urlscan.io logo urlscan.io
SecurityTrails logo

vatersa.com Open in urlscan Pro
198.187.31.103  Public Scan

Go To Rescan Add Verdict Report
URL: https://vatersa.com/
Submission: On June 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 13 domains to perform 18 HTTP transactions. The main IP is 198.187.31.103, located in United States and belongs to NAMECHEAP-NET, US. The main domain is vatersa.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 11th 2024. Valid for: a year.
This is the only time vatersa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.187.31.103 22612 (NAMECHEAP...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 172.67.196.81 13335 (CLOUDFLAR...)
4 4 188.114.96.3 13335 (CLOUDFLAR...)
2 2 172.67.176.61 13335 (CLOUDFLAR...)
2 2 172.67.197.197 13335 (CLOUDFLAR...)
2 172.67.220.113 13335 (CLOUDFLAR...)
18 7
1    198.187.31.103 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium10-5.web-hosting.com
vatersa.com
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
fat88hebat.com
fat88candu.com
2    172.67.196.81 (United States)

ASN13335 (CLOUDFLARENET, US)
fat88mahjongways.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fat88andalan.com
fat88betqris.com
2    172.67.176.61 (United States)

ASN13335 (CLOUDFLARENET, US)
fat88betpulsa.com
2    172.67.197.197 (United States)

ASN13335 (CLOUDFLARENET, US)
fat88putih.com
2    172.67.220.113 (United States)

ASN13335 (CLOUDFLARENET, US)
fat88antinawala.com
Apex Domain
Subdomains		 Transfer
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 472
95 KB
6 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 9469
707 KB
2 fat88antinawala.com
fat88antinawala.com
61 KB
2 fat88putih.com
fat88putih.com
498 B
2 fat88betqris.com
fat88betqris.com
499 B
2 fat88betpulsa.com
fat88betpulsa.com
498 B
2 fat88andalan.com
fat88andalan.com
498 B
2 fat88candu.com
fat88candu.com
475 B
2 fat88mahjongways.com
fat88mahjongways.com
506 B
2 fat88hebat.com
fat88hebat.com
485 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
305 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
102 KB
1 vatersa.com
vatersa.com
11 KB
18 13
Domain Requested by
6 cdn.ampproject.org vatersa.com
cdn.ampproject.org
6 blogger.googleusercontent.com vatersa.com
2 fat88antinawala.com
2 fat88putih.com 2 redirects
2 fat88betqris.com 2 redirects
2 fat88betpulsa.com 2 redirects
2 fat88andalan.com 2 redirects
2 fat88candu.com 2 redirects
2 fat88mahjongways.com 2 redirects
2 fat88hebat.com 2 redirects
2 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com vatersa.com
1 vatersa.com
18 13

This site contains links to these domains. Also see Links.

Domain
fat884d.com
api.whatsapp.com
secure.livechatinc.com
Subject Issuer Validity Valid
vatersa.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-11 -
2025-05-11		 a year crt.sh
*.googleusercontent.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
misc-sni.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vatersa.com/
Frame ID: C20DD060E3702321E7A147322C089037
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FAT88BET : Tempat Bermain Taruhan Online Mudah Maxwin

