gerakanbiru.site.alt.gratis Open in urlscan Pro
162.0.215.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gerakanbiru.site.alt.gratis/
Submission: On March 10 via api (March 10th 2024, 5:54:32 pm UTC) from US — Scanned from US

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 9 domains to perform 56 HTTP transactions. The main IP is 162.0.215.8, located in United States and belongs to NAMECHEAP-NET, US. The main domain is gerakanbiru.site.alt.gratis.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 11th 2023. Valid for: a year.

This is the only time gerakanbiru.site.alt.gratis was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	162.0.215.8 162.0.215.8	22612 (NAMECHEAP...) (NAMECHEAP-NET)
9	142.251.40.225 142.251.40.225	15169 (GOOGLE) (GOOGLE)
16	13.225.210.185 13.225.210.185	16509 (AMAZON-02) (AMAZON-02)
15	172.67.69.59 172.67.69.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3033::6815:5e4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:987	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	8

3 162.0.215.8 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium181-2.web-hosting.com

gerakanbiru.site.alt.gratis	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.winslot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jerukijo.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.40.225 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.225.210.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-210-185.ewr50.r.cloudfront.net

dlmxz0etq5yy6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.67.69.59 (United States)

ASN13335 (CLOUDFLARENET, US)

api2-msl.imgnxb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::6815:5e4b (United States)

ASN13335 (CLOUDFLARENET, US)

questairforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

nx-cdn.nx2wl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:987 (United States)

ASN13335 (CLOUDFLARENET, US)

jp-api.nexus2wlb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cloudfront.net dlmxz0etq5yy6.cloudfront.net	845 KB
15	imgnxb.com api2-msl.imgnxb.com	21 KB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 397	153 KB
6	questairforce.com questairforce.com	100 KB
3	nexus2wlb.com jp-api.nexus2wlb.com — Cisco Umbrella Rank: 76057	329 B
2	nx2wl.com nx-cdn.nx2wl.com — Cisco Umbrella Rank: 111353	92 KB
1	jerukijo.site jerukijo.site	168 KB
1	winslot.net www.winslot.net	7 KB
1	alt.gratis gerakanbiru.site.alt.gratis	7 KB
56	9

	Domain	Requested by
16	dlmxz0etq5yy6.cloudfront.net	gerakanbiru.site.alt.gratis
15	api2-msl.imgnxb.com	gerakanbiru.site.alt.gratis
9	cdn.ampproject.org	gerakanbiru.site.alt.gratis cdn.ampproject.org
6	questairforce.com	cdn.ampproject.org questairforce.com
3	jp-api.nexus2wlb.com	questairforce.com
2	nx-cdn.nx2wl.com	questairforce.com
1	jerukijo.site	gerakanbiru.site.alt.gratis
1	www.winslot.net	gerakanbiru.site.alt.gratis
1	gerakanbiru.site.alt.gratis
56	9

This site contains links to these domains. Also see Links.

Domain
jari.gg
s3-ap-southeast-1.amazonaws.com

Subject Issuer	Validity	Valid
*.web-hosting.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-11` - `2024-04-05`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
winslot.net Sectigo RSA Domain Validation Secure Server CA	`2023-10-01` - `2024-10-01`	a year	crt.sh
jerukijo.site Sectigo RSA Domain Validation Secure Server CA	`2024-02-12` - `2025-02-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
imgnxb.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
questairforce.com GTS CA 1P5	`2024-02-21` - `2024-05-21`	3 months	crt.sh
nx2wl.com E1	`2024-02-04` - `2024-05-04`	3 months	crt.sh
nexus2wlb.com GTS CA 1P5	`2024-02-18` - `2024-05-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://gerakanbiru.site.alt.gratis/
Frame ID: 7E2209BF3781211B3FA0551F00F87452
Requests: 52 HTTP requests in this frame

Frame: https://questairforce.com/amp/iframe/jackpot
Frame ID: 2A95676B6251B88DA05F4A31A204C0C2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Temukan Situs Slot Gacor Maxwin dengan Koleksi Game Slot Online Mudah Menang

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

56
Requests

95 %
HTTPS

43 %
IPv6

9
Domains

9
Subdomains

8
IPs

1
Countries

1395 kB
Transfer

2156 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://jari.gg/petir
Title: Pragmatic Play

Search URL Search Domain Scan URL

URL: https://s3-ap-southeast-1.amazonaws.com/apkstore888.net/WinSlot/winslot.apk
Title: Unduh

