wap.rtgempur6.com Open in urlscan Pro
172.67.199.79  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response wap.rtgempur6.com/	57 KB 12 KB	1091ms 892ms	Document text/html	172.67.199.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.199.79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be860cf4cc1e000cb0c954a2bcec52823c4a7f6d9a5fabd6a5001ff358711516 Security Headers Name Value Strict-Transport-Security max-age:31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, must-revalidate, no-cache, no-store, private cf-cache-status DYNAMIC cf-ray 8f3c28186c2be7ee-SYD content-encoding zstd content-type text/html; charset=UTF-8 date Wed, 18 Dec 2024 03:44:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache priority u=0,i referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wNd5B11ydj1InTqyKuu1kJuTv7kXkzuLmxMsoSB1MTaNd4Oo0muxJ3fawcjCHqhyh%2BW8t88Q2VRTSprm%2FfW1DzwcxfBdj1vcLAtk%2BXiSbZaG3fzVTSdoFgaaSr798SuWi42R6g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=1184&min_rtt=1055&rtt_var=262&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4237&recv_bytes=5736&delivery_rate=1789&cwnd=12000&unsent_bytes=0&cid=0bf866161ab55f75&ts=896&x=1" cfExtPri cfHdrFlush;dur=0 strict-transport-security max-age:31536000; includeSubDomains x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	194 KB 70 KB	235ms 122ms	Script application/javascript	2404:6800:4006:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=GTM-NC64CZQK Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ee3c33c44348aa464db3fd4ab7500dbed4773bdf162925206f799ff136893be4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 18 Dec 2024 03:44:51 GMT alt-svc h3=":443"; ma=2592000 date Wed, 18 Dec 2024 03:44:51 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 18 Dec 2024 03:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 71169 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	323 KB 107 KB	364ms 252ms	Script application/javascript	2404:6800:4006:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8723FFTF3J Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 331e99f2e40c7a5857bf8132cdfbc115c88da6348a4f0593558421de084525b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 18 Dec 2024 03:44:51 GMT alt-svc h3=":443"; ma=2592000 date Wed, 18 Dec 2024 03:44:51 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109875 x-xss-protection 0 server Google Tag Manager
GET H3	200	32.webp ruangok.com/public/blog/rgotogel/2024/10/	8 KB 9 KB	348ms 218ms	Image image/webp	172.67.72.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ruangok.com/public/blog/rgotogel/2024/10/32.webp Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cf5d54648093dccef8d0dcdcd21ccf118fbad8c39e4604cf7594c71d0e74737 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cf-cache-status MISS etag "a6eec3b89a25db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrLmNpQzswnFRMkaXwUauzFbLqow3TiPzIEWR7SN%2Bj%2Fl5dcATj5k2fo9nz%2FvZIgmAsKNFzpzI6DEkU%2FTRhlfcTlNsMG%2B8Y%2FQlKnvmYzSZUIZqn96xLDNAVf815Za"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1986&min_rtt=845&rtt_var=1008&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4318&recv_bytes=4514&delivery_rate=1006&cwnd=12000&unsent_bytes=0&cid=71f31fd4e6bf4930&ts=237&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 18 Dec 2024 03:44:51 GMT content-type image/webp last-modified Wed, 23 Oct 2024 22:27:19 GMT vary Accept-Encoding priority u=1,i cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f3c281ed9d7a871-SYD accept-ranges bytes content-length 8466 server cloudflare