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

89 %
HTTPS

45 %
IPv6

13
Domains

13
Subdomains

7
IPs

3
Countries

975 kB
Transfer

1525 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://fat88hebat.com/favicon.png HTTP 301
  • https://fat88mahjongways.com/favicon.png HTTP 301
  • https://fat88candu.com/favicon.png HTTP 301
  • https://fat88andalan.com/favicon.png HTTP 301
  • https://fat88betpulsa.com/favicon.png HTTP 301
  • https://fat88betqris.com/favicon.png HTTP 301
  • https://fat88putih.com/favicon.png HTTP 301
  • https://fat88antinawala.com/favicon.png
Request Chain 17
  • https://fat88hebat.com/favicon.png HTTP 301
  • https://fat88mahjongways.com/favicon.png HTTP 301
  • https://fat88candu.com/favicon.png HTTP 301
  • https://fat88andalan.com/favicon.png HTTP 301
  • https://fat88betpulsa.com/favicon.png HTTP 301
  • https://fat88betqris.com/favicon.png HTTP 301
  • https://fat88putih.com/favicon.png HTTP 301
  • https://fat88antinawala.com/favicon.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vatersa.com/ 		74 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.31.103 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium10-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
6afce77e2d3a9013bfbcbecec3dad876ad931309386f5c33a45f729cfc9cf97f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
br
content-length
11163
content-type
text/html
date
Fri, 14 Jun 2024 19:09:21 GMT
last-modified
Fri, 14 Jun 2024 01:10:13 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
banner-amp-fat.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjp2LFUORwPofODELNgMQqod0gHVIB7NnqzK2MxoXB1gvTVest7tU_FIPt5sjTNaRrQkmQnldGwHcAdtbc41psIPv9ZBWrQpNNAxQiREglhQDLysxyQsELBo40YH63hRA4kpHsJa6xtZPc3InBj... 		314 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjp2LFUORwPofODELNgMQqod0gHVIB7NnqzK2MxoXB1gvTVest7tU_FIPt5sjTNaRrQkmQnldGwHcAdtbc41psIPv9ZBWrQpNNAxQiREglhQDLysxyQsELBo40YH63hRA4kpHsJa6xtZPc3InBjo0pNvQXl_XpsoOXqygMPljbl3skiJ0jqzY1uKszU/s768/banner-amp-fat.jpg
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
28c4bcf9f447ae042cf164f0da627fb7c23d7a379e4fe0331f8fb9b34ed0323e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v11d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="banner-amp-fat.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
321155
x-xss-protection
0
expires
Sat, 15 Jun 2024 19:09:22 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PRP92WGY9N
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d13e0503a7d5fe05b275f17a0a7892b1909a7f40ce759554c3048eead283bba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103652
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 19:09:21 GMT
v0.mjs
cdn.ampproject.org/ 		223 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b94b137d8eb756a847f22b33cbee992b66c4f540824d5f03afe87dcd9e850e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Origin
https://vatersa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 19:09:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63603
x-xss-protection
0
server
sffe
etag
"0d917317b332e439"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Jun 2024 19:09:21 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/v0/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f60c0c8e74a7ade915459aa7df198bdebe9ecca10afa797563e4e3893858f183
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Origin
https://vatersa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 19:09:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10061
x-xss-protection
0
server
sffe
etag
"58e271b33468f874"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Jun 2024 19:09:21 GMT
amp-install-serviceworker-0.1.mjs
cdn.ampproject.org/v0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aef240bb1e04a5b16f8f726256d99271e904198c7dbfaa50541594cfb881cb1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Origin
https://vatersa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 19:09:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2374
x-xss-protection
0
server
sffe
etag
"dbd3ebd0533057c6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Jun 2024 19:09:21 GMT
amp-youtube-0.1.mjs
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcadfa018d0649089bb964c0bc72eb27e9d668d85bfb92510132e35f3659e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Origin
https://vatersa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 19:09:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10328
x-xss-protection
0
server
sffe
etag
"d7a57c45467e46f9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Jun 2024 19:09:21 GMT
amp-accordion-0.1.mjs
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9b19f230216a365f2d045725407eab32165dd6d183a9600c871b0973c75a80
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Origin
https://vatersa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Jun 2024 19:09:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4851
x-xss-protection
0
server
sffe
etag
"044cfe454203f62c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Jun 2024 19:09:21 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PRP92WGY9N&gtm=45je46c0v9187570025za200&_p=1718392161742&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=600832013.1718392162&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718392162&sct=1&seg=0&dl=https%3A%2F%2Fvatersa.com%2F&dt=FAT88BET%20%3A%20Tempat%20Bermain%20Taruhan%20Online%20Mudah%20Maxwin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=918
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PRP92WGY9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 19:09:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vatersa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
