URL: https://ketikamaxwin.site/
Submission: On March 28 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3030::ac43:987d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ketikamaxwin.site.
TLS certificate: Issued by GTS CA 1P5 on March 28th 2024. Valid for: 3 months.
This is the only time ketikamaxwin.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 162.0.235.193 22612 (NAMECHEAP...)
1 2620:127:f00f... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
21 8
Apex Domain
Subdomains
Transfer
6 indo-sga.site
indo-sga.site
405 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 389
95 KB
4 ketikamaxwin.site
ketikamaxwin.site
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
72 KB
1 ampnusawin88.com
ampnusawin88.com
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
273 B
1 myshopify.com
2cf8f8-5.myshopify.com
125 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
31 KB
21 8
Domain Requested by
6 indo-sga.site ketikamaxwin.site
5 cdn.ampproject.org ketikamaxwin.site
cdn.ampproject.org
4 ketikamaxwin.site ketikamaxwin.site
2 connect.facebook.net ketikamaxwin.site
connect.facebook.net
1 ampnusawin88.com
1 www.facebook.com ketikamaxwin.site
1 2cf8f8-5.myshopify.com ketikamaxwin.site
1 ajax.googleapis.com ketikamaxwin.site
21 8

This site contains links to these domains. Also see Links.

Domain
gonusawin88.shop
Subject Issuer Validity Valid
ketikamaxwin.site
GTS CA 1P5
2024-03-28 -
2024-06-26
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-06 -
2024-04-05
3 months crt.sh
indo-sga.site
Sectigo RSA Domain Validation Secure Server CA
2024-01-15 -
2025-01-15
a year crt.sh
myshopify.com
E1
2024-02-14 -
2024-05-14
3 months crt.sh
ampnusawin88.com
GTS CA 1P5
2024-02-14 -
2024-05-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ketikamaxwin.site/
Frame ID: 2F45F64AE76439F174E85B0303A7C85D
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Nusawin88

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

736 kB
Transfer

1266 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ketikamaxwin.site/
19 KB
6 KB
Document
General
Full URL
https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:987d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8435450cc8f8a91470c20d6a492d479662851cf968569c828cc87122c5183e72

