niwrb-gov.org Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dawners.org/
Effective URL:
https://niwrb-gov.org/
Submission: On November 01 via api (November 1st 2024, 10:57:59 pm UTC) from US — Scanned from NL

Summary HTTP 22 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is niwrb-gov.org.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.

This is the only time niwrb-gov.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 17	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:bc00:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::ac43:8a7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	5

17 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dawners.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tamuk-isee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
niwrb-gov.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:bc00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:8a7b (United States)

ASN13335 (CLOUDFLARENET, US)

nomorkiajit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	niwrb-gov.org niwrb-gov.org	193 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	86 KB
1	nomorkiajit.com nomorkiajit.com — Cisco Umbrella Rank: 244037
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 6375	490 KB
1	tamuk-isee.com 1 redirects tamuk-isee.com	661 B
1	dawners.org 1 redirects dawners.org	628 B
22	6

	Domain	Requested by
15	niwrb-gov.org	niwrb-gov.org
5	cdn.ampproject.org	niwrb-gov.org cdn.ampproject.org
1	nomorkiajit.com	cdn.ampproject.org
1	static.wixstatic.com	niwrb-gov.org
1	tamuk-isee.com	1 redirects
1	dawners.org	1 redirects
22	6

This site contains links to these domains. Also see Links.

Domain
elccoc.org
pafiketapang.org
bajuolahraga.xyz
thecanvasvenues.com
www.hotelgoldentoweramritsar.com
cutt.ly

Subject Issuer	Validity	Valid
niwrb-gov.org WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.wixstatic.com R11	`2024-09-09` - `2024-12-08`	3 months	crt.sh
nomorkiajit.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://niwrb-gov.org/
Frame ID: A770FA1BE000F94FC6A69F99AD4C00C9
Requests: 22 HTTP requests in this frame

Frame: https://nomorkiajit.com/hksgpsdy
Frame ID: 39F60F1F90C5AE259028996CE8A35650
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Togel Hongkong Togel Singapore Keluaran HK Pengeluaran SGP Data HK SGP Hari Ini

Page URL History Show full URLs

http://dawners.org/ HTTP 307
https://dawners.org/ HTTP 301
https://tamuk-isee.com/ HTTP 301
https://niwrb-gov.org/ Page URL

Page Statistics

22
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

768 kB
Transfer

1029 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://elccoc.org/
Title: Togel Hari Ini

Search URL Search Domain Scan URL

URL: https://pafiketapang.org/
Title: Slot Online

Search URL Search Domain Scan URL

URL: https://bajuolahraga.xyz/daftarnenek
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://bajuolahraga.xyz/loginnenek
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://bajuolahraga.xyz/wanenek
Title: <img src="https://niwrb-gov.org/img/Whatsapp.png" width="25" height="25" class="nc" alt="WA RESMI"> WA Resmi

Search URL Search Domain Scan URL

URL: https://thecanvasvenues.com/
Title: togel hongkong

Search URL Search Domain Scan URL

URL: https://www.hotelgoldentoweramritsar.com/
Title: https://www.hotelgoldentoweramritsar.com/

Search URL Search Domain Scan URL

URL: https://cutt.ly/rtpjw

Search URL Search Domain Scan URL

URL: https://bajuolahraga.xyz/lcnenek
Title: <img src="https://niwrb-gov.org/img/livechat.png" width="20" height="25" alt="live chat" class="ce nc"> LIVECHAT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dawners.org/ HTTP 307
https://dawners.org/ HTTP 301
https://tamuk-isee.com/ HTTP 301
https://niwrb-gov.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
niwrb-gov.org/
Redirect Chain

http://dawners.org/
https://dawners.org/
https://tamuk-isee.com/
https://niwrb-gov.org/

