laforethousing.mejakursi.xyz Open in urlscan Pro
2606:4700:3037::6815:433a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://laforethousing.mejakursi.xyz/
Submission: On April 02 via api (April 2nd 2024, 1:08:33 pm UTC) from US — Scanned from US

Summary HTTP 25 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::6815:433a, located in United States and belongs to CLOUDFLARENET, US. The main domain is laforethousing.mejakursi.xyz.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2024. Valid for: 3 months.

This is the only time laforethousing.mejakursi.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:433a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
13	198.252.100.130 198.252.100.130	20068 (HAWKHOST) (HAWKHOST)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	6

1 2606:4700:3037::6815:433a (United States)

ASN13335 (CLOUDFLARENET, US)

laforethousing.mejakursi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 198.252.100.130 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.100.130-static.reverse.arandomserver.com

aksesoriswanita.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f0b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rbtasset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	aksesoriswanita.xyz aksesoriswanita.xyz	923 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 389	106 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	306 B
1	rbtasset.com cdn.rbtasset.com — Cisco Umbrella Rank: 67845	236 KB
1	mejakursi.xyz laforethousing.mejakursi.xyz	16 KB
0	robotaset.com Failed cdn.robotaset.com Failed
25	6

	Domain	Requested by
13	aksesoriswanita.xyz	laforethousing.mejakursi.xyz
5	cdn.ampproject.org	laforethousing.mejakursi.xyz cdn.ampproject.org
2	www.facebook.com	laforethousing.mejakursi.xyz
1	cdn.rbtasset.com	laforethousing.mejakursi.xyz
1	laforethousing.mejakursi.xyz
0	cdn.robotaset.com Failed
25	6

This site contains links to these domains. Also see Links.

Domain
daftar.tv
laforethousing.com
daftar.ink
https

Subject Issuer	Validity	Valid
mejakursi.xyz GTS CA 1P5	`2024-02-06` - `2024-05-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.aksesoriswanita.xyz R3	`2024-03-03` - `2024-06-01`	3 months	crt.sh
rbtasset.com GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-10` - `2024-04-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://laforethousing.mejakursi.xyz/
Frame ID: 8B8108CCB770327E6B3DAAAA64499082
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BETA138 Slot Online: Gacor Maxwin Besar Setiap Hari, Deposit Dana

Page Statistics

25
Requests

88 %
HTTPS

80 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

1281 kB
Transfer

1633 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://daftar.tv/beta
Title: Daftar

Search URL Search Domain Scan URL

URL: https://laforethousing.com/

Search URL Search Domain Scan URL

URL: https://daftar.ink/whatsappbeta
Title: WHATSHAPP

Search URL Search Domain Scan URL

URL: https://https//laforethousing.com/
Title: BETA138

Search URL Search Domain Scan URL

URL: https://daftar.tv/apkbeta
Title: Unduh

Search URL Search Domain Scan URL

URL: https://daftar.tv/promobeta
Title: Promosi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
laforethousing.mejakursi.xyz/ 72 KB
16 KB 7410ms
7361ms Document
text/html 2606:4700:3037::6815:433a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:433a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b931f44ab2d5453ce945d89a48f38297493b6f9a899a08dd3beb865f3c7b46ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86e10befee4d3344-EWR
content-encoding: br
content-type: text/html
date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Fri, 29 Mar 2024 12:57:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAaXzA31%2FM3pdt%2F9hIfiqqsXZciudRCj%2BwGICjvft%2Fp5rF8JrJQmQpp0AI88ne0CVy4bGA0%2FTMpcPcCELsg5VNBye0TN%2Bil4auGP%2BghWFBPUdlcgBz57be69APlK17Bq%2FtUY6o3iCGgvk7zITL8guof6gpIvOocILxr3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
62 KB 60ms
28ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e426170a73bb21e384e0f268462a566bc6a20ab8b237a10724dbee57eaa00eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
Origin: https://laforethousing.mejakursi.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 13:08:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63668
x-xss-protection: 0
server: sffe
etag: "2eb68c0ea1ae5ef9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 13:08:23 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/v0/ 41 KB
14 KB 51ms
20ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.mjs

Requested by

Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf827240be009312afba1496be10f6341c77de8c80f113988e939ea11a800f9b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
Origin: https://laforethousing.mejakursi.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 13:08:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13905
x-xss-protection: 0
server: sffe
etag: "defd632f798cca67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 13:08:23 GMT

GET
H2 200 amp-next-page-1.0.mjs Show response
cdn.ampproject.org/v0/ 37 KB
13 KB 46ms
15ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-next-page-1.0.mjs

Requested by

Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

891318add9a59a3d1305a955d6768733db328df3d80effd89415a8edaa627fca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
Origin: https://laforethousing.mejakursi.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 13:08:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0
server: sffe
etag: "bddbcb6eb2d1cdbe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Apr 2024 13:08:23 GMT

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73fd1a15b009d5713e67403489dfac8ee4d2ea2cd32b234be25674c5e11199d3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 betagede.jpg
aksesoriswanita.xyz/ 234 KB
235 KB 255ms
138ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/betagede.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 45a66ccf1b35e1ba1f31416ebca2382b552336591969b4b48381611b44cc4a8d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Fri, 21 Jul 2023 22:07:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 240065
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H3 200 logo.gif
cdn.rbtasset.com/assets/tpl/b2b7a70979/images/ 236 KB
236 KB 76ms
18ms Image
image/gif 2606:4700:e2::ac40:8f0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rbtasset.com/assets/tpl/b2b7a70979/images/logo.gif
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 500b512b19d00b3dc43e179ae89a811db41e6d78f2b5d8528a1377235ea3b00e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
x-amz-version-id: QYcYxL5i1pNCd0XscCk0lrG8NFUwaJut
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FEWA9TEJT8BQEXZX
age: 4639
alt-svc: h3=":443"; ma=86400
content-length: 241365
x-amz-id-2: UVrbAUcjOtD/j+6Ar+IHeEFbQu1t8xoKUKlpw8uR6vB6iojblLo+4KejqogYbkdZOq1sokIn77o=
last-modified: Sat, 01 Jul 2023 17:14:31 GMT
server: cloudflare
etag: "7f47fce659512143695c9cab4ddaca65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxhchgdITg0dC0VoSRkaD%2FK69rJfSUTnRA2%2FrVW%2Fn2So5dnT4pIuykaitfzXwfFvT3ZEdl55HQBMZLX2m84rqoqNXSW9U5k0geG6wgUENpDMae0Z8aSujWcYBbA%2Fd9cGlmuw6PYovjtpJfoXz%2Fdy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86e10c1f2d7e4258-EWR

GET
H2 200 5df27c4b19.jpg
aksesoriswanita.xyz/gambargame2/ 53 KB
53 KB 171ms
139ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/5df27c4b19.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3de3b944203c29bd9b1e09721575881db548cc041660e3cf5923787d335d7213

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 54637
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 6a0129912c.jpg
aksesoriswanita.xyz/gambargame2/ 49 KB
49 KB 170ms
138ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/6a0129912c.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 59a232428138bbf0b66d9f5cc781cb29d74faf43d65ffc4565305ba198ec89fe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49811
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 Gate-of-Olympus-1.png
aksesoriswanita.xyz/gambargame2/ 56 KB
56 KB 171ms
139ms Image
image/png 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/Gate-of-Olympus-1.png
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 862033cb7cf5d6412fcf0e44082dc4a80e06f0ffd68474651500c6570825a35f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 57358
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 13dbf5e822.jpg
aksesoriswanita.xyz/gambargame2/ 55 KB
56 KB 125ms
94ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/13dbf5e822.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 97ffc227b84c4eea1be174462fc200b5b71c3dab3ee0a7498cdd8a286f2b40d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 56819
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 gates-of-gatot-kaca-1.png
aksesoriswanita.xyz/gambargame2/ 59 KB
59 KB 170ms
139ms Image
image/png 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/gates-of-gatot-kaca-1.png
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 54f22776f605b4565569b11f9083fcf1afd20e82a5980b315f94b55cf6efa5f0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 60139
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 c1b6228c6b.jpg
aksesoriswanita.xyz/gambargame2/ 55 KB
55 KB 232ms
231ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/c1b6228c6b.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 8084e00f37a71100fe65db5f2e62b4b3b6f33faa11d36a030077c9bdf1e3642b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56350
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 d00157817c.jpg
aksesoriswanita.xyz/gambargame2/ 54 KB
54 KB 233ms
232ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/d00157817c.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 06ea48e573e689b0a899338b5cb8bab414ef5b11c5a9782c2af681a82959338a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55543
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 d300170248.jpg
aksesoriswanita.xyz/gambargame2/ 49 KB
49 KB 231ms
231ms Image
image/jpeg 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/d300170248.jpg
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 72ccdad4b09c50e17faeeb2896a9d65f47d89bf9d9ec75822390353087b84517

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 50216
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 megaways-odin-1.png
aksesoriswanita.xyz/gambargame2/ 67 KB
68 KB 232ms
232ms Image
image/png 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/megaways-odin-1.png
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ef1b92241d2e689ebbd23d0608568dadba4b1d40fe2a8375522633f285c56160

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 69075
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 mayong.png
aksesoriswanita.xyz/gambargame2/ 79 KB
79 KB 230ms
230ms Image
image/png 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/mayong.png
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f8db5cfd30d6b87aac83e53d281fad5b1f0067e7c34425e5f555068979ac4c65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 80528
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 96bb15f8d4.png
aksesoriswanita.xyz/gambargame2/ 84 KB
84 KB 232ms
231ms Image
image/png 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/96bb15f8d4.png
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 0412b5b9b95824cfc55bf732379a8f02dab16c66531ff01637d95b730eef7bd4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 86425
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 81b04aa8d5.png
aksesoriswanita.xyz/gambargame2/ 26 KB
26 KB 231ms
230ms Image
image/png 198.252.100.130
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aksesoriswanita.xyz/gambargame2/81b04aa8d5.png
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.100.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.100.130-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 4aa40f8d022c6c555321558502f06c0fc878fa6f9e4242e69670d62b31884ee2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 13:08:23 GMT
last-modified: Sun, 15 Oct 2023 12:18:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26836
expires: Tue, 09 Apr 2024 13:08:23 GMT

GET
H2 200 ww.mjs Show response
cdn.ampproject.org/rtv/012403142137000/ 45 KB
13 KB 14ms
14ms Fetch
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012403142137000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c87795f4d3c1edb199405dfc30555cfaac4fe2222beef2f3c57eab07b57333

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: text/plain
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 19:49:23 GMT
age: 407940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13073
x-xss-protection: 0
server: sffe
etag: "ded531846d72cf78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Mar 2025 19:49:23 GMT

GET
H2 200 tr
www.facebook.com/ 0
32 B 67ms
14ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=997642637968185&ev=PageView&noscript=1

Requested by

Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1326, tbw=2773, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Apr 2024 13:08:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ 0
274 B 65ms
13ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=833662751738494&ev=PageView&noscript=1

Requested by

Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1326, tbw=2773, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Apr 2024 13:08:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012403142137000/v0/ 12 KB
4 KB 14ms
14ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012403142137000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d736d9a8ab3a5711f0f8677b91cbca510b032ff3a498672552354f0faa0357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://laforethousing.mejakursi.xyz/
Origin: https://laforethousing.mejakursi.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 19:36:01 GMT
age: 408742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3911
x-xss-protection: 0
server: sffe
etag: "d6825b3f489f0bfb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Mar 2025 19:36:01 GMT

GET
BLOB 200
OK 00ab1d59-5088-4565-bf33-ccdebcbabca7
https://laforethousing.mejakursi.xyz/ 45 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://laforethousing.mejakursi.xyz/00ab1d59-5088-4565-bf33-ccdebcbabca7
Requested by: Host: laforethousing.mejakursi.xyz
URL: https://laforethousing.mejakursi.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68bb42a6401427406915e695dff06343f12bee6f27ae38080879b8014dbe42c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 46336
Content-Type: text/javascript

GET favicon.ico
cdn.robotaset.com/assets/tpl/b2b7a70979/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.robotaset.com
URL: https://cdn.robotaset.com/assets/tpl/b2b7a70979/images/favicon.ico

Domain: cdn.robotaset.com
URL: https://cdn.robotaset.com/assets/tpl/b2b7a70979/images/favicon.ico

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.robotaset.com/	1970-01-20 19:34:25	Name: __cf_bm Value: OoNupcWJjXHJ3cb4WByWFCQLmc4ufTy.7UGNxZpXh9A-1712063303-1.0.1.1-S8Bovd_XeYTi3cWRdckfDckCOlW_lGUdmbE5xMuDFI6ds3.kqvVn1w3DRHje7RUa9y0p7AlqpbBkyVwBPronVA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://laforethousing.mejakursi.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://laforethousing.mejakursi.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aksesoriswanita.xyz
cdn.ampproject.org
cdn.rbtasset.com
cdn.robotaset.com
laforethousing.mejakursi.xyz
www.facebook.com
cdn.robotaset.com
198.252.100.130
2606:4700:3037::6815:433a
2606:4700:e2::ac40:8f0b
2607:f8b0:4004:c17::84
2a03:2880:f103:181:face:b00c:0:25de
0412b5b9b95824cfc55bf732379a8f02dab16c66531ff01637d95b730eef7bd4
06c87795f4d3c1edb199405dfc30555cfaac4fe2222beef2f3c57eab07b57333
06ea48e573e689b0a899338b5cb8bab414ef5b11c5a9782c2af681a82959338a
2e426170a73bb21e384e0f268462a566bc6a20ab8b237a10724dbee57eaa00eb
3de3b944203c29bd9b1e09721575881db548cc041660e3cf5923787d335d7213
45a66ccf1b35e1ba1f31416ebca2382b552336591969b4b48381611b44cc4a8d
4aa40f8d022c6c555321558502f06c0fc878fa6f9e4242e69670d62b31884ee2
500b512b19d00b3dc43e179ae89a811db41e6d78f2b5d8528a1377235ea3b00e
54f22776f605b4565569b11f9083fcf1afd20e82a5980b315f94b55cf6efa5f0
59a232428138bbf0b66d9f5cc781cb29d74faf43d65ffc4565305ba198ec89fe
72ccdad4b09c50e17faeeb2896a9d65f47d89bf9d9ec75822390353087b84517
73fd1a15b009d5713e67403489dfac8ee4d2ea2cd32b234be25674c5e11199d3
8084e00f37a71100fe65db5f2e62b4b3b6f33faa11d36a030077c9bdf1e3642b
862033cb7cf5d6412fcf0e44082dc4a80e06f0ffd68474651500c6570825a35f
891318add9a59a3d1305a955d6768733db328df3d80effd89415a8edaa627fca
97ffc227b84c4eea1be174462fc200b5b71c3dab3ee0a7498cdd8a286f2b40d4
a0d736d9a8ab3a5711f0f8677b91cbca510b032ff3a498672552354f0faa0357
b931f44ab2d5453ce945d89a48f38297493b6f9a899a08dd3beb865f3c7b46ed
cf827240be009312afba1496be10f6341c77de8c80f113988e939ea11a800f9b
d68bb42a6401427406915e695dff06343f12bee6f27ae38080879b8014dbe42c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1b92241d2e689ebbd23d0608568dadba4b1d40fe2a8375522633f285c56160
f8db5cfd30d6b87aac83e53d281fad5b1f0067e7c34425e5f555068979ac4c65

laforethousing.mejakursi.xyz Open in urlscan Pro 2606:4700:3037::6815:433a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

25 Requests

88 %HTTPS

80 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

1281 kBTransfer

1633 kBSize

1 Cookies

6 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

laforethousing.mejakursi.xyz Open in urlscan Pro
2606:4700:3037::6815:433a Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

80 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

1281 kB
Transfer

1633 kB
Size

1
Cookies

25 HTTP transactions
1 data transactions