23.248.170.131 Open in urlscan Pro
23.248.170.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freeslots.id/
Effective URL:
http://23.248.170.131/
Submission: On October 10 via api (October 10th 2023, 11:06:41 pm UTC) from LU — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 23.248.170.131, located in Jakarta, Indonesia and belongs to ZEN-ECN, US. The main domain is 23.248.170.131.

This is the only time 23.248.170.131 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3031::6815:290a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:5000:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:10:... 2606:4700:10::ac43:1e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.248.170.131 23.248.170.131	21859 (ZEN-ECN) (ZEN-ECN)
1	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
23	7

4 2606:4700:3031::6815:290a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freeslots.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:5000:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.248.170.131 (Jakarta, Indonesia)

ASN21859 (ZEN-ECN, US)
PTR: mta-out-170-131.quietclover.com

23.248.170.131	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

fafafa.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	208 KB
4	freeslots.id 1 redirects freeslots.id	30 KB
3	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 18979 fafafa.matomo.cloud	79 KB
1	tinyurl.com tinyurl.com — Cisco Umbrella Rank: 18021 Failed	516 B
1	r2.dev pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev	690 B
23	5

	Domain	Requested by
7	cdn.ampproject.org	freeslots.id 23.248.170.131 cdn.ampproject.org
4	freeslots.id	1 redirects freeslots.id
2	cdn.matomo.cloud	pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev 23.248.170.131
1	fafafa.matomo.cloud	cdn.matomo.cloud
1	tinyurl.com	freeslots.id
1	pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev	freeslots.id
23	6

This site contains links to these domains. Also see Links.

Domain
tinyurl.com

Subject Issuer	Validity	Valid
freeslots.id GTS CA 1P5	`2023-10-08` - `2024-01-06`	3 months	crt.sh
*.r2.dev E1	`2023-08-13` - `2023-11-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://23.248.170.131/
Frame ID: FACC4AC8152D6F87DADE6F5EF9FD08AA
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daftar Situs Slot Gacor Server Nexus Gampang Menang Hari Ini

Page URL History Show full URLs

http://freeslots.id/ HTTP 301
https://freeslots.id/ Page URL
https://tinyurl.com/482h2he8 HTTP 301
http://23.248.170.131/ Page URL

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

23
Requests

57 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

1698 kB
Transfer

2608 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/ywrkjmsw
Title: Daftar Situs Slot Gacor Server Nexus Gampang Menang Hari Ini

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freeslots.id/ HTTP 301
https://freeslots.id/ Page URL
https://tinyurl.com/482h2he8 HTTP 301
http://23.248.170.131/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://freeslots.id/ HTTP 301
https://freeslots.id/

23 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
freeslots.id/
Redirect Chain

http://freeslots.id/
https://freeslots.id/

139 KB
26 KB

1543ms
1491ms

Document
text/html

2606:4700:3031::6815:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeslots.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a2d3e977e0413694ca96dcd9041b8582f79fae50c51ff34c7749da2998ce7b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 814283aa9b1a2bf3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 23:06:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzD6pJIQJi0GUZzhOZN%2FBNdV4DsJDtlf2Xfb2Dok%2BUVzY%2FFScSqZTC51RrIAn49n0EXW%2BrolNbHUxEGID6%2BosExwYrQ101EanEXbKIJhec1pJ4HzZ4HBmY7Z1ePaZKK%2FIlmt%2BmNZOK7HIY0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 814283aa0e541bc3-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 10 Oct 2023 23:06:31 GMT
Expires: Wed, 11 Oct 2023 00:06:31 GMT
Location: https://freeslots.id/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHM8qGOZCC1BNAbDO9VYqOcWrZ1MNVCrdEA1arDXW7ktVrU2POdU4W0%2BI%2FzB4bq0AMqbyxWW3NiLuJH4JTTUsYJlRozqfvzjJchn7Zv0Ul4rDCUB82hjAxCphWPavjl7zo2%2F2a3LSL7Kay4%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK stat.js Show response
pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev/ 551 B
690 B 333ms
271ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev/stat.js
Requested by: Host: freeslots.id
URL: https://freeslots.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55a0fd2ee4f169301e7bee722a25c27ab0d968946782fb3e99f8e0707e0521c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeslots.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:33 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 11:32:34 GMT
Server: cloudflare
ETag: W/"3f00f2f63abd63ba0acf8b0f92585278"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 814283b44af45d80-FRA