new-logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEBivtdj-erNa0W1OhQ9nG93rI6v0h1sXjzzcRzwuPj8qAVDaJbHDC-9xyN8C1abU6Vd_ikyyvX4-uJg6YbYdvHN-8wbEhCDuvmsDEpI6SQt7f1r25uyypBT82v11O9cTY1VRcI0xABXiZOUiT... 		379 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEBivtdj-erNa0W1OhQ9nG93rI6v0h1sXjzzcRzwuPj8qAVDaJbHDC-9xyN8C1abU6Vd_ikyyvX4-uJg6YbYdvHN-8wbEhCDuvmsDEpI6SQt7f1r25uyypBT82v11O9cTY1VRcI0xABXiZOUiTQNNU8y5qXjWCEV2QTCMYxRQd766GTMu_wiWVX2M_/s1837/new-logo.png
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
95be6fa14928660cb028074dcd9a3400173246f66ca944d81c91e601cd6918cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:23 GMT
x-content-type-options
nosniff
server
fife
etag
"v11f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="new-logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
388439
x-xss-protection
0
expires
Sat, 15 Jun 2024 19:09:23 GMT
bonus-birutoto.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOK283Fr7Mnwrf8tj0x029LwilvV2FKLcBtosal1UH8T391pYT8iJieqsb6mVUcsJGrj6fHXnJs37s3BMH5Te_s7C1gegbh6ZTw_CCLIM4g3mD0btDadvtul9G_gtetKOx5pnG-xCg5-XhcMMo... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOK283Fr7Mnwrf8tj0x029LwilvV2FKLcBtosal1UH8T391pYT8iJieqsb6mVUcsJGrj6fHXnJs37s3BMH5Te_s7C1gegbh6ZTw_CCLIM4g3mD0btDadvtul9G_gtetKOx5pnG-xCg5-XhcMMoLY7CQwwi-GY6cGx6wcg0KbAsmSYBs-B1fSmZzb_P/s75/bonus-birutoto.png
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d6a3bda31132756e2fa901e14b8ba2c24c78d5fd60f158f7b009971dc04ae0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v116"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bonus-birutoto.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3657
x-xss-protection
0
expires
Sat, 15 Jun 2024 19:09:22 GMT
daftar-birutoto.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6F4xARwUyo3gsCvREfFUc1ZRe9ICcqjaaTS1jko0BQvw5Djf1BNunK60gSTJu9tDA3cVxtTafyvrei5JrEbpmXkTxImB9sbTMud7a9MqRhEr8RpcZByFz3NziFz5toIPxcpOps0ha9RFDDgLp... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6F4xARwUyo3gsCvREfFUc1ZRe9ICcqjaaTS1jko0BQvw5Djf1BNunK60gSTJu9tDA3cVxtTafyvrei5JrEbpmXkTxImB9sbTMud7a9MqRhEr8RpcZByFz3NziFz5toIPxcpOps0ha9RFDDgLpFEKkypuZgwRyviL8CwtgLVexEKlRytyXnhn47RYh/s75/daftar-birutoto.png
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7ac5ba46d8168bdaf7ae48bc8a30325ffbfeef2f230a0d227a06cf716da99946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v117"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="daftar-birutoto.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2985
x-xss-protection
0
expires
Sat, 15 Jun 2024 19:09:22 GMT
whatsapp-birutoto.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2gl_GtZDinrqjWZ67AO3PQQd-5E7_lju1O-X-3O5gY0gaRSk4DZJr_fGDuj-o67E_DJ4G1iF8iIWoSfmTpBnqcy-kaCrBGhCwsVbGe_3XitY3Gen1TEL5NeoGreAk6nSM8X-6RhNHinq1i6K3... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2gl_GtZDinrqjWZ67AO3PQQd-5E7_lju1O-X-3O5gY0gaRSk4DZJr_fGDuj-o67E_DJ4G1iF8iIWoSfmTpBnqcy-kaCrBGhCwsVbGe_3XitY3Gen1TEL5NeoGreAk6nSM8X-6RhNHinq1i6K3rFKBupnXlyykWeumnwV1IHv_ihnNhTng_nLXiLMh/s75/whatsapp-birutoto.png
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5d84a16b09b4ebf0a92248089397324e69c1aef63352f61ebec47f38431357b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v117"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="whatsapp-birutoto.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3615
x-xss-protection
0
expires
Sat, 15 Jun 2024 19:09:22 GMT
livechat-birutoto.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT9Pf1nFrRns10L1owVrxZXUCZ1DB5BOshMtzj4z1_UIwv6U5QitkqgoCSkBMWPF8KMp3TiRFjLsYUvP3eLCg21csrjfgUjrXiWB9IAzMwIP2HaVMmoAaYIIAn_WZP5Zmab28HJpMEmiXify4m... 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT9Pf1nFrRns10L1owVrxZXUCZ1DB5BOshMtzj4z1_UIwv6U5QitkqgoCSkBMWPF8KMp3TiRFjLsYUvP3eLCg21csrjfgUjrXiWB9IAzMwIP2HaVMmoAaYIIAn_WZP5Zmab28HJpMEmiXify4mUBBenarsryn85ctTvEZmWbAgxRO4UZpbW4JiZmYa/s75/livechat-birutoto.png
Requested by
Host: vatersa.com
URL: https://vatersa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4ce723f9758e14d7a0cb5005674eb53dab6cb70a04b9b2dd6adb712bb0d43f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 19:09:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v117"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="livechat-birutoto.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2482
x-xss-protection
0
expires
Sat, 15 Jun 2024 19:09:22 GMT
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012405300626000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d413ff3e61d817d5489fbcc0515f6b8913e8210b61b48725fadbe036d7856d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Origin
https://vatersa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Jun 2024 05:36:09 GMT
age
48793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3912
x-xss-protection
0
server
sffe
etag
"d1e9ab0ab42c428d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Jun 2025 05:36:09 GMT
favicon.png
fat88antinawala.com/
Redirect Chain
  • https://fat88hebat.com/favicon.png
  • https://fat88mahjongways.com/favicon.png
  • https://fat88candu.com/favicon.png
  • https://fat88andalan.com/favicon.png
  • https://fat88betpulsa.com/favicon.png
  • https://fat88betqris.com/favicon.png
  • https://fat88putih.com/favicon.png
  • https://fat88antinawala.com/favicon.png
61 KB
61 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fat88antinawala.com/favicon.png
Protocol
H3
Server
172.67.220.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a54fc201f9f962e0bc50a4c383640839eb829efaa0f49a8acfe80911dfe6e5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://vatersa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 14 Jun 2024 19:09:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Jul 2022 12:36:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUxv15E%2FF8tHTxb%2BptWWsXSLZrk%2Bjq5XvebHbmW5%2FCZQAKW1YQLJh7lM6legZMyW0GqNhFz%2BkFNxrVZHrgqkzVs5rTsMvRwa8Z7NkZcRfU8MOVAQqc79d171H1fn8WIRKFyALhHi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893c9d5d7a6892d4-CPH
alt-svc
h3=":443"; ma=86400
content-length
62292

