ulersawah.fun Open in urlscan Pro
162.0.209.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ulersawah.fun/gakbahayatah/cenzx.html
Effective URL:
https://ulersawah.fun/gakbahayatah/cenzx.html
Submission: On January 23 via automatic, source links-suspicious (January 23rd 2024, 2:58:36 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 162.0.209.201, located in United States and belongs to NAMECHEAP-NET, US. The main domain is ulersawah.fun.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 11th 2023. Valid for: a year.

This is the only time ulersawah.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	162.0.209.201 162.0.209.201	22612 (NAMECHEAP...) (NAMECHEAP-NET)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	149.154.164.13 149.154.164.13	62041 (TELEGRAM) (TELEGRAM)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.199.248.14 67.199.248.14	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
19	7

2 162.0.209.201 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business126-3.web-hosting.com

ulersawah.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

imbwlbank.mytestme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 149.154.164.13 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

telegra.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.14 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bitly.com

bitly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	mytestme.com imbwlbank.mytestme.com — Cisco Umbrella Rank: 894032	184 KB
5	telegra.ph telegra.ph — Cisco Umbrella Rank: 85381	127 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	109 KB
2	ulersawah.fun 1 redirects ulersawah.fun	29 KB
1	bitly.com bitly.com — Cisco Umbrella Rank: 49044
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 7478	261 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	781 B
19	7

	Domain	Requested by
6	imbwlbank.mytestme.com	ulersawah.fun
5	telegra.ph	ulersawah.fun
5	cdn.ampproject.org	ulersawah.fun cdn.ampproject.org
2	ulersawah.fun	1 redirects
1	bitly.com	ulersawah.fun
1	bit.ly	1 redirects
1	fonts.googleapis.com	ulersawah.fun
19	7

This site contains links to these domains. Also see Links.

Domain
bit.ly
api.whatsapp.com
t.ly

Subject Issuer	Validity	Valid
ulersawah.fun Sectigo RSA Domain Validation Secure Server CA	`2023-11-11` - `2024-11-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
mytestme.com E1	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.telegra.ph Go Daddy Secure Certificate Authority - G2	`2023-09-05` - `2024-10-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ulersawah.fun/gakbahayatah/cenzx.html
Frame ID: F4B6BD0EBCF5E70744B31BBB21F99E2D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DEWA69: Link Slot Gacor Hari Ini Terbaru Jamin Maxwin

Page URL History Show full URLs

http://ulersawah.fun/gakbahayatah/cenzx.html HTTP 301
https://ulersawah.fun/gakbahayatah/cenzx.html Page URL

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

19
Requests

95 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

450 kB
Transfer

827 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/48BDCnI
Title: <img src="https://telegra.ph/file/14129444c3aac2a377b24.jpg" alt="H5" width="127" height="35" class="oc">

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6281779248300
Title: <img src="https://telegra.ph/file/c72004025f852d21dcca6.jpg" width="20" height="25" class="je oc">WHATSAPP

Search URL Search Domain Scan URL

URL: https://t.ly/LIVECHATDEWA69
Title: <img src="https://telegra.ph/file/b1e7f9f062facfb45b8ed.jpg" width="20" height="25" class="je oc">LIVECHAT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ulersawah.fun/gakbahayatah/cenzx.html HTTP 301
https://ulersawah.fun/gakbahayatah/cenzx.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://bit.ly/48BDCnIAssets/Images/speaker.png HTTP 302
https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cenzx.html Show response
ulersawah.fun/gakbahayatah/
Redirect Chain

http://ulersawah.fun/gakbahayatah/cenzx.html
https://ulersawah.fun/gakbahayatah/cenzx.html

54 KB
29 KB

527ms
175ms

Document
text/html

162.0.209.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.201 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business126-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

c678170506b85b7c0802e3621f5d209d35de4dd15d7938e1ea6b120c26a29758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 29265
content-type: text/html
date: Tue, 23 Jan 2024 14:58:31 GMT
last-modified: Sun, 21 Jan 2024 10:03:16 GMT
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

content-length: 707
content-type: text/html
date: Tue, 23 Jan 2024 14:58:30 GMT
keep-alive: timeout=5, max=100
location: https://ulersawah.fun/gakbahayatah/cenzx.html
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 197ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2b68f86bc4350978eb41570944ec1b43fd1df664bc838dd57bc304ddba2a99