GET H3	200	065068732024-11-26-09-14-41.png datafile.ruangkomunikasilc.com/img/chat/10007/	2 MB 2 MB	162ms 34ms	Image image/png	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datafile.ruangkomunikasilc.com/img/chat/10007/065068732024-11-26-09-14-41.png Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 49e2e049a5d285f55322561196a496d41e8e94507ae9998a1377f5cd48988a51 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cf-cache-status HIT etag "8e6a8f65a83fdb1:0" age 516 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FgU1Zf%2FCQTcRcO5Q6MjwfpQFhHLfrmZlGB2%2FcA%2Bfydai65fn9XY7qR7tzunWlSmcIYhP3JqP5ben8PM4LP4gIpC2msrncVE3DFbIFwbrn8lfxYEbD3v3177LuGiXlxOzInSw1Nj0hRRCtwrEk05TRDw%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 18 Dec 2024 03:44:51 GMT content-type image/png last-modified Tue, 26 Nov 2024 02:10:42 GMT vary Accept-Encoding x-frame-options DENY cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade cf-ray 8f3c281edc50a88e-SYD accept-ranges bytes content-length 2415298 x-xss-protection 1 x-powered-by ASP.NET server cloudflare
GET H3	200	065068732024-11-26-09-15-19.png datafile.ruangkomunikasilc.com/img/chat/10007/	343 KB 344 KB	129ms 25ms	Image image/png	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datafile.ruangkomunikasilc.com/img/chat/10007/065068732024-11-26-09-15-19.png Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ddf5a68fb76dca157631c185c6224a2a2022375f4eb39774d6982e0a1ec833e5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cf-cache-status HIT etag "2ad9d57ba83fdb1:0" age 516 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFGMrJMnOM0A3oI1qd46Bx%2FB6Mupla7j%2BDu3kirnCRLZrXBh6nk0IiUPH4mBwMzFewoHWv8CCrJac2rGTkOwXe1%2BLPBOJmyKNy6NNMsmYLNjqE735TnKEF2uOXyMNb3727sdTCEuxfkRv1ngbyOoQcM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 18 Dec 2024 03:44:51 GMT content-type image/png last-modified Tue, 26 Nov 2024 02:11:20 GMT vary Accept-Encoding x-frame-options DENY cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade cf-ray 8f3c281edc4da88e-SYD accept-ranges bytes content-length 351335 x-xss-protection 1 x-powered-by ASP.NET server cloudflare
GET H3	200	065068732024-11-26-09-16-04.gif datafile.ruangkomunikasilc.com/img/chat/10007/	32 KB 33 KB	130ms 26ms	Image image/gif	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datafile.ruangkomunikasilc.com/img/chat/10007/065068732024-11-26-09-16-04.gif Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 1b77357701f46bbe69a6b934f7c74a2bec7bf899d99c2eb291b5d2633f215dfb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cf-cache-status HIT etag "d7493396a83fdb1:0" age 516 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryzd7Av%2B%2F3Y8%2FxrsFICRtDPwmfXaNSD69CXgWtv63JT8CLm90s2gVXAUp85LU4mUwdWkh4SvuHQHvSegrfrRgF6mOZuLgFBTNGMYk9Nj43pxC5DKD8AnL%2FLcZty3q6TlSbfHKSpYciEmZUv%2FfmTJffw%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 18 Dec 2024 03:44:51 GMT content-type image/gif last-modified Tue, 26 Nov 2024 02:12:04 GMT vary Accept-Encoding x-frame-options DENY cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade cf-ray 8f3c281edc51a88e-SYD accept-ranges bytes content-length 32915 x-xss-protection 1 x-powered-by ASP.NET server cloudflare
GET H3	200	065068732024-11-26-09-16-58.png datafile.ruangkomunikasilc.com/img/chat/10007/	1 MB 1 MB	134ms 30ms	Image image/png	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datafile.ruangkomunikasilc.com/img/chat/10007/065068732024-11-26-09-16-58.png Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 27374d72ca6a8cd6032bda0a37e6bfcff6f1bb5eca8912657a9e93a886f7ed21 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cf-cache-status HIT etag "ab90dab6a83fdb1:0" age 516 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytNpLBUH9%2Fjxerk8UXP0nc2a46gnTEE7%2F49yQliPaGc%2BsMw0I3albczjCq9tffhq5Jno0zuAOcQUuB%2BqpOfMjRc1lNKExVUkEHwjfJkpBQ30Odh3YMbutliWplq27EuLdQ66ubHRMQcCSbdRnLur0Q8%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 18 Dec 2024 03:44:51 GMT content-type image/png last-modified Tue, 26 Nov 2024 02:12:59 GMT vary Accept-Encoding x-frame-options DENY cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade cf-ray 8f3c281edc4ea88e-SYD accept-ranges bytes content-length 1546095 x-xss-protection 1 x-powered-by ASP.NET server cloudflare
GET H2	200	SitusAJ_dl5l3q.js Show response res.cloudinary.com/djutciv3m/raw/upload/v1705708989/	2 KB 859 B	96ms 79ms	Script text/javascript	2600:1415:9c00:288::523 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://res.cloudinary.com/djutciv3m/raw/upload/v1705708989/SitusAJ_dl5l3q.js Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1415:9c00:288::523 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software Cloudinary / Resource Hash d305197d1fdc2cfd294fe5a99396b0a593c7a46547a53a8698a57ddc398ed01b Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers strict-transport-security max-age=604800 cache-control private, no-transform, immutable, max-age=2592000 access-control-expose-headers Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag content-encoding br etag W/"bc3c716203aed27f9076c6b0cec70510" timing-allow-origin * accept-ranges bytes access-control-allow-origin * server-timing cld-akam;dur=59;start=2024-12-18T03:44:50.949Z;desc=hit,rtt;dur=0 content-length 470 date Wed, 18 Dec 2024 03:44:51 GMT content-type text/javascript last-modified Sat, 20 Jan 2024 00:03:10 GMT server Cloudinary vary Accept-Encoding
GET H2	401	AJ.css res.cloudinary.com/dsem9kjei/raw/upload/	0 0	26ms 9ms	Stylesheet text/html	2600:1415:9c00:288::523 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://res.cloudinary.com/dsem9kjei/raw/upload/AJ.css Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1415:9c00:288::523 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software Cloudinary / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers strict-transport-security max-age=604800 cache-control private, no-transform, max-age=0, no-cache access-control-expose-headers Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag timing-allow-origin * pragma no-cache content-transfer-encoding binary accept-ranges bytes access-control-allow-origin * x-cld-error dsem9kjei cannot be accessed via this endpoint content-length 0 server-timing cld-akam;dur=5;start=2024-12-18T03:44:50.932Z;desc=synth,rtt;dur=0 date Wed, 18 Dec 2024 03:44:50 GMT content-type text/html content-disposition inline server Cloudinary
GET H3	200	065068732024-11-26-09-12-36.gif datafile.ruangkomunikasilc.com/img/chat/10007/	16 MB 16 MB	138ms 39ms	Image image/gif	104.21.16.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://datafile.ruangkomunikasilc.com/img/chat/10007/065068732024-11-26-09-12-36.gif Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 18b8896907848c2aa8fe04db01bcabb19f5804052666fdf75b2c1d0c0ebdb457 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cf-cache-status HIT etag "e1bc9a1da83fdb1:0" age 516 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2rcAjGM8BnBetPIQUADbUxm2tzKARA4VtSr6TM8lGpWXsYwL8jQMEIhRHRbVQvs3W36G4%2BsYx0Ir05i0CUx0J06i5D%2FM8erFRzSWc4AeHY%2BwN3pYBkgoWMca%2FUWwd%2F19d%2FvAQ4Hyy07J9NXSO%2FOgKI%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 date Wed, 18 Dec 2024 03:44:51 GMT content-type image/gif last-modified Tue, 26 Nov 2024 02:08:42 GMT vary Accept-Encoding x-frame-options DENY cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade cf-ray 8f3c281edc4fa88e-SYD accept-ranges bytes content-length 16521557 x-xss-protection 1 x-powered-by ASP.NET server cloudflare
GET H3	200	hkb.js Show response iframe15.otomatis.vip/scriptnwl/	7 KB 3 KB	365ms 327ms	Fetch application/javascript	172.67.69.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iframe15.otomatis.vip/scriptnwl/hkb.js?1734493491 Requested by Host: wap.rtgempur6.com URL: https://wap.rtgempur6.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbf2b62e2c9cfadaf13d90c265293eef7f88a0b343e9c59a57acf57469181d26 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers content-md5 ORlTbULORWPvmbHthKhqEg== access-control-max-age 0 x-oss-storage-class Standard content-encoding gzip cf-cache-status DYNAMIC x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6foaxg4zwlMVoA54ARlzf9UgMeFMVbC%2FOt1Cwf5SsWNBsf%2BvBrTPAPSxpweIqUWk2SRRpsQHihgyPaNNPB5LPZ6mCei7sKocovF4BHmRVxVxddrYhc09U%2F7xNNSMmDMW8qfecvAqQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1986&min_rtt=1501&rtt_var=597&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4373&recv_bytes=5726&delivery_rate=1025&cwnd=12000&unsent_bytes=0&cid=4eb96a0cbbbc27e1&ts=338&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 18 Dec 2024 03:44:51 GMT x-oss-server-time 1 content-type application/javascript vary Accept-Encoding last-modified Tue, 17 Dec 2024 12:38:17 GMT priority u=1,i nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control no-cache x-oss-hash-crc64ecma 16776899239822463224 cf-ray 8f3c28201cfb5d20-SYD access-control-allow-origin * x-oss-request-id 67624533C6A65E3931A07358 server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	323 KB 107 KB	127ms 126ms	Script application/javascript	2404:6800:4006:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8723FFTF3J&l=dataLayer&cx=c&gtm=45Xe4cc1v9169408688za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=GTM-NC64CZQK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 36c0770e269a0a55ff4325c8b64bc29364d001f45d5f6b60798617ff1a77b0c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 18 Dec 2024 03:44:51 GMT alt-svc h3=":443"; ma=2592000 date Wed, 18 Dec 2024 03:44:51 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109945 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect www.google-analytics.com/g/	0 0	220ms 104ms	Fetch text/plain	2404:6800:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8723FFTF3J&gtm=45je4cc1v9180550311za200zb9169408688&_p=1734493490912&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&cid=681333411.1734493492&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734493491&sct=1&seg=0&dl=https%3A%2F%2Fwap.rtgempur6.com%2F&dt=WAP%20RGOTOGEL%20Poker%20by%20rgotogel.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1830 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8723FFTF3J Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80f::200e Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://wap.rtgempur6.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Dec 2024 03:44:51 GMT content-type text/plain server Golfe2
GET H3	404	favicon.ico wap.rtgempur6.com/	2 KB 2 KB	482ms 482ms	Other text/html	172.67.199.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wap.rtgempur6.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.199.79 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d12ad0d82056e0521330280ae310c3b3453ab399e164a3a54bdaf599d83644f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taQL8LvEIxA2oQSP9tnz%2FHCkLT0S5qv5z4i7xyzpEnPEqAiGdHOLVEabXGslGCNHfvnSaGQRh%2BFtywWeLtqYD4EeXQHbnDnW%2B8O2iCyu1DJ8gFo9947F76U%2B97TABDH877wiSw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f3c28302925e7ee-SYD alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2468&min_rtt=1055&rtt_var=1961&sent=29&recv=20&lost=0&retrans=1&sent_bytes=16556&recv_bytes=7304&delivery_rate=2309&cwnd=12000&unsent_bytes=0&cid=0bf866161ab55f75&ts=4285&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 18 Dec 2024 03:44:54 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare priority u=1,i
POST H2	204	collect www.google-analytics.com/g/	0 0	103ms 102ms	Fetch text/plain	2404:6800:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8723FFTF3J&gtm=45je4cc1v9180550311za200zb9169408688&_p=1734493490912&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123607~102198178&cid=681333411.1734493492&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734493491&sct=1&seg=0&dl=https%3A%2F%2Fwap.rtgempur6.com%2F&dt=WAP%20RGOTOGEL%20Poker%20by%20rgotogel.com&en=scroll&epn.percent_scrolled=90&_et=19&tfd=6873 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8723FFTF3J Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80f::200e Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://wap.rtgempur6.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://wap.rtgempur6.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Dec 2024 03:44:56 GMT content-type text/plain server Golfe2

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| _0x282e function| cssCircleMenu string| el object| myMenu string| uuidautodepo string| loadwl string| domainsystem function| _0x53d140 string| pathsystem function| _0x4435 function| _0x4be3 object| google_tag_manager object| google_tag_data function| _0x5ed203 number| checkonload string| eventMethod function| eventer string| messageEvent number| addheightvip function| _0x482e function| setupOtomatis function| setupIframeVip function| _0x28b4 function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wap.rtgempur6.com/	1970-01-21 10:33:49	Name: XSRF-TOKEN Value: eyJpdiI6InJndDhMMkg4emlWM1N5Sk5Hb01PN3c9PSIsInZhbHVlIjoibWQ2eVdFdFhIQ1p5bTNNWENLVEZhck9ZRjZvb2ZZbHhOUUprNEJ4Ukxjak9QKzJuWTF3K2ZsNFBuYWk2d0dqU2NCb1RhVEhMZENvaHlMT255eUpTcEpodytxUkpBTlNwb1dXbm1TMDVtcCtBMEpWcHhUTmR3a1IxSjg1OHp0N0ciLCJtYWMiOiJjN2RiMjI4ZGQ2ZjlmNjYyYWUxODBiMTZlMGEwYzlmNGE4ZGE5MjFmZWUxZmYwMWU0ODQyY2ExYjY4OTVlNTY5In0%3D
			wap.rtgempur6.com/	1970-01-21 10:33:49	Name: laravel_session Value: eyJpdiI6Ijh3bE5QZWxob2p0U3lYUUVOeHJWZkE9PSIsInZhbHVlIjoiTXJwLzE2Y0lWNDZIcFpiWFF6ZGVkc3dJTHBnTzMwSW1jNGhnNUV1U0Z3RHZZeEpQK3I5R2FkWklVWmtqcU4wY3dLS3FtRmJ4Y3pLc21kM3pUejNyQzRCY2xxdUsyWElYTXdiQXpXN091ZnFVQ24zMmplcjNhR0tnNFpGZlp5TUgiLCJtYWMiOiJjNDlhZDc5ZmZmMTBkOTIyZDRhN2QxYjE5OGEwNzk1YWFjNWRhNmIzYTljNGQzNjZhMGU5M2NjY2U3YjJlYWY2In0%3D
			wap.rtgempur6.com/	1969-12-31 23:59:59	Name: language Value: eyJpdiI6IkovQzlDZXFVcmc5SmJjYTRoUjluVlE9PSIsInZhbHVlIjoiNVZPNHJZNnFaVTZJM0pUZkhSVEtPd0UzQlQvVlRZWi92WWVnUUJOSG5yRXNnNi9wcHdpZUZkWGl3QnVGRmJjMitDckVOajNBNzQwMzZWdFJKQUhzWGc9PSIsIm1hYyI6IjRhODliYjdlM2IyMGNhNTVhOWJmNjljZWZiZmYyMmE4ODRmZTVmOWEwYmJjZWU0MDAwNGJmODU5OWQxNjVjOTgifQ%3D%3D
			.rtgempur6.com/	1970-01-21 11:24:13	Name: _ga Value: GA1.1.681333411.1734493492
			.rtgempur6.com/	1970-01-21 11:24:13	Name: _ga_8723FFTF3J Value: GS1.1.1734493491.1.0.1734493491.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://res.cloudinary.com/dsem9kjei/raw/upload/AJ.css Message: Failed to load resource: the server responded with a status of 401 ()
recommendation	verbose	URL: https://wap.rtgempur6.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://wap.rtgempur6.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age:31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

datafile.ruangkomunikasilc.com
iframe15.otomatis.vip
res.cloudinary.com
ruangok.com
wap.rtgempur6.com
www.google-analytics.com
www.googletagmanager.com
104.21.16.1
172.67.199.79
172.67.69.226
172.67.72.61
2404:6800:4006:804::2008
2404:6800:4006:80f::200e
2600:1415:9c00:288::523
18b8896907848c2aa8fe04db01bcabb19f5804052666fdf75b2c1d0c0ebdb457
1b77357701f46bbe69a6b934f7c74a2bec7bf899d99c2eb291b5d2633f215dfb
27374d72ca6a8cd6032bda0a37e6bfcff6f1bb5eca8912657a9e93a886f7ed21
331e99f2e40c7a5857bf8132cdfbc115c88da6348a4f0593558421de084525b4
36c0770e269a0a55ff4325c8b64bc29364d001f45d5f6b60798617ff1a77b0c2
49e2e049a5d285f55322561196a496d41e8e94507ae9998a1377f5cd48988a51
7cf5d54648093dccef8d0dcdcd21ccf118fbad8c39e4604cf7594c71d0e74737
9d12ad0d82056e0521330280ae310c3b3453ab399e164a3a54bdaf599d83644f
bbf2b62e2c9cfadaf13d90c265293eef7f88a0b343e9c59a57acf57469181d26
be860cf4cc1e000cb0c954a2bcec52823c4a7f6d9a5fabd6a5001ff358711516
d305197d1fdc2cfd294fe5a99396b0a593c7a46547a53a8698a57ddc398ed01b
ddf5a68fb76dca157631c185c6224a2a2022375f4eb39774d6982e0a1ec833e5
ee3c33c44348aa464db3fd4ab7500dbed4773bdf162925206f799ff136893be4