","max_age":604800}
expires
Sat, 09 Nov 2024 06:23:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34927&sent=143&recv=72&lost=0&retrans=0&sent_bytes=141525&recv_bytes=11016&delivery_rate=1389044&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=566&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/png
last-modified
Tue, 29 Nov 2022 14:57:06 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e92e740482-FRA
accept-ranges
bytes
content-length
1820
server
cloudflare
livechat.png
niwrb-gov.org/img/
2 KB
3 KB
Image
General
Full URL
https://niwrb-gov.org/img/livechat.png
Requested by
Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d6c25001339928aab7edf27944bc377727ae4454dfad46f9d01314f76383aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"7a8-63861dc3-372320;;;"
age
41120
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FFDeyGwpQpS02x2U8BBsnV8yq%2B3Cjg56%2FUA4Rwj0nsXtooFjiOy5O2L%2FiiGQUIspB0EVcImEZvgJQ2Sx7VTx9jSsZEd5y%2B08uBRwrAkpftz2KWKSW9mvseLKNxKWaUD7EWwiKJ1%2BZLFkkgW"}],"group":"cf-nel","max_age":604800}
expires
Thu, 07 Nov 2024 15:13:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34927&sent=146&recv=72&lost=0&retrans=0&sent_bytes=144095&recv_bytes=11016&delivery_rate=1389044&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=566&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/png
last-modified
Tue, 29 Nov 2022 14:57:07 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831e92e750482-FRA
accept-ranges
bytes
content-length
1960
server
cloudflare
amp-auto-lightbox-0.1.mjs
cdn.ampproject.org/rtv/012410161801000/v0/
7 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-auto-lightbox-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://niwrb-gov.org
Referer
https://niwrb-gov.org/

Response headers

content-encoding
br
etag
"b8502452bfebf99a"
age
137049
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 10:15:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 10:15:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2819
x-xss-protection
0
server
sffe
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012410161801000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df6f1dfd2d6a4c4f29fc8e1f954c3b451177703cb8518b03b0993acaeded5230
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://niwrb-gov.org
Referer
https://niwrb-gov.org/

Response headers

content-encoding
br
etag
"31d5abb8ef0b3a4f"
age
290733
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:34:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:34:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3917
x-xss-protection
0
server
sffe
hksgpsdy
nomorkiajit.com/ Frame EE2C
0
0
Document
General
Full URL
https://nomorkiajit.com/hksgpsdy
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://niwrb-gov.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=14400
cf-cache-status
EXPIRED
cf-ray
8dc831e9ae7802aa-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 03 Nov 2024 00:19:49 GMT
last-modified
Sun, 03 Nov 2024 00:19:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDLBpWbL0AmZh06RaSkH4dDDFxQ5OjrhQ6hcYJox22v41Ta%2FR3q9rJPrHg2Riv%2F6hxqNLfkaAGUhr97cz5HyDZ4njp0zltVVnAPSTADBc0eqRbiLM16myGW8B3KO7Ddjfxp9ejDW99asCxoIpTg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46196&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4179&recv_bytes=4442&delivery_rate=395&cwnd=12000&unsent_bytes=0&cid=f84f2f4e54b07c13&ts=422&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
fav.webp
niwrb-gov.org/img/
56 KB
57 KB
Other
General
Full URL
https://niwrb-gov.org/img/fav.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13654ed0b8639c00b7898a575d5b1b29ef5f5f6e07c36620c60e01a33bb70d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://niwrb-gov.org/

Response headers

cf-cache-status
HIT
etag
"e198-63861d9e-372319;;;"
age
374871
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQxLOEKXNxXOCY55oAZMPRUbixGoTKqRLhhszk1sc%2Fno0kbD7dlrMVxOzPMShjd4aHssmjN8Yr86E5%2BrXRw0nt8wrhF7HMIdhtc3aOwu1KJ87BoTjcEigKFV6CYnb3bbtlJFlqAzL15q41vT"}],"group":"cf-nel","max_age":604800}
expires
Thu, 30 May 2024 14:12:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35743&sent=150&recv=76&lost=0&retrans=0&sent_bytes=146832&recv_bytes=11493&delivery_rate=522437&cwnd=72000&unsent_bytes=0&cid=15ee7edd739d0e6c&ts=1245&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 00:19:49 GMT
content-type
image/webp
last-modified
Tue, 29 Nov 2022 14:56:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dc831ed68270482-FRA
accept-ranges
bytes
content-length
57752
server
cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_MODE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| listeningFors

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
freekenneth.com
niwrb-gov.org
nomorkiajit.com
static.wixstatic.com
tamuk-isee.com
2600:9000:225b:7800:1e:5c56:d400:93a1
2606:4700:3031::ac43:8a7b
2606:4700:3034::6815:25c8
2a00:1450:4001:827::2001
2a06:98c1:3120::3
3053c61f8abc23222de0576c198fcc2d10eddad66372f2ad63a6d233affaf0f1
403f0a0bb11fdf7c7276f962c7a2d58c943d60b88b3c9c5773894077a733a90f
4e5d4c7789ff745e1cfea1738cadecddf792ab7060569736c0c1444bfd435376
5e025be8c8518ba517a8f6a182c2982d5179db6028e164db712774d28fcbc382
6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51
63d6c25001339928aab7edf27944bc377727ae4454dfad46f9d01314f76383aa
648c0ff9c33caae39be4c667ee05fcee759f4dbd461e4df6a14f463f8bd56dd5
67a4dcf87571c6db5a4c5e201d75f5167d1f503e9a0ef868a81167a2b914f6f5
90f8601ae85c83500b1c27df232672c0b89ab66033920a9e931963eaa8a382e4
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a39ba7aa5622d872b20817a3588c067080ef054ffe57cdd15ee930939e597dfb
ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9
ba77e3e286bbe8bcc9d42e00073267c65b342dcda23e0c64d941ccade3cd3f6c
be3455099e8637ee1149c53004c6272414364dbefc8ef761d7557858f8a30a61
c13654ed0b8639c00b7898a575d5b1b29ef5f5f6e07c36620c60e01a33bb70d6
c78524ac58adc90022782506cc83eb347102ea6ce544b15893311cf2332270a2
d053f6f66e81a815814809e0444725caf4c47b655951e60c52ac5ccc87297f44
d1670ecf47930487a200edbf898f22955a6c38250ceab7c79a4d2da2679c3b23
dba026ae5fa9e60911bed391044ae1702e3fb8334e49013d06245210b79b40fa
dc07403a9b2fe962a3af94908d82039443513fd0740f2161fbbfd39bcaa6ecad
df6f1dfd2d6a4c4f29fc8e1f954c3b451177703cb8518b03b0993acaeded5230
f466739bdbd82564a71a525db423d970caeccf7d90da1e5582375457559369e7