84 KB
14 KB

267ms
235ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d053f6f66e81a815814809e0444725caf4c47b655951e60c52ac5ccc87297f44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dbf7c85b85766a0-AMS
content-encoding: br
content-type: text/html
date: Fri, 01 Nov 2024 22:57:53 GMT
last-modified: Mon, 29 Jul 2024 10:20:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpZf%2F9frRieu2AZ5LxIZtDk4Usu0WBZk50ooeU7v7iJoh4opQWvf4I7PkmVewe%2FuG1uM8ZCfct0m0Irj643mDOWTi4O6tSnefaY39fpuxT28lQfiCpE%2FbxVFRkwXkFpk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=16908&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4485&delivery_rate=589&cwnd=12000&unsent_bytes=0&cid=dad37e9291668351&ts=232&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dbf7c843c06b980-AMS
content-type: text/html; charset=iso-8859-1
date: Fri, 01 Nov 2024 22:57:53 GMT
location: https://niwrb-gov.org/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N8l1iJi%2BPQxZCSMCSNFScyc9rgr5XkLbY5UuV2sO1KHt%2Bv80K4wgWpJsynYaJMyiaQRMVp%2BamMdvFt6ncqluY2OM%2F14j1qMb0pUox39ER33TyOK8M%2FFsPhZHmsTz92VKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21057&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4481&delivery_rate=670&cwnd=12000&unsent_bytes=0&cid=58599e44c3807e00&ts=212&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 keluaran-sgp.webp
niwrb-gov.org/img/ 31 KB
32 KB 27ms
26ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/keluaran-sgp.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba026ae5fa9e60911bed391044ae1702e3fb8334e49013d06245210b79b40fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "7d4a-63861d64-37231b;;;"
age: 16345
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9sKNsDSpAtCnmArUVZNPLIT0gjnRSR9BjsLjhCfbbAXmrE8IOHO%2BEbtlfjhu7oMOkbbQdqovgCeCPGbD8ITRIuA7LV6k4lQ4fLjKWJ1G7ochV%2BdtzDPwaf%2BHaa%2FOIXsH"}],"group":"cf-nel","max_age":604800}
expires: Thu, 07 Nov 2024 03:35:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21112&sent=25&recv=16&lost=0&retrans=0&sent_bytes=19330&recv_bytes=5041&delivery_rate=472606&cwnd=24000&unsent_bytes=0&cid=dad37e9291668351&ts=278&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:53 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 14:55:32 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87397a66a0-AMS
accept-ranges: bytes
content-length: 32074
server: cloudflare

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
62 KB 169ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: niwrb-gov.org
URL: https://niwrb-gov.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://niwrb-gov.org
Referer: https://niwrb-gov.org/

Response headers

content-encoding: br
etag: "23abcdba7c36547b"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 22:57:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 22:57:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 63634
x-xss-protection: 0
server: sffe

GET
H2 200 amp-iframe-0.1.mjs Show response
cdn.ampproject.org/v0/ 20 KB
8 KB 161ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs

Requested by

Host: niwrb-gov.org
URL: https://niwrb-gov.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be3455099e8637ee1149c53004c6272414364dbefc8ef761d7557858f8a30a61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://niwrb-gov.org
Referer: https://niwrb-gov.org/

Response headers

content-encoding: br
etag: "5f2ac68ab3ea6ace"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 22:57:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 22:57:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 7399
x-xss-protection: 0
server: sffe

GET
H2 200 amp-sidebar-0.1.mjs Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 165ms
67ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.mjs

Requested by

Host: niwrb-gov.org
URL: https://niwrb-gov.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1670ecf47930487a200edbf898f22955a6c38250ceab7c79a4d2da2679c3b23

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://niwrb-gov.org
Referer: https://niwrb-gov.org/

Response headers

content-encoding: br
etag: "117f24fcfdfffee8"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 22:57:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 22:57:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 8225
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 nenektogel4d-togel.webp
niwrb-gov.org/img/ 10 KB
11 KB 590ms
589ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/nenektogel4d-togel.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403f0a0bb11fdf7c7276f962c7a2d58c943d60b88b3c9c5773894077a733a90f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "276e-6386313b-372323;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RupPI3CC7w%2BuZ44M7wo%2F7rHJQLJyW9t2U9EJSVDWXuoVB5%2BiIxSUKzcw8vFPbpZUx%2BC1CaHVcd%2Fa9%2FyykQSQ4kucr1HZYGDruIOig7Btn%2Bm7yf1mI60gtskq73mJWIN2"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 16:52:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35856&sent=96&recv=51&lost=0&retrans=0&sent_bytes=96212&recv_bytes=10158&delivery_rate=11744&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=842&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 16:20:11 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87598866a0-AMS
accept-ranges: bytes
content-length: 10094
server: cloudflare