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gerakanbiru.site.alt.gratis/ 37 KB
7 KB 318ms
82ms Document
text/html 162.0.215.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium181-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: ba7c10ee318871f42ba6e765e929f176d8ea82888c29829e2fa81b03b3ddea05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 7023
content-type: text/html
date: Sun, 10 Mar 2024 17:54:24 GMT
last-modified: Sun, 25 Feb 2024 10:16:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 349ms
28ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

d1ca726e11d5b85e441ddc6515ff38ee3624f1e6276e2ca7bfceeab75d313ced

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73135
x-xss-protection: 0
server: sffe
etag: "cd91c03a00c56b46"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:25 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 345ms
25ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

9ce41807c2c5b0440c91ae1cdb3a9027885f98ed3d738a94fafa5e8725f16961

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11509
x-xss-protection: 0
server: sffe
etag: "adc1f2fc93e4b3ab"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:24 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 328ms
23ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

6b0e8f6079654d7d65f4e52152805a8a439b565d13afd79a53e5e3e0ea719a26

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9640
x-xss-protection: 0
server: sffe
etag: "463265abf44bcbb6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:24 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 326ms
22ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

6e5c241fd7258f5ff5f5925e26d4e25624eb7336290b6e2d1b61e352a241ff13

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2467
x-xss-protection: 0
server: sffe
etag: "c89087186a2988b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:24 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
10 KB 326ms
21ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

87a8b4f917f595fb559feec23a977d0bba4fbc18cf0b28b7cd900e68dc10f052

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8919
x-xss-protection: 0
server: sffe
etag: "66997c951046a7c3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:24 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 330ms
26ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

8fd4b10982ee43ef773d7ea50ae02542669d37b148b4dd90cc028d2356a3474e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8548
x-xss-protection: 0
server: sffe
etag: "c80b2ed5c21744d0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:24 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 20ms
18ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

7ea533fd7e01c5d5e5e36918152c348f9ec7bc7c8990f079c6e270a747216a57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32201
x-xss-protection: 0
server: sffe
etag: "bafffe5800bf9ecb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Mar 2024 17:54:25 GMT

GET
H2 200 WINSLOT.webp
www.winslot.net/ 7 KB
7 KB 274ms
86ms Image
image/webp 162.0.215.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winslot.net/WINSLOT.webp
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium181-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a801ee9f1fa0648fa2a6567ce382f9794c7b5d43bfaf831d0cb8fa84071f3bb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:24 GMT
last-modified: Sun, 01 Oct 2023 04:30:25 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7236
expires: Sun, 17 Mar 2024 17:54:24 GMT

GET
H2 200 Top%20Slot%20Gacor.webp
jerukijo.site/ 168 KB
168 KB 297ms
78ms Image
image/webp 162.0.215.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jerukijo.site/Top%20Slot%20Gacor.webp
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium181-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: d76baeab286c791238f74507726503241ec7d7541a2c9bcb856dd4beb585ac26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:24 GMT
last-modified: Tue, 13 Feb 2024 03:31:57 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 172110
expires: Sun, 17 Mar 2024 17:54:24 GMT

GET
H2 200 download-apk-background.png
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/home/ 131 KB
133 KB 1107ms
757ms Image
image/png 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/home/download-apk-background.png?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

51aa45ab288d2904468b3484a8fe3ce620a008bc716918727eef5b07a833c7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 134153
x-xss-protection: 1; mode=block
last-modified: Fri, 07 May 2021 05:00:40 GMT
server: cloudflare
etag: "08cefecfd42d71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1TLaw9e%2Fvl%2FKlUVWEnULN%2B6nj4EcI12oO0lGwqHhETy6DT0i6UjF%2B5tVBvKZl5zdn6rDTMmw56JUeo4fmmYWXvJDx7UrUkGWv9OSJ%2FLv0AzWYo5Sbj0uuoDlri0lHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7dff2f3fbf-SIN
x-amz-cf-id: dd_IwDkLqruzZA-WE5-yPAV1GVzOhQbLrfWEBNQM_egXUMJUxqbGYA==

GET icomoon.woff2
www.winslot.net/fonts/icomoon/fonts/ 0
0

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c67a5172b579d71e5e488b0d74114a908b94009c50307c4fe7950cf0b40acd47

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 597a4d8f07e81fa602193405e26c037c9dd4e605ab8f36e371ae0855362e28f2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 417d52512644c1c23d0e639990c258c14c2aedc8832aa25d863b4fc12dc547c4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba8b6b5a4fc6bcc8a93550c43b0ca8bb2cec85a7cc03c9d6e00a1d44d3af17de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 hot-games.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 2 KB
3 KB 793ms
765ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/hot-games.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

