pub-1956b302d726417693b4adebab3c6058.r2.dev Open in urlscan Pro
2606:4700::6812:223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://simapro.kalteng.go.id/century/?tunnel=DEWI188
Effective URL:
https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Submission Tags: @phish_report
Submission: On March 11 via api (March 11th 2024, 5:59:29 pm UTC) from FI — Scanned from FI

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-1956b302d726417693b4adebab3c6058.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time pub-1956b302d726417693b4adebab3c6058.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.123.25.136 103.123.25.136	138071 (IDNIC-PEM...) (IDNIC-PEMPROV-KALTENG-AS-ID PEMERINTAH PROVINSI KALIMANTAN TENGAH)
1	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
10	7

1 103.123.25.136 (Indonesia)

ASN138071 (IDNIC-PEMPROV-KALTENG-AS-ID PEMERINTAH PROVINSI KALIMANTAN TENGAH, ID)
PTR: host-103-123-25-136.pky.kalteng.go.id

simapro.kalteng.go.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-1956b302d726417693b4adebab3c6058.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:177 (United States)

ASN13335 (CLOUDFLARENET, US)

springharborlife.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 397	85 KB
2	springharborlife.org springharborlife.org	388 KB
1	gstatic.com fonts.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	725 B
1	r2.dev pub-1956b302d726417693b4adebab3c6058.r2.dev	27 KB
1	kalteng.go.id simapro.kalteng.go.id	408 B
10	6

	Domain	Requested by
4	cdn.ampproject.org	pub-1956b302d726417693b4adebab3c6058.r2.dev
2	springharborlife.org	pub-1956b302d726417693b4adebab3c6058.r2.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pub-1956b302d726417693b4adebab3c6058.r2.dev
1	pub-1956b302d726417693b4adebab3c6058.r2.dev
1	simapro.kalteng.go.id
10	6

This site contains links to these domains. Also see Links.

Domain
luxuryslot77.xyz

Subject Issuer	Validity	Valid
*.kalteng.go.id Sectigo RSA Domain Validation Secure Server CA	`2021-10-01` - `2022-10-01`	a year	crt.sh
*.r2.dev E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
springharborlife.org GTS CA 1P5	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Frame ID: BE95EF950AFB0BEB862A5E0CDDD6FA25
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dragonslot99👑Situs Slot Gacor Hari Ini Terbaik 2024 Gampang Jakcpot Maxwin

Page URL History Show full URLs

https://simapro.kalteng.go.id/century/?tunnel=DEWI188 Page URL
https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

10
Requests

90 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

525 kB
Transfer

752 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://luxuryslot77.xyz/mobile/index.php
Title: Slot Gacor

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://simapro.kalteng.go.id/century/?tunnel=DEWI188 Page URL
https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
simapro.kalteng.go.id/century/ 178 B
408 B 4927ms
1586ms Document
text/html 103.123.25.136
IDNIC-PEMPROV-KAL...

General

Check archive.org

Show headers Download Go to

Full URL: https://simapro.kalteng.go.id/century/?tunnel=DEWI188
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.123.25.136 , Indonesia, ASN138071 (IDNIC-PEMPROV-KALTENG-AS-ID PEMERINTAH PROVINSI KALIMANTAN TENGAH, ID),
Reverse DNS: host-103-123-25-136.pky.kalteng.go.id
Software: Apache/2.4.38 (Debian) /
Resource Hash: fd9393b15bf083ad09dd973c430e6f291beec642560deb251296ee91f1a84466

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 156
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Mar 2024 17:59:22 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request slot.html Show response
pub-1956b302d726417693b4adebab3c6058.r2.dev/ 26 KB
27 KB 1351ms
1274ms Document
text/html 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be78ab99337b54581ab2a1f886cbf64cd7487049040c80f90ac9d50d64fca47a

Request headers

Referer: https://simapro.kalteng.go.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Accept-Ranges: bytes
CF-RAY: 862d70290f6a4c8c-HEL
Connection: keep-alive
Content-Length: 27121
Content-Type: text/html
Date: Mon, 11 Mar 2024 17:59:25 GMT
ETag: "26c4b520a35c3a1ffed11b7ba0f06a24"
Last-Modified: Sat, 09 Mar 2024 01:17:56 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
725 B 194ms
68ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,700&display=swap

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec6f260d3642511694c122aa61bd54753cbfdf3cbe7a0e2c516b62d088e5f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 17:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 11 Mar 2024 17:59:25 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 253ms
107ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ca726e11d5b85e441ddc6515ff38ee3624f1e6276e2ca7bfceeab75d313ced

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 17:59:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73135
x-xss-protection: 0
server: sffe
etag: "cd91c03a00c56b46"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 11 Mar 2024 17:59:25 GMT

GET
H2 200 amp-intersection-observer-polyfill-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 15 KB
6 KB 190ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-intersection-observer-polyfill-0.1.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59486eab0c236491c3e655d54b3a067706a14d1794c7f5746c05dfc3391b2f5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Mar 2024 18:36:43 GMT
age: 516162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4951
x-xss-protection: 0
server: sffe
etag: "cba2b3cad4e734d0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Mar 2025 18:36:43 GMT