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b9f8a10cf08cd7-EWR
content-encoding
br
content-type
text/html
date
Thu, 28 Mar 2024 19:19:20 GMT
last-modified
Thu, 28 Mar 2024 14:28:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSyUIxL%2BSQ%2FlsUDjiplHlA3sIj26%2FwU1bI2g8FQCOXXav8zcPCb8IDeoZvY2q81UbOYlsms5zXHEfCTr%2FZXG6WDVmp4eo7%2B3q88Ti5%2F22BLEkrPDYfSn90nR1kHdI5yaezF3Iu%2Bln9yl3IugNZGUPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/
278 KB
73 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7494b7d3bd7ebd4397018fb47a1afaad0d91140252ccdc13ace040f63ae3c5d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 19:19:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73162
x-xss-protection
0
server
sffe
etag
"e1a7433a07fbec30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Mar 2024 19:19:20 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 16:17:11 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37b345c2e1c6f24a1575fd7a3bde15ae351328a519fd465db4ded4da649d80d9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 19:19:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4704
x-xss-protection
0
server
sffe
etag
"327fc9372ae57a0a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Mar 2024 19:19:21 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/
38 KB
11 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ecc1f69adb85b199a4b1fa8ad833de67280b142425015da302991cc340472a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 19:19:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11519
x-xss-protection
0
server
sffe
etag
"1192cbffefef8ab2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Mar 2024 19:19:21 GMT
stylesheet
ketikamaxwin.site/nordsec-r-MJG9JyBquBmhS9/
0
0
Stylesheet
General
Full URL
https://ketikamaxwin.site/nordsec-r-MJG9JyBquBmhS9/stylesheet?id=0K-I8kY1byAQ7rSE
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:987d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 19:19:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKWd5xCou%2FcmH5wYdDbMrnlXv%2B1o9mDWYUBd2MHTiH4sUqnAjPXGgClLWcSTWSi58d%2B%2BgzgfAxVtlWl9yCuzox%2BGuTgiA93BoYv66yGm0AhmdPudW5lNdqCZxMsiPV4nnCfUvIqwPKXZGrkLErqPqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
86b9f8a2b8139e02-EWR
alt-svc
h3=":443"; ma=86400
stylesheet
ketikamaxwin.site/nordsec-BAO344XUqCjEofBx/
0
0
Stylesheet
General
Full URL
https://ketikamaxwin.site/nordsec-BAO344XUqCjEofBx/stylesheet?id=rFmur0cSorxKBOTM
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:987d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 19:19:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zhx7%2Fv05pCrplU1SYWuNB2SdMXWFSVHteMc6xmaZDWQd3r2bVqJSrhIKqtJxTgykzZWE8gzpNqBysZPdHrpqlnM%2FW2xEBHtZbVtO6un5p9LG8M4cARsaU9z28cSl8vP4d9oHLtk4MOo1wJYEC6%2FQpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
86b9f8a2b8159e02-EWR
alt-svc
h3=":443"; ma=86400
stylesheet
ketikamaxwin.site/nordsec-4cpD96EkSlc8EqGC/
0
0
Stylesheet
General
Full URL
https://ketikamaxwin.site/nordsec-4cpD96EkSlc8EqGC/stylesheet?id=kt6xz1232JHq_INP
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:987d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 19:19:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j29UbLJ93fQ97tb1w0Zl%2BXk79EgNwdZFSn4q%2BPS0Jxw3nz%2FCAikgE5EHL82bZiWELPDpP79v3Hd4WkfD%2BGFxsZJj%2FkOwq3UNQfY6%2B9ttm525xafEWgULnQ6e59%2FpkvdUhavn4dRotIFq1dKTBMfsnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
86b9f8a2c8189e02-EWR
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Mar 2024 19:19:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=15, mss=1392, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
cTdGbQMGkKi4JRxZa5juq+0TKqgjgMSikhARffFtsm9a6nQGcFEBVo6PhEuvGmDAOXwpUeLTZ6cOVExe0Y2UsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
zeus.png
indo-sga.site/wp-content/uploads/2024/01/
61 KB
62 KB
Image
General
Full URL
https://indo-sga.site/wp-content/uploads/2024/01/zeus.png
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium154-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1dbe712edfc6b7d953b1f2d2016684afaac39e2cc01602be72633ef7aa506d43

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 02:31:31 GMT
server
LiteSpeed
etag
"f4e8-65a49903-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
62696
expires
Fri, 28 Mar 2025 19:19:21 GMT
sprincess.png
indo-sga.site/wp-content/uploads/2024/01/
57 KB
57 KB
Image
General
Full URL
https://indo-sga.site/wp-content/uploads/2024/01/sprincess.png
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium154-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
14f088071e00dd2e33b198796d8bec3556833c0b0273fb05087d6d61b872ae54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 02:31:29 GMT
server
LiteSpeed
etag
"e381-65a49901-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
58241
expires
Fri, 28 Mar 2025 19:19:21 GMT
sbnz.jpg
indo-sga.site/wp-content/uploads/2024/01/
88 KB
88 KB
Image
General
Full URL
https://indo-sga.site/wp-content/uploads/2024/01/sbnz.jpg
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium154-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
08cf93895d5f70881fc62c9e6181fccc95fc0b28a47982a022523d4bfc516aa0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 02:31:28 GMT
server
LiteSpeed
etag
"16089-65a49900-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
90249
expires
Fri, 28 Mar 2025 19:19:21 GMT
mw2.png
indo-sga.site/wp-content/uploads/2024/01/
70 KB
71 KB
Image
General
Full URL
https://indo-sga.site/wp-content/uploads/2024/01/mw2.png
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium154-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b18c5b872f5d2ba343fb0dcdd96759cdf7bb580a61cb70de50b697bb15874f63