GET
H3 200 nenektogel4d-slot.webp
niwrb-gov.org/img/ 12 KB
13 KB 251ms
250ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/nenektogel4d-slot.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a4dcf87571c6db5a4c5e201d75f5167d1f503e9a0ef868a81167a2b914f6f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "30de-6386313d-372326;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6N2mKAbnRGPSA7PM9ZIk9zkb5iN%2FB1gsV8vcTItbpU3AJY2jWbJF5l%2BpgHxL4ZPR31cziC4sOHyTlAe2gfSS9T0NiPoZH9HeYqQyAzhwpR4aykKlx%2FrfdM7eyE1BYJrh"}],"group":"cf-nel","max_age":604800}
expires: Sun, 03 Nov 2024 15:12:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17806&sent=66&recv=32&lost=0&retrans=0&sent_bytes=65577&recv_bytes=7565&delivery_rate=783345&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=489&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 16:20:13 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87598b66a0-AMS
accept-ranges: bytes
content-length: 12510
server: cloudflare

GET
H3 200 nenektogel4d-liveball.webp
niwrb-gov.org/img/ 10 KB
10 KB 591ms
590ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/nenektogel4d-liveball.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba77e3e286bbe8bcc9d42e00073267c65b342dcda23e0c64d941ccade3cd3f6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "271a-6386313c-372324;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipwynEMA9He61OXXhrwgnq83koykztfVpuYc7juDBoOvqXa4%2FwBUTDHoBSpiw6kKDyEjaIGMaEuHUgOG16122u10M25h%2FN5eVbJmbvMXahPzE9HwTgC6T50Ale%2BBXMec"}],"group":"cf-nel","max_age":604800}
expires: Sun, 03 Nov 2024 15:19:04 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30177&sent=106&recv=56&lost=0&retrans=0&sent_bytes=107219&recv_bytes=10378&delivery_rate=54597&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=846&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 16:20:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87598c66a0-AMS
accept-ranges: bytes
content-length: 10010
server: cloudflare

GET
H3 200 nenektogel4d-casino.webp
niwrb-gov.org/img/ 13 KB
14 KB 562ms
561ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/nenektogel4d-casino.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e5d4c7789ff745e1cfea1738cadecddf792ab7060569736c0c1444bfd435376

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "351c-6386313c-37232d;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zup0wNySUwyXSKdmGHsd7ygbhQ0JGuTkKc2Ffi3DJxro3n0OrOaPCxz2hPlKHPrNPRS2h7DcWjAjzA559N6K02wYuBspCQFja93%2FYFTVVOcegJfQUODkoCbfbLzCVmYW"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 21:31:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36419&sent=83&recv=50&lost=0&retrans=0&sent_bytes=81641&recv_bytes=10113&delivery_rate=11070&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=820&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 16:20:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87599066a0-AMS
accept-ranges: bytes
content-length: 13596
server: cloudflare

GET
H3 200 nenektogel4d-sports.webp
niwrb-gov.org/img/ 12 KB
12 KB 230ms
229ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/nenektogel4d-sports.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc07403a9b2fe962a3af94908d82039443513fd0740f2161fbbfd39bcaa6ecad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "2e18-6386313c-372327;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnQY4CfPp5gg0Lnjgo6oNroufNefz9qKMvneimrDoopboxd3JAiFSBYw8OuOL7%2FzUG%2Fl61FnAZpKzeG8VGM2cr6tLGPyxa8N2knFeDntpAv8mIfElZsbOLfjKLvvOyoH"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 12:46:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17806&sent=55&recv=32&lost=0&retrans=0&sent_bytes=52848&recv_bytes=7565&delivery_rate=783345&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=473&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 16:20:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87599166a0-AMS
accept-ranges: bytes
content-length: 11800
server: cloudflare

GET
H3 200 nenektogel4d-pokerv.webp
niwrb-gov.org/img/ 9 KB
10 KB 640ms
639ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/nenektogel4d-pokerv.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648c0ff9c33caae39be4c667ee05fcee759f4dbd461e4df6a14f463f8bd56dd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "25b2-63861f5d-37232a;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPGBui3PaqXYYf1DYjteMuvnEyFCucJvXVMfC20338keL3u5GmtTkSyBA4Dxzns%2BaHQpKd9Pc3yLXZtbCL9lmgOGR83w2unyqOAwK9JOgtEISjmK4ltPHYFDJfxdM55y"}],"group":"cf-nel","max_age":604800}
expires: Wed, 06 Nov 2024 15:14:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29959&sent=116&recv=62&lost=0&retrans=0&sent_bytes=118136&recv_bytes=10643&delivery_rate=104408&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=902&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 15:03:57 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c87a9ce66a0-AMS
accept-ranges: bytes
content-length: 9650
server: cloudflare

GET
H2 200 69eebd_19b7d73325124115af8b5e9d8190c23e~mv2.gif
static.wixstatic.com/media/ 489 KB
490 KB 106ms
29ms Image
image/gif 2600:9000:2057:bc00:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/69eebd_19b7d73325124115af8b5e9d8190c23e~mv2.gif
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:bc00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.25.3.2 /
Resource Hash: f466739bdbd82564a71a525db423d970caeccf7d90da1e5582375457559369e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
etag: "b101dcc528b9752f1a0725b4df328f08"
age: 3969047
expires: Tue, 17 Sep 2024 01:27:06 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bz0jpQbInCkveRu4OiRrxhsnJt6wm4kaqYNFPYcEk1j-IGz5kkuRsg==
date: Tue, 17 Sep 2024 00:27:06 GMT
content-type: image/gif
last-modified: Fri, 02 Dec 2022 04:45:53 GMT
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
via: 1.1 google, 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-56f88799f9-dkmnh
content-length: 500341
x-amz-cf-pop: FRA6-C1
server: openresty/1.25.3.2

GET
H3 200 logo.webp
niwrb-gov.org/img/ 6 KB
6 KB 561ms
560ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/logo.webp
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f8601ae85c83500b1c27df232672c0b89ab66033920a9e931963eaa8a382e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "1752-63861d21-372317;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALdfXxNtGtrUZlONBYZTOo3BuSwOZj9948oW8Nu2Tl2B7L80yqOFBYx5TBd3rhCCepH5MjpYUv4x15%2BXHlXywZSTUfYzGgm%2Bdu%2B2TwojWQ2WwaIUEMkY0r72uLye2517"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 16:52:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28596&sent=134&recv=63&lost=0&retrans=0&sent_bytes=136895&recv_bytes=10688&delivery_rate=357119&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=1122&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 14:54:25 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c894b2866a0-AMS
accept-ranges: bytes
content-length: 5970
server: cloudflare

GET
H3 200 speaker.png
niwrb-gov.org/img/ 554 B
1 KB 558ms
558ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/speaker.png
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3053c61f8abc23222de0576c198fcc2d10eddad66372f2ad63a6d233affaf0f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "22a-638ce582-37231e;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HhhrSFMtD8Td83e24xmNmLjyMwxkm0TA0lRLOjtQfzao0GplOxbwu8l15R8Hg%2BiA5894zhs4Oci8HuGtiOR2SjyOU%2BL9Ghi5Gr65yQCbhdi3qxrceowI9sF9UzpPXY5R"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 12:52:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28596&sent=132&recv=63&lost=0&retrans=0&sent_bytes=135639&recv_bytes=10688&delivery_rate=357119&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=1121&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/png
last-modified: Sun, 04 Dec 2022 18:22:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c894b2966a0-AMS
accept-ranges: bytes
content-length: 554
server: cloudflare

GET
H3 200 Whatsapp.png
niwrb-gov.org/img/ 4 KB
5 KB 556ms
556ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/Whatsapp.png
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c78524ac58adc90022782506cc83eb347102ea6ce544b15893311cf2332270a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "fd3-63861dc3-372328;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIMTgW1Y2gFMoW8DNMYJQWcGExKYlDcmG%2FjReMn%2BKHncPMTR%2Bz8RI%2F8Uq%2FbGPVCAjOyHw8CWCDmMn4rzdwnF46%2FAyALCyV3zU%2B0FWt7ENF1sg9N%2Fq34Tz3c6Jrg2lEN5"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Sep 2024 12:09:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28596&sent=127&recv=63&lost=0&retrans=0&sent_bytes=130801&recv_bytes=10688&delivery_rate=357119&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=1118&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 14:57:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c894b2a66a0-AMS
accept-ranges: bytes
content-length: 4051
server: cloudflare

GET
H3 200 home.png
niwrb-gov.org/img/ 1 KB
2 KB 550ms
550ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/home.png
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39ba7aa5622d872b20817a3588c067080ef054ffe57cdd15ee930939e597dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "592-63861dc3-372316;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLsuUT8OQWRcclcjw8J7CSTtHU0T9KCm%2Fp8WTtj9tVc1nFqJ70TXxq%2F7NayNqJJB5g6KxI2YGucfqEnZBQGk3hWdPz9ERyPIGkVeE7%2F3IVhVJGDwVpajGPh2j298f0W3"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 16:52:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28596&sent=125&recv=63&lost=0&retrans=0&sent_bytes=128667&recv_bytes=10688&delivery_rate=357119&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=1113&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 14:57:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c894b2b66a0-AMS
accept-ranges: bytes
content-length: 1426
server: cloudflare

GET
H3 200 daftar.png
niwrb-gov.org/img/ 2 KB
2 KB 221ms
221ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/daftar.png
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e025be8c8518ba517a8f6a182c2982d5179db6028e164db712774d28fcbc382

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "71c-63861dc2-372318;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zccRmG2cOxgJMoliiO3fqBqydc6UbTyUmZ8byNw5A3BXkBKwHRdsYFLKpxhSGYgeqAi4zbKHDSxON0ySGRABgXPysmBGcUYD0LMncpKKk275xBIGuU0TZ%2FbrLjVrKI9t"}],"group":"cf-nel","max_age":604800}
expires: Fri, 08 Nov 2024 16:52:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37409&sent=80&recv=49&lost=0&retrans=0&sent_bytes=79095&recv_bytes=10069&delivery_rate=146056&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=785&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 14:57:06 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c894b2c66a0-AMS
accept-ranges: bytes
content-length: 1820
server: cloudflare

GET
H3 200 livechat.png
niwrb-gov.org/img/ 2 KB
3 KB 609ms
609ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwrb-gov.org/img/livechat.png
Requested by: Host: niwrb-gov.org
URL: https://niwrb-gov.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d6c25001339928aab7edf27944bc377727ae4454dfad46f9d01314f76383aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "7a8-63861dc3-372320;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktViEvOZhQ9I1AQufbKRE%2FVHKCUeMicxOEBfhW%2Fd4ULngkdxmLMSVoqVBrG3uH5al73QrutCXUZAQoDOVUtSnKsNnA6mFNnnxyVa6x7gs21fbZ2jvtClznG9Tv4fvQn3"}],"group":"cf-nel","max_age":604800}
expires: Thu, 07 Nov 2024 15:13:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31552&sent=140&recv=66&lost=0&retrans=0&sent_bytes=143679&recv_bytes=10822&delivery_rate=434416&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=1168&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2022 14:57:07 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c899b6e66a0-AMS
accept-ranges: bytes
content-length: 1960
server: cloudflare

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012410161801000/v0/ 7 KB
3 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410161801000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://niwrb-gov.org
Referer: https://niwrb-gov.org/

Response headers

content-encoding: br
etag: "b8502452bfebf99a"
age: 45734
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 10:15:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 10:15:40 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2819
x-xss-protection: 0
server: sffe

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012410161801000/v0/ 12 KB
4 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410161801000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df6f1dfd2d6a4c4f29fc8e1f954c3b451177703cb8518b03b0993acaeded5230

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://niwrb-gov.org
Referer: https://niwrb-gov.org/

Response headers

content-encoding: br
etag: "31d5abb8ef0b3a4f"
age: 199418
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:34:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:34:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3917
x-xss-protection: 0
server: sffe

GET
H2 200 hksgpsdy
nomorkiajit.com/ Frame 39F6 0
0 101ms
42ms Document
text/html 2606:4700:3031::ac43:8a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nomorkiajit.com/hksgpsdy
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://niwrb-gov.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 2552
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=14400
cf-cache-status: HIT
cf-ray: 8dbf7c89cd170a51-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Nov 2024 22:57:54 GMT
last-modified: Fri, 01 Nov 2024 22:15:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKrJ5LU3yBCIFi6XJzQ4YvopwkcVk2HwsKCcSJYI%2BTCyyUcbFtDNPJsAwXF%2Bn9%2FmbfeV0PixmSon03vO%2BHI5az%2B16X97AewNbHOu3MfFKBxbOOXffGRMKdTFEwH1Ltv1LQiFwYk3wflU9DqZLGs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=18706&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3985&recv_bytes=2270&delivery_rate=181018&cwnd=252&unsent_bytes=0&cid=f9dfa6edc965631e&ts=42&x=0"
vary: Accept-Encoding

GET
H3 200 fav.webp
niwrb-gov.org/img/ 56 KB
57 KB 28ms
28ms Other
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://niwrb-gov.org/img/fav.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13654ed0b8639c00b7898a575d5b1b29ef5f5f6e07c36620c60e01a33bb70d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://niwrb-gov.org/

Response headers

cf-cache-status: HIT
etag: "e198-63861d9e-372319;;;"
age: 16347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QY1O6uQhLIqhPER038h8t%2F2OIkCQ88hQfX389%2BBErGsBlu3BU5Wd49ur3aIpmTqwXAEHg7wQr4V7CwFQoFZUxnv57OwUCUZxSqKg%2B3jw3ctKWaDrGRHoOPHyRab3fzpM"}],"group":"cf-nel","max_age":604800}
expires: Thu, 30 May 2024 14:12:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32189&sent=145&recv=68&lost=0&retrans=0&sent_bytes=146424&recv_bytes=11218&delivery_rate=65392&cwnd=28800&unsent_bytes=0&cid=dad37e9291668351&ts=1220&x=1", cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 22:57:54 GMT
content-type: image/webp
last-modified: Tue, 29 Nov 2022 14:56:30 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbf7c8d1e6a66a0-AMS
accept-ranges: bytes
content-length: 57752
server: cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
dawners.org
niwrb-gov.org
nomorkiajit.com
static.wixstatic.com
tamuk-isee.com
188.114.97.3
2600:9000:2057:bc00:1e:5c56:d400:93a1
2606:4700:3031::ac43:8a7b
2a00:1450:4001:827::2001
3053c61f8abc23222de0576c198fcc2d10eddad66372f2ad63a6d233affaf0f1
403f0a0bb11fdf7c7276f962c7a2d58c943d60b88b3c9c5773894077a733a90f
4e5d4c7789ff745e1cfea1738cadecddf792ab7060569736c0c1444bfd435376
5e025be8c8518ba517a8f6a182c2982d5179db6028e164db712774d28fcbc382
6135fb9bc76250a8f91bbf718b8c6b3dcccaf10584fb76ec8741befd180dbd51
63d6c25001339928aab7edf27944bc377727ae4454dfad46f9d01314f76383aa
648c0ff9c33caae39be4c667ee05fcee759f4dbd461e4df6a14f463f8bd56dd5
67a4dcf87571c6db5a4c5e201d75f5167d1f503e9a0ef868a81167a2b914f6f5
90f8601ae85c83500b1c27df232672c0b89ab66033920a9e931963eaa8a382e4
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a39ba7aa5622d872b20817a3588c067080ef054ffe57cdd15ee930939e597dfb
ac5e080a9de2c02b375c0db535bcbd442b4eac89932532661560029311fdfda9
ba77e3e286bbe8bcc9d42e00073267c65b342dcda23e0c64d941ccade3cd3f6c
be3455099e8637ee1149c53004c6272414364dbefc8ef761d7557858f8a30a61
c13654ed0b8639c00b7898a575d5b1b29ef5f5f6e07c36620c60e01a33bb70d6
c78524ac58adc90022782506cc83eb347102ea6ce544b15893311cf2332270a2
d053f6f66e81a815814809e0444725caf4c47b655951e60c52ac5ccc87297f44
d1670ecf47930487a200edbf898f22955a6c38250ceab7c79a4d2da2679c3b23
dba026ae5fa9e60911bed391044ae1702e3fb8334e49013d06245210b79b40fa
dc07403a9b2fe962a3af94908d82039443513fd0740f2161fbbfd39bcaa6ecad
df6f1dfd2d6a4c4f29fc8e1f954c3b451177703cb8518b03b0993acaeded5230
f466739bdbd82564a71a525db423d970caeccf7d90da1e5582375457559369e7

niwrb-gov.org Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

100 %HTTPS

75 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

768 kBTransfer

1029 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

niwrb-gov.org Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

768 kB
Transfer

1029 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions