urlscan.io logo urlscan.io
SecurityTrails logo

pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev Open in urlscan Pro
2a06:98c1:58::eb  Public Scan

Go To Rescan Add Verdict Report
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Submission Tags: @phish_report
Submission: On November 03 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:58::eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev.
TLS certificate: Issued by E5 on September 29th 2024. Valid for: 3 months.
This is the only time pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:58::eb 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 2600:9000:235... 16509 (AMAZON-02)
4 216.58.206.65 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
19 7
1    2a06:98c1:58::eb (United States)

ASN13335 (CLOUDFLARENET, US)
pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
7    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a02:26f0:480:587::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.cloudinary.com
4    2600:9000:2359:ba00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)
ik.imagekit.io
4    216.58.206.65 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f1.1e100.net
cdn.ampproject.org
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 517
177 KB
4 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22982
157 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
572 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 31541
3 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2653
398 B
1 r2.dev
pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
79 KB
19 6
Domain Requested by
11 cdn.ampproject.org pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
cdn.ampproject.org
4 ik.imagekit.io pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
1 region1.google-analytics.com cdn.ampproject.org
1 amp.analytics-debugger.com cdn.ampproject.org
1 res.cloudinary.com pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
1 pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
19 6

This site contains links to these domains. Also see Links.

Domain
rpm24.kantongreceh.xyz
Subject Issuer Validity Valid
*.r2.dev
E5		 2024-09-29 -
2024-12-28		 3 months crt.sh
misc-sni.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-13		 a year crt.sh
*.imagekit.io
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
analytics-debugger.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Frame ID: 8CEAFE60834FFC7492560F1448F8CBF3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SITUS LOGIN BO RESMI DAFTAR LINK RTP GACOR SLOT MAXWIN INDONESIA

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

417 kB
Transfer

908 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request coimai.html
pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/ 		79 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d7c67278f5a9811a6c0a49b2dd2db15a4bf30ea278c6814e1c5bd9e48cee26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
CF-RAY
8dcaefdc1828d937-HEL
Connection
keep-alive
Content-Length
80678
Content-Type
text/html
Date
Sun, 03 Nov 2024 08:19:01 GMT
ETag
"c0ab23475ccd4a26198ea93f9ff3ef73"
Last-Modified
Thu, 31 Oct 2024 19:32:28 GMT
Server
cloudflare
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b984655a7cc7e9d1918b12fec7d438b196419fe7f0b45810483725e73c127b03
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"1dd82982cf26bfea"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
73076
x-xss-protection
0
server
sffe
amp-carousel-0.2.js
cdn.ampproject.org/v0/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.2.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3a2ee5180b24d853ddd1fc6a299fdcb8519b3554cdfc0dfb6b8834df1c38e8a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"e46f7e627088fb4c"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
9602
x-xss-protection
0
server
sffe
amp-accordion-0.1.js
cdn.ampproject.org/v0/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57b19cc705c6fd182e2b9baf3a70b7f62e94162c4dccda0d6e24f728f40dbf0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"71ee8f4241390f1c"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5823
x-xss-protection
0
server
sffe
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
176afacb95a767c1e4aa5f8be5e77029d6c4046441f84ae93fba3aca8bb0884a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"da69d88c8a509ab1"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
9657
x-xss-protection
0
server
sffe
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c0d5b3a987adaa2e97a53b60fb91dfdc86fb63d287be2a17de9c0ba46262315
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"40e6f587465de66d"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
32191
x-xss-protection
0
server
sffe
amp-position-observer-0.1.js
cdn.ampproject.org/v0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-position-observer-0.1.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5020fe7bb21e60f09ef203b93278c6de94a348afbaab8129673278f20e930116
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"9aa2240672cb5410"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3690
x-xss-protection
0
server
sffe
amp-animation-0.1.js
cdn.ampproject.org/v0/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-animation-0.1.js
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd2492d337b9ecdb4f3b21285c1d79d591f74bc98252e7e41c80a588661652a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"f2d027be7a6056dd"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 08:19:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
18977
x-xss-protection
0
server
sffe
istockphoto-1406763265-170667a_ywjkpp.jpg
res.cloudinary.com/duilyud1t/image/upload/v1696425873/ 		0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/duilyud1t/image/upload/v1696425873/istockphoto-1406763265-170667a_ywjkpp.jpg
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:587::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

strict-transport-security
max-age=604800
cache-control
private, no-transform, max-age=0, no-cache
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag
timing-allow-origin
*
pragma
no-cache
content-transfer-encoding
binary
accept-ranges
bytes
access-control-allow-origin
*
x-cld-error
duilyud1t cannot be accessed via this endpoint
content-length
0
server-timing
cld-akam;dur=12;start=2024-11-03T08:19:01.739Z;desc=synth,rtt;dur=58
date
Sun, 03 Nov 2024 08:19:01 GMT
content-type
text/html
content-disposition
inline
server
Cloudinary
NICEBET138.png
ik.imagekit.io/nicebet138/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/nicebet138/NICEBET138.png
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:ba00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2a66dfd6207ec829fac0ea00146a6004835bef611128441fd2225668c2c416d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

x-request-id
939eb3b5-43a2-41f4-8d79-ebb88f7192d6
etag
"18285032ed6f8f2721b29101ad938369"
age
218324
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3Rcccgbsn7wtI0Ya9hVtvZnyh3enOvFsuRsUSSt1yXkYxuZWNO4EPg==
date
Thu, 31 Oct 2024 19:40:18 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
last-modified
Fri, 09 Aug 2024 02:22:41 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront), 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
14986
x-amz-cf-pop
FRA60-P10
WEBSITE-NICEBET138.png
ik.imagekit.io/nicebet138/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/nicebet138/WEBSITE-NICEBET138.png
Requested by
Host: pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
URL: https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/coimai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:ba00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5f02196ac2b0898367bbe7557bcbb31420a1b8793b614527c2d004a38499193e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

x-request-id
cd545277-9a29-4be6-8074-d1728b2fd383
etag
"fc1f809d35b7812c0a813829ead3132e"
age
218323
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Pqtos6bZtJqkV--V5FhOL9wnpBa6R64hb0y_zs40nUTQNI7zRe5JSA==
date
Thu, 31 Oct 2024 19:40:18 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
last-modified
Fri, 25 Oct 2024 06:54:24 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront), 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
124122
x-amz-cf-pop
FRA60-P10
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012410161801000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f1.1e100.net
Software
sffe /
Resource Hash
512c91337431f94af2fb3078116524b156de8c57f1bc045fd27f1e79584fd1b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"149b0c761c2ef4b5"
age
319429
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:35:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:35:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2974
x-xss-protection
0
server
sffe
amp-loader-0.1.js
cdn.ampproject.org/rtv/012410161801000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f1.1e100.net
Software
sffe /
Resource Hash
485a8e4f8b9cca27263f39bd4bffcffc3fd343cebcf06b6952d2f1058f8e5ed3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"c92c8dce1ca0463a"
age
319666
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:31:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:31:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3935
x-xss-protection
0
server
sffe
Favicon-Nicebet138.png
ik.imagekit.io/nicebet138/ 		19 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ik.imagekit.io/nicebet138/Favicon-Nicebet138.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:ba00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1cc53da672455f9462ab547c0036768efa41d6ddd017cfaf3b204dc191cf8897

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

x-request-id
c399fdb8-dfd7-484a-a367-0b34d59fc9b0
etag
"1f9ff4d7a518c72b90df56e7765fce6c"
age
218319
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
xqmfEXLPQqcruk32XKcZZXf2IvD1i5HkTbOFjrk4nrZJxqcJfOEDvQ==
date
Thu, 31 Oct 2024 19:40:23 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
last-modified
Fri, 30 Aug 2024 10:00:19 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront), 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
19540
x-amz-cf-pop
FRA60-P10
googleanalytics.json
cdn.ampproject.org/rtv/012410161801000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f1.1e100.net
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"0c5875023bf9c0f5"
age
320088
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:24:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:24:14 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
856
x-xss-protection
0
server
sffe
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fpub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
cf-cache-status
HIT
age
1901
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31Xvxj6tJ1xE9g1MMwvaCL9tXRm3Q41AXb809o8UZ0ijLTGuy%2FLVvQdJvWc%2FnHiv6MEdCuoXIeUCNDHOG%2BN4k3lpV0A%2FE6FKPGPxE08xIPh5CqwqTp1U3SpgsAg6xKh4zXPkSETQ435jnYd3Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-debug-em-all-ga4amp-version
20230607
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=69940&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4390&delivery_rate=47480&cwnd=12000&unsent_bytes=0&cid=6802aa821d5acf72&ts=91&x=1", cfHdrFlush;dur=0
date
Sun, 03 Nov 2024 08:19:02 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 07:47:21 GMT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8dcaefe4f8fbc30f-VIE
access-control-allow-origin
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
server
cloudflare
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/rtv/012410161801000/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410161801000/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f1.1e100.net
Software
sffe /
Resource Hash
80bdaad30bd68d2dd71aea7dc8602ec29f60357b55dfb97f90e253a314a9d4a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

content-encoding
br
etag
"bd83a94521c76245"
age
320298
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:20:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:20:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
19047
x-xss-protection
0
server
sffe
Favicon-Nicebet138.png
ik.imagekit.io/nicebet138/ 		19 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ik.imagekit.io/nicebet138/Favicon-Nicebet138.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:ba00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1cc53da672455f9462ab547c0036768efa41d6ddd017cfaf3b204dc191cf8897

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

x-request-id
c399fdb8-dfd7-484a-a367-0b34d59fc9b0
etag
"1f9ff4d7a518c72b90df56e7765fce6c"
age
218319
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
xqmfEXLPQqcruk32XKcZZXf2IvD1i5HkTbOFjrk4nrZJxqcJfOEDvQ==
date
Thu, 31 Oct 2024 19:40:23 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
last-modified
Fri, 30 Aug 2024 10:00:19 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront), 1.1 83f879b9257b55a619d0b5d3165412a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
19540
x-amz-cf-pop
FRA60-P10
collect
region1.google-analytics.com/g/ 		0
572 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-LBHE336XV2&ds=AMP&_p=9201&cid=amp-uiOvGAwGbZumCHhW7c1JOQ&ul=fi-fi&sr=1600x1200&_s=1&dl=https%3A%2F%2Fpub-6828fc54121b4029a32c42df7bb6bfee.r2.dev%2Fcoimai.html&dr=&dt=SITUS%20LOGIN%20BO%20RESMI%20DAFTAR%20LINK%20RTP%20GACOR%20SLOT%20MAXWIN%20INDONESIA&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1730621943&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 08:19:02 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

1 Cookies

Domain/Path Name / Value
.pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev/ Name: _ga
Value: amp-uiOvGAwGbZumCHhW7c1JOQ

1 Console Messages

Source Level URL
Text
network error URL: https://res.cloudinary.com/duilyud1t/image/upload/v1696425873/istockphoto-1406763265-170667a_ywjkpp.jpg
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.analytics-debugger.com
cdn.ampproject.org
ik.imagekit.io
pub-6828fc54121b4029a32c42df7bb6bfee.r2.dev
region1.google-analytics.com
res.cloudinary.com
188.114.97.3
2001:4860:4802:32::36
216.58.206.65
2600:9000:2359:ba00:15:c281:3500:93a1
2a00:1450:4001:81d::2001
2a02:26f0:480:587::523
2a06:98c1:58::eb
176afacb95a767c1e4aa5f8be5e77029d6c4046441f84ae93fba3aca8bb0884a
1cc53da672455f9462ab547c0036768efa41d6ddd017cfaf3b204dc191cf8897
2a66dfd6207ec829fac0ea00146a6004835bef611128441fd2225668c2c416d2
485a8e4f8b9cca27263f39bd4bffcffc3fd343cebcf06b6952d2f1058f8e5ed3
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5020fe7bb21e60f09ef203b93278c6de94a348afbaab8129673278f20e930116
512c91337431f94af2fb3078116524b156de8c57f1bc045fd27f1e79584fd1b8
57b19cc705c6fd182e2b9baf3a70b7f62e94162c4dccda0d6e24f728f40dbf0c
5f02196ac2b0898367bbe7557bcbb31420a1b8793b614527c2d004a38499193e
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c0d5b3a987adaa2e97a53b60fb91dfdc86fb63d287be2a17de9c0ba46262315
80bdaad30bd68d2dd71aea7dc8602ec29f60357b55dfb97f90e253a314a9d4a2
a3a2ee5180b24d853ddd1fc6a299fdcb8519b3554cdfc0dfb6b8834df1c38e8a
b984655a7cc7e9d1918b12fec7d438b196419fe7f0b45810483725e73c127b03
c7d7c67278f5a9811a6c0a49b2dd2db15a4bf30ea278c6814e1c5bd9e48cee26
cd2492d337b9ecdb4f3b21285c1d79d591f74bc98252e7e41c80a588661652a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855