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 02:31:27 GMT
server
LiteSpeed
etag
"11931-65a498ff-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
71985
expires
Fri, 28 Mar 2025 19:19:21 GMT
mw.png
indo-sga.site/wp-content/uploads/2024/01/
65 KB
65 KB
Image
General
Full URL
https://indo-sga.site/wp-content/uploads/2024/01/mw.png
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium154-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
135d42790512ab29ac3d677344f1ff6c9f953ee333c9a5c8b950b5b1b2e77fdd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 02:31:26 GMT
server
LiteSpeed
etag
"103a7-65a498fe-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
66471
expires
Fri, 28 Mar 2025 19:19:21 GMT
koi.png
indo-sga.site/wp-content/uploads/2024/01/
62 KB
62 KB
Image
General
Full URL
https://indo-sga.site/wp-content/uploads/2024/01/koi.png
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium154-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
e4847adc0c67a0db745c9c5a491fef848d1e8a45cd7495153ad10994c99b1e40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 02:31:24 GMT
server
LiteSpeed
etag
"f663-65a498fc-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
63075
expires
Fri, 28 Mar 2025 19:19:21 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012403142137000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012403142137000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7ed15f521ee86b63ad6b3454fa36cee32d8fa9293519db0477ded0afe883ffa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
Origin
https://ketikamaxwin.site
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 27 Mar 2024 23:32:46 GMT
age
71195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"82f1150541de42e0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Mar 2025 23:32:46 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012403142137000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012403142137000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dc762115b07cf20154e69d9aa7291f10a3dc8657a37c731d9e89914340dcb6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
Origin
https://ketikamaxwin.site
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 27 Mar 2024 23:35:27 GMT
age
71034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3927
x-xss-protection
0
server
sffe
etag
"35199fe22a6880b4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 27 Mar 2025 23:35:27 GMT
SLOTGACR.png
2cf8f8-5.myshopify.com/cdn/shop/files/
123 KB
125 KB
Image
General
Full URL
https://2cf8f8-5.myshopify.com/cdn/shop/files/SLOTGACR.png?v=1701004099&width=1920
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3db7c563bd308e7ebed07ec7ed050f4e2f7d7261225037b63b6f1f3d80053f
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:21 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
20135
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=576.431, imageryFetch;dur=99.044, imageryProcess;dur=476.723;desc="image", cfRequestDuration;dur=20.999908, ipv6
source-length
918107
content-length
126352
x-xss-protection
1; mode=block
x-sorting-hat-shopid
62301864090
x-request-id
8b0cffe9-778b-46a4-815a-7e532536aaaa-1711155891
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 23 Mar 2024 01:04:51 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Am5Ao6XfyqiSCV3ziX5flSDr4eZq%2BFysN6gmr56Po3h2xFkL0dKfgLPq9XOSPtBk%2FpSkG1VLf9Pp8HtV9mQ9HVwP%2BENmCADf%2BDoYAGgCPIqN3Nu6fKwEhUBaoezbMPoaFlB88ZzotodoIlBH2%2Bg%2B9NaEZys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86b9f8a66e73082c-IAD
x-sorting-hat-podid
153
1107007383869483
connect.facebook.net/signals/config/
63 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1107007383869483?v=2.9.151&r=stable&domain=ketikamaxwin.site&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6675f029eb85a0383523f257d42446642069702ffb79e668b819f4fd6600cc93
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 28 Mar 2024 19:19:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=62, mss=1392, tbw=63209, tp=-1, tpl=-1, uplat=140, ullat=0
pragma
public
x-fb-debug
LXYz2LL+WT6A485iYiIUk9FdCr/kksW51PxkmEW60OBhC5GL0VHnGZt6fPvp4CccOnUC3h09edYLgVS37hZYFw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1107007383869483&ev=PageView&dl=https%3A%2F%2Fketikamaxwin.site%2F&rl=&if=false&ts=1711653561641&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711653561610.450413736&cs_est=true&ler=empty&cdl=API_unavailable&it=1711653561376&coo=false&rqm=GET
Requested by
Host: ketikamaxwin.site
URL: https://ketikamaxwin.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 28 Mar 2024 19:19:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
faviconjs.png
ampnusawin88.com/amp/assets/image/
2 KB
2 KB
Other
General
Full URL
https://ampnusawin88.com/amp/assets/image/faviconjs.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:94e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2313cac2001108929544b8157d7d1640c3578456ccfc9d5047e5dd40ec95d2c4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ketikamaxwin.site/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:19:22 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 16 Oct 2023 18:54:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bn%2Bim7luk2CE215%2Fyd6BEC7wj5wRJTHBCH3dkq%2FprPaGsm0d64BBVA4MfkFub2hQbllYXSNxaQVx16tavPX6Qb3zODjqz5W2Fe3LKKQGooWzIOxtqWtJRMwuRKepLp3N0EodRxNYEg%2BNtPRH8aUj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86b9f8aceedd4261-EWR
alt-svc
h3=":443"; ma=86400
content-length
1946