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 23 Jan 2024 14:58:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73167
x-xss-protection: 0
server: sffe
etag: "4502142353149ad4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jan 2024 14:58:31 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 261ms
129ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7567061505dfd81cc1f7994e335801896fa50172f0bcf895d7cf0877ef4ea0df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 23 Jan 2024 14:58:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
server: sffe
etag: "55b8e76d6af4c545"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jan 2024 14:58:31 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 49 KB
15 KB 294ms
177ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4222008d387e16634e6e9f0b2ebc3af4e97809df46868de2db2f37bb379f203

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 23 Jan 2024 14:58:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14960
x-xss-protection: 0
server: sffe
etag: "0420e41c92f88646"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jan 2024 14:58:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 730 B
781 B 184ms
64ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fresca:ital,wght@0,400

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b851113e5ce53c6b300e9627906271bd503391616f116f7f2e125fa3f51f165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jan 2024 14:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 14:58:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jan 2024 14:58:31 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 banner-nenektogel4d-togel.gif
imbwlbank.mytestme.com/img/Util/ 26 KB
27 KB 466ms
379ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Util/banner-nenektogel4d-togel.gif
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d7f35b7f932175bc48cdb4e55d80ebead240e6e47bbb85ad8e89fe4efd165f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 08:25:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a6a6e9de9db6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etNypI0idhjn5oXSaBnRfFcGYVQ5DSsQTGxsNdhHdxIAcCjaFPcPHyB6q6aLk06Udg83V4qOLCPV2hwKmLykcffzlOC9fjqqgviH%2FLeLzkLAnqg72ZChi3dzYCXx62Zlxf4iyNTyBPLrYzlusbeyjsgg2fPa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 84a0e534998b3828-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26862

GET
H2 200 banner-nenektogel4d-sports.gif
imbwlbank.mytestme.com/img/Util/ 31 KB
31 KB 439ms
352ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Util/banner-nenektogel4d-sports.gif
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e1ef0fda9785475557e002998d800a7bdeb675a8b4524f6504854e441a2f773b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 08:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fa7d655c9fb6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ2sCiF%2BzxczgJjo%2Bqm8FYobDuAN9n47c3L0ztHOEYQR1Gq5eQEbqGry1202UR55Z86N1qGEYGqswQdJCXptwtlB90nJM8mCpqDXq5%2Fwv7jdfQ6RfRj1Q%2FHNHhVWKcpXd8x7jdxpROMgJsi0XFzNWR07kfb7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 84a0e53499953828-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31611

GET
H2 200 banner-nenektogel4d-liveball.gif
imbwlbank.mytestme.com/img/Util/ 30 KB
30 KB 441ms
355ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Util/banner-nenektogel4d-liveball.gif
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2dcc93991f144c5727c6d673873c5b49646757c9f4eebbb5f01551d2e46bb7ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 08:31:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "67d0b5be9eb6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoDhk26kQ1WLsrF1sCfq%2FVsEYQ6bRnVILqFObKCwDl%2BtMndjo3O33KryW5KyuUJ5CiUE3nK7sMa%2BSCOnwelujo3qu4B3pSqPc%2FCPBVVwIcNUwjpTTSoy4cy7MZsvbMHLHDTotNHWxyQC8zuBrgylebPYE8OF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 84a0e53499923828-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30785

GET
H2 200 banner-nenektogel4d-casino.gif
imbwlbank.mytestme.com/img/Util/ 32 KB
33 KB 470ms
383ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Util/banner-nenektogel4d-casino.gif
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9fff77af7c79a9f39e6f786f4b9b9b7e0585959d0d2e0ae1c936609e277372c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 08:35:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8789d6599fb6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtplxstV%2F5AYn6S4qDlmMCGGAWZvtjHYUMI%2BJhpDnDENWzSML1KRbOeYA7htaLJ5qj1SgXPFU%2FcHJvhTZS%2Bz%2FC8cfzA9btSYYyOKMkf1IuryJpictOktRjdavSFnEKzqUpKOkRonhLnVk9KKNozZ9xi08qtD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 84a0e53499963828-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33146