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 8 KB
3 KB 203ms
73ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Mar 2024 18:36:49 GMT
age: 516156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "459060a7c7670829"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Mar 2025 18:36:49 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 12 KB
4 KB 198ms
68ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-loader-0.1.js

Requested by

Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Mar 2024 18:36:49 GMT
age: 516156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3947
x-xss-protection: 0
server: sffe
etag: "96d416c5baf5a1d0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Mar 2025 18:36:49 GMT

GET
H2 200 slotgcor2024.jpg
springharborlife.org/gambar/ 384 KB
385 KB 199ms
59ms Image
image/jpeg 2606:4700:3035::6815:177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://springharborlife.org/gambar/slotgcor2024.jpg
Requested by: Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06114696597dd80cedc46c64360fc32326ba2d23e238e8fe9206d8678a71147b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 17:59:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118721
alt-svc: h3=":443"; ma=86400
content-length: 393159
last-modified: Fri, 01 Mar 2024 10:56:33 GMT
server: cloudflare
etag: "5ffc7-65e1b461-6a1b63;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5X%2FwcEX31JyqL5G5GNQARW%2BoUzQuTZZJ4feVe7NKY8jItA32ltGwYa%2BwTOHIYQxyWHG%2FcVzZj6ADXw8FIwfCaDJcJrkpbe1fz1M%2BFVnH4ScNFo7DruGgF3qi%2BQZq25G44Bz6HywiSzg9Bdoj6GpSWSyBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 862d7031fb88356f-WAW
expires: Sun, 17 Mar 2024 09:00:43 GMT

GET
H2 200 icon-dragonslot99.png
springharborlife.org/gambar/ 3 KB
3 KB 233ms
110ms Image
image/png 2606:4700:3035::6815:177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://springharborlife.org/gambar/icon-dragonslot99.png
Requested by: Host: pub-1956b302d726417693b4adebab3c6058.r2.dev
URL: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/slot.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3f4e2ddc237257a8b4cfc4849b3795175bf55950f64c87511a16474678e37b3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pub-1956b302d726417693b4adebab3c6058.r2.dev/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 17:59:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118722
alt-svc: h3=":443"; ma=86400
content-length: 2709
last-modified: Mon, 15 Jan 2024 13:41:24 GMT
server: cloudflare
etag: "a95-65a53604-6a2803;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWY2zsuCUDR%2BVKH3NRpKYckmXanoTTkM5QEDvbTeuZgcgXq%2FeWkMt7KbzLKfxwJ4dr%2BDB1JoXTfuw0TnxN%2Fv%2FqgMYdnA%2F0H9j3NscmCTANuacwuB12vqh%2B3o%2BXXD%2F7piMdEhCVvyEo42v6czh%2BMdL%2BpmzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 862d7031fb8b356f-WAW
expires: Sun, 17 Mar 2024 09:00:43 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb54aebf14d38e7329f0c2a0a0882f957895da66d343da87c518ffbd14d90afe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMorHA.woff2
fonts.gstatic.com/s/karla/v31/ 24 KB
24 KB 191ms
65ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMorHA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f6bc5d3f47d32a1206dce024b211bf6edbaca9c6586e7d6e27b512bc75ed22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pub-1956b302d726417693b4adebab3c6058.r2.dev
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 05 Mar 2024 02:27:06 GMT
x-content-type-options: nosniff
age: 574339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24364
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 02:27:06 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
pub-1956b302d726417693b4adebab3c6058.r2.dev
simapro.kalteng.go.id
springharborlife.org
103.123.25.136
2606:4700:3035::6815:177
2606:4700::6812:223
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2001
06114696597dd80cedc46c64360fc32326ba2d23e238e8fe9206d8678a71147b
3f6bc5d3f47d32a1206dce024b211bf6edbaca9c6586e7d6e27b512bc75ed22d
4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9
667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1
be78ab99337b54581ab2a1f886cbf64cd7487049040c80f90ac9d50d64fca47a
d1ca726e11d5b85e441ddc6515ff38ee3624f1e6276e2ca7bfceeab75d313ced
eb54aebf14d38e7329f0c2a0a0882f957895da66d343da87c518ffbd14d90afe
ec6f260d3642511694c122aa61bd54753cbfdf3cbe7a0e2c516b62d088e5f96d
f3f4e2ddc237257a8b4cfc4849b3795175bf55950f64c87511a16474678e37b3
f59486eab0c236491c3e655d54b3a067706a14d1794c7f5746c05dfc3391b2f5
fd9393b15bf083ad09dd973c430e6f291beec642560deb251296ee91f1a84466

pub-1956b302d726417693b4adebab3c6058.r2.dev Open in urlscan Pro 2606:4700::6812:223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

525 kBTransfer

752 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

pub-1956b302d726417693b4adebab3c6058.r2.dev Open in urlscan Pro
2606:4700::6812:223 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

525 kB
Transfer

752 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions