cekermercon.xyz Open in urlscan Pro
188.114.96.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pungkit.desa.id/.well-known/acme-challenge/?x=138saga
Effective URL:
https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga
Submission Tags: @phish_report
Submission: On August 13 via api (August 13th 2024, 3:39:31 pm UTC) from FI — Scanned from FI

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 9 HTTP transactions. The main IP is 188.114.96.7, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cekermercon.xyz.
TLS certificate: Issued by E5 on August 12th 2024. Valid for: 3 months.

This is the only time cekermercon.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.229.73.112 103.229.73.112	136170 (EXBCOID-A...) (EXBCOID-AS-AP PT. EXABYTES NETWORK INDONESIA)
1	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1	216.58.206.74 216.58.206.74	15169 (GOOGLE) (GOOGLE)
1	162.19.58.158 162.19.58.158	16276 (OVH) (OVH)
1	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1	149.154.164.13 149.154.164.13	62041 (TELEGRAM) (TELEGRAM)
1	172.67.198.249 172.67.198.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	8

1 103.229.73.112 (Indonesia) 1 redirects

ASN136170 (EXBCOID-AS-AP PT. EXABYTES NETWORK INDONESIA, ID)
PTR: limas.maintenis.com

pungkit.desa.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.7 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cekermercon.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.158 (France)

ASN16276 (OVH, FR)
PTR: ns3096590.ip-162-19-58.eu

i.ibb.co.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.154.164.13 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

telegra.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.198.249 (United States)

ASN13335 (CLOUDFLARENET, US)

gcdnb.pbrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	8 KB
1	pbrd.co gcdnb.pbrd.co — Cisco Umbrella Rank: 313252	37 KB
1	telegra.ph telegra.ph — Cisco Umbrella Rank: 47294	145 KB
1	gstatic.com fonts.gstatic.com	24 KB
1	co.com i.ibb.co.com — Cisco Umbrella Rank: 38506	92 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	725 B
1	cekermercon.xyz cekermercon.xyz	3 KB
1	pungkit.desa.id 1 redirects pungkit.desa.id	478 B
9	8

	Domain	Requested by
3	cdn.ampproject.org	cdn.ampproject.org
1	gcdnb.pbrd.co
1	telegra.ph	cekermercon.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	i.ibb.co.com	cekermercon.xyz
1	fonts.googleapis.com	cekermercon.xyz
1	cekermercon.xyz
1	pungkit.desa.id	1 redirects
9	8

This site contains links to these domains. Also see Links.

Domain
ijinpuh.fun

Subject Issuer	Validity	Valid
cekermercon.xyz E5	`2024-08-12` - `2024-11-10`	3 months	crt.sh
misc-sni.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ibb.co R10	`2024-06-21` - `2024-09-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.telegra.ph Go Daddy Secure Certificate Authority - G2	`2023-09-05` - `2024-10-06`	a year	crt.sh
pbrd.co WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga
Frame ID: 438CF814CBACB9D598F5379130252E5E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Slot88 : Agen Resmi Slot Gacor Terbaik Dengan Bet 200

Page URL History Show full URLs

https://pungkit.desa.id/.well-known/acme-challenge/?x=138saga HTTP 301
https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

310 kB
Transfer

610 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ijinpuh.fun/manisdikit
Title: DAFTAR SLOT GACOR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pungkit.desa.id/.well-known/acme-challenge/?x=138saga HTTP 301
https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cekermercon.xyz/desa/.well-known/acme-challenge/
Redirect Chain

https://pungkit.desa.id/.well-known/acme-challenge/?x=138saga
https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga

14 KB
3 KB

898ms
217ms

Document
text/html

188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.7 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c152ec6463dfe3cd393043e6e03777fb6633ad195259f00b3a38f31b4e2615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b29cc2b6da0712f-OSL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 15:39:22 GMT
link: <https://fonts.googleapis.com>; rel="preconnect", <https://cdn.ampproject.org/v0.js>; rel="preload"; as=script
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWs3O5bCUGgoppzpGy%2FUKaBGXgCn9XIZAH0XOZj9EiC0PWxfewv0AYW%2BAnsXc5OOqAImPijDUQaL%2Be8OHYSofQhxADG35FAY07%2BvSYqWHyyPAz44sQ0AdSjSmkGhZJyuPAQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=0
content-length: 274
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=iso-8859-1
date: Tue, 13 Aug 2024 15:39:21 GMT
expires: Tue, 13 Aug 2024 15:39:21 GMT
location: https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga
server: null

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
0 1614ms
1614ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cekermercon.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 13 Aug 2024 15:39:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 15:39:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
725 B 1598ms
559ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,700&display=swap

Requested by

Host: cekermercon.xyz
URL: https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f10.1e100.net

Software

ESF /

Resource Hash

ec6f260d3642511694c122aa61bd54753cbfdf3cbe7a0e2c516b62d088e5f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cekermercon.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 15:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 13 Aug 2024 15:39:24 GMT