GET
H2 200 banner-nenektogel4d-slots.gif
imbwlbank.mytestme.com/img/Util/ 32 KB
32 KB 469ms
383ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Util/banner-nenektogel4d-slots.gif
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee75456aa5ce76789507d3bba5a59c26f300c026e0c7a25ac33c1f4185f1d1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:32 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 Oct 2021 08:34:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7d5f3f2b9fb6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiaZH4mRQtUg22wH0ys8sHLU5O6dL9Q2tgP%2B2fe3yo9AWZomHgyTwX2MY7VJNuiAW%2F808Mf8vRucySspmXcwkKYC%2BrgdWqB2%2Bly21BSOZFqIxxNYV6WRGNHR2xXlJFk43wR2cvucMJA2oVTEC15R0Ru%2Ff8ik"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 84a0e53499943828-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32383

GET
H2 200 bspokerV.gif
imbwlbank.mytestme.com/img/Util/ 30 KB
31 KB 467ms
381ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imbwlbank.mytestme.com/img/Util/bspokerV.gif
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a0bbaac8224f638eb2a46d9abfc5511b3219e23821b247a59358a589fb47630a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:32 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jan 2022 17:21:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "181bfb4fc60d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFZ2xYPiHESicnJHHHUCeN5AmLkfn9gWN%2BeIAwQcg%2BW%2Bs64j%2BbA9GqltgD89tm5VxOzDz3w239d%2FCXlJUfc91wDXEcHIp%2F5bIONsu3VAF5s8jGRRv%2F9cUwxWM53PsEXTEX6XxK1J%2FPNhT0EOmvFirKGdmBWb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 84a0e53499913828-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31026

GET
H2 200 14129444c3aac2a377b24.jpg
telegra.ph/file/ 13 KB
13 KB 139ms
65ms Image
image/jpeg 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/14129444c3aac2a377b24.jpg

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

d386a96046dd31d8dd81a6c59a75cd2547167e7287ba2cc431f00b9de4de5d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.20.1
etag: "9ddb9e89f172bff251b4d07a5758dd3b090a1dce"
content-type: image/jpeg
cache-control: max-age=10800, must-revalidate
content-length: 12884
expires: Tue, 23 Jan 2024 17:58:31 GMT

GET
H2

200

branded-short-domains-powered-by-bitly
bitly.com/pages/landing/
Redirect Chain

https://bit.ly/48BDCnIAssets/Images/speaker.png
https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly

0
0

189ms
120ms

Image
text/html

67.199.248.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly
Requested by: Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html
Protocol: H2
Server: 67.199.248.14 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: bitly.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 14:58:31 GMT
via: 1.1 google, 1.1 google
server: nginx
x-frame-options: DENY
content-type: text/html; charset=utf-8
location: https://bitly.com/pages/landing/branded-short-domains-powered-by-bitly?bsd=bit.ly
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104

GET
H2 200 8542634d13c485e40b6c3.jpg
telegra.ph/file/ 83 KB
50 KB 168ms
94ms Image
image/jpeg 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/8542634d13c485e40b6c3.jpg

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

a1bbb8e168dad046e2bb73682e93cc14293cccf53210f5cd9e90b2684a329a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.20.1
etag: "88180db19dfe26626f50d917edf6e807e4176aaf"
content-type: image/jpeg
cache-control: max-age=10800, must-revalidate
content-length: 50618
expires: Tue, 23 Jan 2024 17:58:31 GMT

GET
H2 200 3b88f79ec8e2f3475216a.jpg
telegra.ph/file/ 14 KB
14 KB 137ms
63ms Image
image/jpeg 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/3b88f79ec8e2f3475216a.jpg

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

44b132253d5e440627da3b3f9e392543505d1c22bf064f620915cf959398d36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.20.1
etag: "9c2083a2afc7aea193d4f63c1fd20aa4f2ffbae3"
content-type: image/jpeg
cache-control: max-age=10800, must-revalidate
content-length: 13828
expires: Tue, 23 Jan 2024 17:58:31 GMT

GET
H2 200 c72004025f852d21dcca6.jpg
telegra.ph/file/ 82 KB
45 KB 197ms
123ms Image
image/jpeg 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/c72004025f852d21dcca6.jpg