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| fbq function| _fbq function| $ function| jQuery object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

1 Cookies

Domain/Path Name / Value
.ketikamaxwin.site/ Name: _fbp
Value: fb.1.1711653561610.450413736

4 Console Messages

Source Level URL
Text
network error URL: https://ketikamaxwin.site/nordsec-r-MJG9JyBquBmhS9/stylesheet?id=0K-I8kY1byAQ7rSE
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ketikamaxwin.site/nordsec-BAO344XUqCjEofBx/stylesheet?id=rFmur0cSorxKBOTM
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ketikamaxwin.site/nordsec-4cpD96EkSlc8EqGC/stylesheet?id=kt6xz1232JHq_INP
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://connect.facebook.net/signals/config/1107007383869483?v=2.9.151&r=stable&domain=ketikamaxwin.site&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cf8f8-5.myshopify.com
ajax.googleapis.com
ampnusawin88.com
cdn.ampproject.org
connect.facebook.net
indo-sga.site
ketikamaxwin.site
www.facebook.com
162.0.235.193
2606:4700:3030::ac43:987d
2606:4700:3031::ac43:94e4
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2001
2620:127:f00f:e::
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
08cf93895d5f70881fc62c9e6181fccc95fc0b28a47982a022523d4bfc516aa0
0ecc1f69adb85b199a4b1fa8ad833de67280b142425015da302991cc340472a2
135d42790512ab29ac3d677344f1ff6c9f953ee333c9a5c8b950b5b1b2e77fdd
14f088071e00dd2e33b198796d8bec3556833c0b0273fb05087d6d61b872ae54
1dbe712edfc6b7d953b1f2d2016684afaac39e2cc01602be72633ef7aa506d43
1dc762115b07cf20154e69d9aa7291f10a3dc8657a37c731d9e89914340dcb6f
2313cac2001108929544b8157d7d1640c3578456ccfc9d5047e5dd40ec95d2c4
37b345c2e1c6f24a1575fd7a3bde15ae351328a519fd465db4ded4da649d80d9
3e3db7c563bd308e7ebed07ec7ed050f4e2f7d7261225037b63b6f1f3d80053f
6675f029eb85a0383523f257d42446642069702ffb79e668b819f4fd6600cc93
7494b7d3bd7ebd4397018fb47a1afaad0d91140252ccdc13ace040f63ae3c5d2
8435450cc8f8a91470c20d6a492d479662851cf968569c828cc87122c5183e72
b18c5b872f5d2ba343fb0dcdd96759cdf7bb580a61cb70de50b697bb15874f63
c7ed15f521ee86b63ad6b3454fa36cee32d8fa9293519db0477ded0afe883ffa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4847adc0c67a0db745c9c5a491fef848d1e8a45cd7495153ad10994c99b1e40
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e