GET
H2 200 content-rating-symbol-97886-12823-removebg-preview.png
i.ibb.co.com/N33dBDb/ 91 KB
92 KB 1375ms
630ms Image
image/png 162.19.58.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co.com/N33dBDb/content-rating-symbol-97886-12823-removebg-preview.png
Requested by: Host: cekermercon.xyz
URL: https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096590.ip-162-19-58.eu
Software: nginx /
Resource Hash: dd87ae2d508177dfb39a03c8902fcbc67e45af2e7dc2869f8a7c902408d0bb17

Request headers

Referer: https://cekermercon.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 13 Aug 2024 15:39:23 GMT
last-modified: Tue, 06 Aug 2024 09:39:16 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 93361
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMorHA.woff2
fonts.gstatic.com/s/karla/v31/ 24 KB
24 KB 1523ms
304ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMorHA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3f6bc5d3f47d32a1206dce024b211bf6edbaca9c6586e7d6e27b512bc75ed22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cekermercon.xyz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 13 Aug 2024 14:02:37 GMT
x-content-type-options: nosniff
age: 5808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24364
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:02:37 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb54aebf14d38e7329f0c2a0a0882f957895da66d343da87c518ffbd14d90afe

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 a115404267c5b65b7b573.jpg
telegra.ph/file/ 145 KB
145 KB 1117ms
360ms Image
image/jpeg 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/a115404267c5b65b7b573.jpg

Requested by

Host: cekermercon.xyz
URL: https://cekermercon.xyz/desa/.well-known/acme-challenge/?x=138saga

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

0807b02618710791589c38c2de8bf4763e669a68f71a2514a3e445844daa2f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cekermercon.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 13 Aug 2024 15:39:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.20.1
etag: "e05592f1ee8eba257c0f6bc4477737ea8c3d2ff1"
content-type: image/jpeg
cache-control: max-age=10800, must-revalidate
content-length: 148525
expires: Tue, 13 Aug 2024 18:39:25 GMT

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
4 KB 1693ms
527ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cekermercon.xyz/
Origin: https://cekermercon.xyz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 15:06:09 GMT
age: 1997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Aug 2025 15:06:09 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 1689ms
535ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cekermercon.xyz/
Origin: https://cekermercon.xyz
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 13:58:11 GMT
age: 6075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Aug 2025 13:58:11 GMT

GET
H2 200 M4Nta2DDHPiV.png
gcdnb.pbrd.co/images/ 36 KB
37 KB 949ms
288ms Other
image/png 172.67.198.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gcdnb.pbrd.co/images/M4Nta2DDHPiV.png?o=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3619c0def8b637c87a01adcfe11cc227d1a00035d4cd727a396093da706d435a

Request headers

Referer: https://cekermercon.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 13 Aug 2024 15:39:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1298
x-guploader-uploadid: AHxI1nPyBkmEstlcpf6SjbU5a32FlCJvgxcwVp8IDNxmaedRgmUlmjY4mZAnv6JOQMJmxU7Q8CrTyNfZfg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 36624
cf-bgj: h2pri,csam-hash
last-modified: Tue, 23 Jul 2024 07:03:30 GMT
server: cloudflare
etag: "f14e7d0bb5f3aeecdfefae962fc06819"
vary: Accept-Encoding
x-goog-generation: 1721718210236165
content-type: image/png
x-goog-hash: crc32c=hiRkCA==, md5=8U59C7Xzruzf766WL8BoGQ==
cache-control: public, max-age=14400
x-goog-expiration: Mon, 21 Oct 2024 07:03:30 GMT
x-goog-stored-content-length: 36624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQujDb1lOLTqc0euOesb12a26fiBte6plNEBOxF3xIJULuq2k6%2BKfaC0DAVZyxt5ij%2FCNLG%2FlUmpU%2BV7aDXiTGtbt1IcdAC%2FbD31SvK8AHkFr7kW7zOg82SJyaUVCiH2"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b29cc4929f8b503-OSL
expires: Tue, 13 Aug 2024 16:17:49 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cekermercon.xyz
fonts.googleapis.com
fonts.gstatic.com
gcdnb.pbrd.co
i.ibb.co.com
pungkit.desa.id
telegra.ph
103.229.73.112
142.250.186.97
149.154.164.13
162.19.58.158
172.217.16.131
172.67.198.249
188.114.96.7
216.58.206.74
0807b02618710791589c38c2de8bf4763e669a68f71a2514a3e445844daa2f1d
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
3619c0def8b637c87a01adcfe11cc227d1a00035d4cd727a396093da706d435a
3f6bc5d3f47d32a1206dce024b211bf6edbaca9c6586e7d6e27b512bc75ed22d
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
5c152ec6463dfe3cd393043e6e03777fb6633ad195259f00b3a38f31b4e2615c
dd87ae2d508177dfb39a03c8902fcbc67e45af2e7dc2869f8a7c902408d0bb17
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
eb54aebf14d38e7329f0c2a0a0882f957895da66d343da87c518ffbd14d90afe
ec6f260d3642511694c122aa61bd54753cbfdf3cbe7a0e2c516b62d088e5f96d

cekermercon.xyz Open in urlscan Pro 188.114.96.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

8 IPs

5 Countries

310 kBTransfer

610 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

cekermercon.xyz Open in urlscan Pro
188.114.96.7 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

310 kB
Transfer

610 kB
Size

0
Cookies

9 HTTP transactions
1 data transactions