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

f881c4a60752fcb1ebc0b87c31109516e05fd9e9f11f3aad586e780ce6b08a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.20.1
etag: "f281d87bcb90e74d058689fd78baf2eb8c69789e"
content-type: image/jpeg
cache-control: max-age=10800, must-revalidate
content-length: 45668
expires: Tue, 23 Jan 2024 17:58:31 GMT

GET
H2 200 b1e7f9f062facfb45b8ed.jpg
telegra.ph/file/ 6 KB
6 KB 140ms
65ms Image
image/jpeg 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/b1e7f9f062facfb45b8ed.jpg

Requested by

Host: ulersawah.fun
URL: https://ulersawah.fun/gakbahayatah/cenzx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

af5545477fe930440a64886287e6c12a497b9058323b7472d8249544b40d4fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 14:58:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.20.1
etag: "865b9ae8916c8ed95b9251296faf642ed25d56c8"
content-type: image/jpeg
cache-control: max-age=10800, must-revalidate
content-length: 5877
expires: Tue, 23 Jan 2024 17:58:31 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012401032027001/v0/ 8 KB
3 KB 174ms
59ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401032027001/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13bbc91e84603d4f76ebf8ee6914b27103189bcdc17bd9cd9f2b56a86562b1e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
Origin: https://ulersawah.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 18:02:02 GMT
age: 75390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2976
x-xss-protection: 0
server: sffe
etag: "7823c5356d0176f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Jan 2025 18:02:02 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012401032027001/v0/ 12 KB
4 KB 165ms
57ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401032027001/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd85acf2042f0242f0497fa443f8924c5d6e2a223f5495168c1cc42468c067e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ulersawah.fun/gakbahayatah/cenzx.html
Origin: https://ulersawah.fun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 18:02:02 GMT
age: 75390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "a83b07905a713a51"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Jan 2025 18:02:02 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
bitly.com
cdn.ampproject.org
fonts.googleapis.com
imbwlbank.mytestme.com
telegra.ph
ulersawah.fun
149.154.164.13
162.0.209.201
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2001
2a06:98c1:3120::3
67.199.248.10
67.199.248.14
2dcc93991f144c5727c6d673873c5b49646757c9f4eebbb5f01551d2e46bb7ba
44b132253d5e440627da3b3f9e392543505d1c22bf064f620915cf959398d36d
5b851113e5ce53c6b300e9627906271bd503391616f116f7f2e125fa3f51f165
6cd85acf2042f0242f0497fa443f8924c5d6e2a223f5495168c1cc42468c067e
7567061505dfd81cc1f7994e335801896fa50172f0bcf895d7cf0877ef4ea0df
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
9fff77af7c79a9f39e6f786f4b9b9b7e0585959d0d2e0ae1c936609e277372c2
a0bbaac8224f638eb2a46d9abfc5511b3219e23821b247a59358a589fb47630a
a1bbb8e168dad046e2bb73682e93cc14293cccf53210f5cd9e90b2684a329a96
a4222008d387e16634e6e9f0b2ebc3af4e97809df46868de2db2f37bb379f203
af5545477fe930440a64886287e6c12a497b9058323b7472d8249544b40d4fa7
b13bbc91e84603d4f76ebf8ee6914b27103189bcdc17bd9cd9f2b56a86562b1e
c678170506b85b7c0802e3621f5d209d35de4dd15d7938e1ea6b120c26a29758
d386a96046dd31d8dd81a6c59a75cd2547167e7287ba2cc431f00b9de4de5d74
d7f35b7f932175bc48cdb4e55d80ebead240e6e47bbb85ad8e89fe4efd165f72
dc2b68f86bc4350978eb41570944ec1b43fd1df664bc838dd57bc304ddba2a99
e1ef0fda9785475557e002998d800a7bdeb675a8b4524f6504854e441a2f773b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee75456aa5ce76789507d3bba5a59c26f300c026e0c7a25ac33c1f4185f1d1fc
f881c4a60752fcb1ebc0b87c31109516e05fd9e9f11f3aad586e780ce6b08a9b

ulersawah.fun Open in urlscan Pro 162.0.209.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

450 kBTransfer

827 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

ulersawah.fun Open in urlscan Pro
162.0.209.201 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

450 kB
Transfer

827 kB
Size

0
Cookies

19 HTTP transactions
1 data transactions