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 118ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: freeslots.id
URL: https://freeslots.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f178692c19a5e78a320ff801c2e60fb25ab432f2d03b11baf01865b209456d8b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeslots.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 23:06:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73076
x-xss-protection: 0
server: sffe
etag: "ee946a67b163d99a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 23:06:33 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: freeslots.id
URL: https://freeslots.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00eff622d16b44a83213dc6e86af6af59f331e2db9f770d40b77bf3fd039e8c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeslots.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 23:06:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14981
x-xss-protection: 0
server: sffe
etag: "d00497ec7e24785b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 23:06:34 GMT

GET
H2 200 stat.js Show response
freeslots.id/ 561 B
609 B 1057ms
1057ms Script
application/javascript 2606:4700:3031::6815:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeslots.id/stat.js
Requested by: Host: freeslots.id
URL: https://freeslots.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ecf8fb653a8de1d26c11ef9f7e02a2ae93fce2a4c392ac16122b98ded2d5bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeslots.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 23:06:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 08 Oct 2023 21:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"231-6073ac2c3dca2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhRiD14rTsQ8g3%2BCGVuCSgWyrsPRnKiYPgNJovChTeGV7TZA7vwpE1ugrz61Mk7bvMg6RfbDP9kjvNKR3hVspZJhtxtOTkg5dH3%2F8KPgUtWSBtzYq0cTNFA6uVlsNSo%2Bv%2F3UlY0VU9EHlrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 814283b3f8ad2bf3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 id.js Show response
freeslots.id/ 5 KB
2 KB 1050ms
1049ms Script
application/javascript 2606:4700:3031::6815:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeslots.id/id.js
Requested by: Host: freeslots.id
URL: https://freeslots.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd47c527f68eab66ee0c33718090e372a294e7f0c3fed47dcce90174d6aff8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeslots.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 23:06:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 14:43:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1278-60721625f6c80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkVQQK%2FkYB67616g8XK9f5gx6Qsfx0rZu4yiaxts0CrteDWO2W7U9uy5V7iYOyPd7fO%2FQrQPxMfOGtPYrRO3KdaM%2Fn%2FjlYnd6wp732Ks1YoNtNjfBehCzeUS6JsbMS6p3e33AQgRLLlS7PE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 814283b3f8b02bf3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/fafafa.matomo.cloud/ 132 KB
39 KB 85ms
26ms Script
application/javascript 2600:9000:211e:5000:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/fafafa.matomo.cloud/matomo.js
Requested by: Host: pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev
URL: https://pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev/stat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freeslots.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:48:30 GMT
x-amz-version-id: 8ltSs.AlwFAH184s6acsha8mkLs9eJVe
content-encoding: gzip
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1085
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 04 Oct 2023 02:26:04 GMT
server: AmazonS3
etag: W/"df630c016b0a1d6d650d8d6a411f9d56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: uzcyihKcX66G31nBQU_e2JTObXuKNLWBFI1RJlwQQyH4k-zh8z-yIA==

GET 482h2he8
tinyurl.com/ 0
0

GET
H/1.1

200
OK

Primary Request / Show response
23.248.170.131/
Redirect Chain

https://tinyurl.com/482h2he8
http://23.248.170.131/

65 KB
17 KB

438ms
219ms

Document
text/html

23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: http://23.248.170.131/
Requested by: Host: freeslots.id
URL: https://freeslots.id/id.js
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: bf80dec1a92e74dcbbf71c1bad042bfc17c2ed042c7939b2720f9221f6cd4598