Redirect headers

date
Fri, 14 Jun 2024 19:09:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5M3blhbNLU8Iq%2FgfDlAPPyQD4RI8WTt6aWoB3Zo4Q4bBEQTGdCk3npKJ10pxLgOFI54xVFZuWyQ%2BgXTKqtCWg0AkaoCa%2FGm1lUW0BJoknMALCWWAPjPZxLF6umJIzIITLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://fat88antinawala.com/favicon.png
cache-control
max-age=14400
cf-ray
893c9d5b2e2c9304-CPH
alt-svc
h3=":443"; ma=86400
favicon.png
fat88antinawala.com/
Redirect Chain
  • https://fat88hebat.com/favicon.png
  • https://fat88mahjongways.com/favicon.png
  • https://fat88candu.com/favicon.png
  • https://fat88andalan.com/favicon.png
  • https://fat88betpulsa.com/favicon.png
  • https://fat88betqris.com/favicon.png
  • https://fat88putih.com/favicon.png
  • https://fat88antinawala.com/favicon.png
61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fat88antinawala.com/favicon.png
Protocol
H3
Server
172.67.220.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a54fc201f9f962e0bc50a4c383640839eb829efaa0f49a8acfe80911dfe6e5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://vatersa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 14 Jun 2024 19:09:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Jul 2022 12:36:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUxv15E%2FF8tHTxb%2BptWWsXSLZrk%2Bjq5XvebHbmW5%2FCZQAKW1YQLJh7lM6legZMyW0GqNhFz%2BkFNxrVZHrgqkzVs5rTsMvRwa8Z7NkZcRfU8MOVAQqc79d171H1fn8WIRKFyALhHi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893c9d5d7a6892d4-CPH
alt-svc
h3=":443"; ma=86400
content-length
62292

Redirect headers

date
Fri, 14 Jun 2024 19:09:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5M3blhbNLU8Iq%2FgfDlAPPyQD4RI8WTt6aWoB3Zo4Q4bBEQTGdCk3npKJ10pxLgOFI54xVFZuWyQ%2BgXTKqtCWg0AkaoCa%2FGm1lUW0BJoknMALCWWAPjPZxLF6umJIzIITLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://fat88antinawala.com/favicon.png
cache-control
max-age=14400
cf-ray
893c9d5b2e2c9304-CPH
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PRP92WGY9N&gtm=45je46c0v9187570025za200&_p=1718392161742&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=600832013.1718392162&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718392162&sct=1&seg=0&dl=https%3A%2F%2Fvatersa.com%2F&dt=FAT88BET%20%3A%20Tempat%20Bermain%20Taruhan%20Online%20Mudah%20Maxwin&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5923
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PRP92WGY9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vatersa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 19:09:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vatersa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| gtag object| dataLayer object| AMP object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_MODE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

2 Cookies

Domain/Path Name / Value
.vatersa.com/ Name: _ga
Value: GA1.1.600832013.1718392162
.vatersa.com/ Name: _ga_PRP92WGY9N
Value: GS1.1.1718392162.1.0.1718392162.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdn.ampproject.org
fat88andalan.com
fat88antinawala.com
fat88betpulsa.com
fat88betqris.com
fat88candu.com
fat88hebat.com
fat88mahjongways.com
fat88putih.com
region1.google-analytics.com
vatersa.com
www.googletagmanager.com
172.67.176.61
172.67.196.81
172.67.197.197
172.67.220.113
188.114.96.3
198.187.31.103
2001:4860:4802:34::36
2a00:1450:4001:827::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2008
2a06:98c1:3120::3
0f9b19f230216a365f2d045725407eab32165dd6d183a9600c871b0973c75a80
1b94b137d8eb756a847f22b33cbee992b66c4f540824d5f03afe87dcd9e850e5
28c4bcf9f447ae042cf164f0da627fb7c23d7a379e4fe0331f8fb9b34ed0323e
3aef240bb1e04a5b16f8f726256d99271e904198c7dbfaa50541594cfb881cb1
4ce723f9758e14d7a0cb5005674eb53dab6cb70a04b9b2dd6adb712bb0d43f80
5d84a16b09b4ebf0a92248089397324e69c1aef63352f61ebec47f38431357b6
6afce77e2d3a9013bfbcbecec3dad876ad931309386f5c33a45f729cfc9cf97f
6d413ff3e61d817d5489fbcc0515f6b8913e8210b61b48725fadbe036d7856d0
7ac5ba46d8168bdaf7ae48bc8a30325ffbfeef2f230a0d227a06cf716da99946
7d6a3bda31132756e2fa901e14b8ba2c24c78d5fd60f158f7b009971dc04ae0e
95be6fa14928660cb028074dcd9a3400173246f66ca944d81c91e601cd6918cc
bfcadfa018d0649089bb964c0bc72eb27e9d668d85bfb92510132e35f3659e7a
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
d13e0503a7d5fe05b275f17a0a7892b1909a7f40ce759554c3048eead283bba2
d9a54fc201f9f962e0bc50a4c383640839eb829efaa0f49a8acfe80911dfe6e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f60c0c8e74a7ade915459aa7df198bdebe9ecca10afa797563e4e3893858f183
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457