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, close
Content-Encoding: gzip
Content-Length: 17235
Content-Type: text/html
Date: Tue, 10 Oct 2023 23:06:35 GMT
ETag: "10419-6073a87924134-gzip"
Last-Modified: Sun, 08 Oct 2023 20:43:44 GMT
Server: Apache
Upgrade: h2
Vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status: DYNAMIC
cf-ray: 814283bbd9592c4d-FRA
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 23:06:34 GMT
location: http://23.248.170.131/
referrer-policy: unsafe-url
server: cloudflare
x-content-type-options: nosniff
x-tinyurl-redirect: eyJpdiI6IjNWRm1pWDZ5SUlyVUkrS0h0Q0xlbGc9PSIsInZhbHVlIjoiY1A0K2dLS0lwclQrRENndXhRLytFcVY3aVo2cC9BbW9uTk42aUZhY3JrZkFMQXJRTEplSHYxcUdrN09vSHVtY2RPZCtheEo3elVGaTM2SDl4eDREVlE9PSIsIm1hYyI6ImIwYjliZTlmODgyM2Y1OWRlZGIzNTg5YTcyYjE3ZTE0NmM5ODVmYjZiYzQyY2VlZTU4YzM2YzM0NGM4YzQyOGIiLCJ0YWciOiIifQ==
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK slotgacor.jpg
23.248.170.131/images/ 175 KB
175 KB 390ms
195ms Image
image/jpeg 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/slotgacor.jpg
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 10b8490a26ffb8bdb43653cf17709723af5b5612ad95e9791802fe50b8deb7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:35 GMT
Last-Modified: Mon, 09 Oct 2023 08:38:23 GMT
Server: Apache
ETag: "2bbf8-607448359367b"
Upgrade: h2
Content-Type: image/jpeg
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 179192

GET
H3 200 v0.js Show response
cdn.ampproject.org/ 278 KB
71 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: 23.248.170.131
URL: http://23.248.170.131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f178692c19a5e78a320ff801c2e60fb25ab432f2d03b11baf01865b209456d8b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 23:06:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73076
x-xss-protection: 0
server: sffe
etag: "ee946a67b163d99a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 23:06:35 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 23.248.170.131
URL: http://23.248.170.131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c415ed5efa93c4e3793a7a109f83238beb3f774463e953e9d2556fd246ca782

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 23:06:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32165
x-xss-protection: 0
server: sffe
etag: "02ef092be88d0550"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 23:06:35 GMT

GET
H3 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: 23.248.170.131
URL: http://23.248.170.131/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec2fdba11e4b2aff811e4f7ec8bc2e3af5dfa6723f0fb260e123195f54614180

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 23:06:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11513
x-xss-protection: 0
server: sffe
etag: "97211451cf9c710d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 23:06:35 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309290141000/v0/ 8 KB
3 KB 75ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b753dc75060582ea25996372b79e1aa029198ab91a86e0ff24854405fce9ef60

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://23.248.170.131/
Origin: http://23.248.170.131
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 18:03:45 GMT
age: 18170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2977
x-xss-protection: 0
server: sffe
etag: "c1d498d6bc14de96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 18:03:45 GMT

GET
H/1.1 200
OK logo-slotgacor.png
23.248.170.131/images/ 25 KB
25 KB 431ms
216ms Image
image/png 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/logo-slotgacor.png
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 14b09d1ef8f8f71487e7397af4c2d95d7f001d56d8e31b5a14751f4142ab3d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:35 GMT
Last-Modified: Sun, 08 Oct 2023 20:22:57 GMT
Server: Apache
ETag: "62a7-6073a3d3b39b6"
Upgrade: h2
Content-Type: image/png
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 25255

GET
H/1.1 200
OK slot777.gif
23.248.170.131/images/ 886 KB
886 KB 432ms
217ms Image
image/gif 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/slot777.gif
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 8db9372ccee0ea14462ac9e2f2cbfa5b3d5d16c33a624493aed8e61a1f6117d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:35 GMT
Last-Modified: Sun, 08 Oct 2023 20:22:59 GMT
Server: Apache
ETag: "dd614-6073a3d614031"
Upgrade: h2
Content-Type: image/gif
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 906772

GET
H/1.1 200
OK jackpot.gif
23.248.170.131/images/ 266 KB
267 KB 547ms
207ms Image
image/gif 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/jackpot.gif
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 239ef9d31c5cea2a915f43187740399c2a3fb80cfd9c8b3922d6fee0b1e0a950

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:35 GMT
Last-Modified: Sun, 08 Oct 2023 20:22:56 GMT
Server: Apache
ETag: "4296e-6073a3d3605aa"
Upgrade: h2
Content-Type: image/gif
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 272750

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309290141000/v0/ 12 KB
4 KB 64ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb5831e24d66c78f030b56d3b4eebbffedb649a7038073123adf0da7cf0e8d3f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://23.248.170.131/
Origin: http://23.248.170.131
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 18:03:56 GMT
age: 18159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "53692b447bed49a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Oct 2024 18:03:56 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d307f6be59a58f7ce9f88eacaedc4375052eb60d03cf23217ab91d4f410d5fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK matomo.js Show response
cdn.matomo.cloud/fafafa.matomo.cloud/ 132 KB
39 KB 52ms
27ms Script
application/javascript 2600:9000:211e:5000:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.matomo.cloud/fafafa.matomo.cloud/matomo.js
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 2600:9000:211e:5000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 22:48:30 GMT
x-amz-version-id: 8ltSs.AlwFAH184s6acsha8mkLs9eJVe
Content-Encoding: gzip
Via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
Age: 1086
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 04 Oct 2023 02:26:04 GMT
Server: AmazonS3
ETag: W/"df630c016b0a1d6d650d8d6a411f9d56"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=691200
X-Amz-Cf-Id: NELUG9NTR2kjdZjVsJxleqSgxQY_VizU2i8HhXNq9EEqBdeAwyfZ2A==

GET
H/1.1 200
OK whatsapp.png
23.248.170.131/images/ 2 KB
3 KB 450ms
217ms Image
image/png 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/whatsapp.png
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 4672b1a69c8835a83a7e4cc27bf623c3556eeda80071479d7dae2fd760913f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:35 GMT
Last-Modified: Sun, 08 Oct 2023 20:23:00 GMT
Server: Apache
ETag: "9d2-6073a3d7312be"
Upgrade: h2
Content-Type: image/png
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 2514

GET
H/1.1 200
OK register.png
23.248.170.131/images/ 3 KB
3 KB 664ms
207ms Image
image/png 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/register.png
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 4521ad02f79dd880c83b3f7433e3a8c48576f95cf96f9c1e9655e5e3e591bb92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:36 GMT
Last-Modified: Sun, 08 Oct 2023 20:22:58 GMT
Server: Apache
ETag: "c01-6073a3d4b00d1"
Upgrade: h2
Content-Type: image/png
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 3073

GET
H/1.1 200
OK hubungi.png
23.248.170.131/images/ 5 KB
5 KB 251ms
197ms Image
image/png 23.248.170.131
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://23.248.170.131/images/hubungi.png
Requested by: Host: 23.248.170.131
URL: http://23.248.170.131/
Protocol: HTTP/1.1
Server: 23.248.170.131 Jakarta, Indonesia, ASN21859 (ZEN-ECN, US),
Reverse DNS: mta-out-170-131.quietclover.com
Software: Apache /
Resource Hash: 6667d99adf27b64638ff91b36153b75b5649f51316a5eb3cc5531b4525cec430

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://23.248.170.131/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 23:06:35 GMT
Last-Modified: Sun, 08 Oct 2023 20:22:56 GMT
Server: Apache
ETag: "1212-6073a3d2d10ac"
Upgrade: h2
Content-Type: image/png
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Length: 4626

POST
H2 204 matomo.php
fafafa.matomo.cloud/ 0
167 B 126ms
60ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fafafa.matomo.cloud/matomo.php?action_name=Daftar%20Situs%20Slot%20Gacor%20Server%20Nexus%20Gampang%20Menang%20Hari%20Ini&idsite=1&rec=1&r=816915&h=1&m=6&s=35&url=http%3A%2F%2F23.248.170.131%2F&_id=7e953ae79df14acb&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=aUTVzP&pf_net=219&pf_srv=219&pf_tfr=217&pf_dm1=226&uadata=%7B%7D
Requested by: Host: cdn.matomo.cloud
URL: http://cdn.matomo.cloud/fafafa.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://23.248.170.131/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: http://23.248.170.131
date: Tue, 10 Oct 2023 23:06:35 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tinyurl.com
URL: https://tinyurl.com/482h2he8

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freeslots.id/	1970-01-21 00:48:54	Name: _pk_id.3.834a Value: e5ddc1c5205c9ac7.1696979195.
23.248.170.131/	1970-01-21 00:48:54	Name: _pk_id.1.f302 Value: 7e953ae79df14acb.1696979196.
23.248.170.131/	1970-01-20 15:23:00	Name: _pk_ses.1.f302 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cdn.matomo.cloud
fafafa.matomo.cloud
freeslots.id
pub-e4f00ab0886f44a2a30178c704f4694a.r2.dev
tinyurl.com
tinyurl.com
23.248.170.131
2600:9000:211e:5000:c:7d55:b3c0:93a1
2606:4700:10::ac43:1e1
2606:4700:3031::6815:290a
2606:4700::6812:323
2a00:1450:4001:81c::2001
3.126.133.169
00eff622d16b44a83213dc6e86af6af59f331e2db9f770d40b77bf3fd039e8c9
10b8490a26ffb8bdb43653cf17709723af5b5612ad95e9791802fe50b8deb7fa
14b09d1ef8f8f71487e7397af4c2d95d7f001d56d8e31b5a14751f4142ab3d73
1c415ed5efa93c4e3793a7a109f83238beb3f774463e953e9d2556fd246ca782
239ef9d31c5cea2a915f43187740399c2a3fb80cfd9c8b3922d6fee0b1e0a950
4521ad02f79dd880c83b3f7433e3a8c48576f95cf96f9c1e9655e5e3e591bb92
4672b1a69c8835a83a7e4cc27bf623c3556eeda80071479d7dae2fd760913f0f
4d307f6be59a58f7ce9f88eacaedc4375052eb60d03cf23217ab91d4f410d5fc
55a0fd2ee4f169301e7bee722a25c27ab0d968946782fb3e99f8e0707e0521c8
6667d99adf27b64638ff91b36153b75b5649f51316a5eb3cc5531b4525cec430
7a2d3e977e0413694ca96dcd9041b8582f79fae50c51ff34c7749da2998ce7b2
7ecf8fb653a8de1d26c11ef9f7e02a2ae93fce2a4c392ac16122b98ded2d5bba
8db9372ccee0ea14462ac9e2f2cbfa5b3d5d16c33a624493aed8e61a1f6117d2
b753dc75060582ea25996372b79e1aa029198ab91a86e0ff24854405fce9ef60
bf80dec1a92e74dcbbf71c1bad042bfc17c2ed042c7939b2720f9221f6cd4598
c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
dd47c527f68eab66ee0c33718090e372a294e7f0c3fed47dcce90174d6aff8e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5831e24d66c78f030b56d3b4eebbffedb649a7038073123adf0da7cf0e8d3f
ec2fdba11e4b2aff811e4f7ec8bc2e3af5dfa6723f0fb260e123195f54614180
f178692c19a5e78a320ff801c2e60fb25ab432f2d03b11baf01865b209456d8b
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

23.248.170.131 Open in urlscan Pro 23.248.170.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

57 %HTTPS

71 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

1698 kBTransfer

2608 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

3 Cookies

Indicators

23.248.170.131 Open in urlscan Pro
23.248.170.131 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

57 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

1698 kB
Transfer

2608 kB
Size

3
Cookies

23 HTTP transactions
3 data transactions