851c61662592e02623c5868a99399cc88df050f8bf1a864007e29763db6b42bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 1767
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:22 GMT
server: cloudflare
etag: "01ce6175c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJlX3qMxDHjQD0C6%2FpmYnCHfCWGX4r3LvSPT7HNrw5OyQ6rnCLVzSnnsnUzj9DZcah8HhFJbYED4lGUEU7UwmtYJxJ50TEW9tYTper9Bde98QwQtoKF6ygrB7wKm2jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7e9dd68343-SIN
x-amz-cf-id: DP0zPDWnEYz0j6-Xr5Ts_aTTgB6-Pm9GhAJws8o1QoRzHfahDGf2LA==

GET
H2 200 slots.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 3 KB
4 KB 787ms
759ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/slots.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

7594035a66ca12f67265c60d8606a5d9b1fa220872d984cde7fdb412cbf742ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:22 GMT
server: cloudflare
etag: W/"01ce6175c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLcqMh1ucGJSxj1beUYn33XakO7MS3K%2Bcraizzsqwezo82JhuhejGfPzku8%2BwnCiDcrue8hdM0Sgqru9ZeJrZT7TW%2FA801r2iDH%2BW5MOGpRfZuS1Y6YMWBkG2w9QWU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 86252b7e9b49a138-SIN
x-amz-cf-id: 0i7Vt8Kc47yGxcQ9bwbte6bkkPHCBYxMyWj4oHdSsoprvaq3aNMwzw==

GET
H2 200 casino.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 4 KB
5 KB 799ms
772ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/casino.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

0af21d73241cf47a6eb53c067f9ffdcd1781972f0da1d6353bb0b1e505033cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:22 GMT
server: cloudflare
etag: W/"01ce6175c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9%2FBzdkboKZSRuLiDiXetoojtZYORlpMe1dS%2Fb%2FqV%2F1qU7GtUp2NXDrkPzQAsmisUyQhmv6b57xJia9%2FEZWXa5Jg7FX4JQnrs3M5sHHavqOh6H%2BwpS0ZGoHdP%2BPteGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 86252b7eb94c8bc9-SIN
x-amz-cf-id: wBwxwogQOdSa402HXroUJ7t00v8qDS_iQQLxm3w8xnL6uTNTrIpLAw==

GET
H2 200 sports.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 2 KB
3 KB 795ms
768ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/sports.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

f36155873687d322061c1be122e0e6dbc7bca29949a451982c59137ab49f07e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 2017
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:22 GMT
server: cloudflare
etag: "01ce6175c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SclFJNkEHppVuLwgJyurkrLXp7eGJoMhP89d%2B%2B%2BM%2FzTpGZu4Av%2BQmcoTdTHveBKDoCrfC3ZHbcnlG8VLOaly85hMFWLVOrbNJGn1CNw6Kqvb%2BGZch9Wa2CYaogJ7U3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7eacec3f61-SIN
x-amz-cf-id: Wvf2LoAkEG72gnfLqT9SAEqOXVzXTVAsqkaKIqudyKQBTXeaTH4C-g==

GET
H2 200 crash-game.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 3 KB
5 KB 789ms
762ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/crash-game.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

7694a8dfa750568eddaba281d9c2ff0368cdbbc24d4606242df0abea49b73de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Aug 2023 17:17:32 GMT
server: cloudflare
etag: W/"05e7b52ed1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJ8%2FjvoM06iFRhWtFjuc%2BRyWMy7zoMZO1ewBR7NIvsTFSK0eX7bHH7xtyRNS1cK%2BYZRIicSY9JQ0xKDvRMNAMfojlw3t%2BPQl6a233CjlOwalRybOalCZY%2FHVQ2oOQeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 86252b7e9ca25f54-SIN
x-amz-cf-id: 2-sfc1XZSsmvYPh8KNdb3t7pJUZuO3gG0ivp6S53rvoUimXHVhYvwA==

GET
H2 200 arcade.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 1 KB
3 KB 804ms
777ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/arcade.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

4d676565bde99eca6ace6fddec27f5b2d874a52ba3f98208ad85984b27f54ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 1076
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:22 GMT
server: cloudflare
etag: "01ce6175c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrOcq%2BICoY7%2FnvLEuIlWLKoO%2FymfFtWKX03oCvsWq6ZM2dX4oxnXJi9A1Rk4lZ6Got4lIOdymLdMvdLQuoE2BsrTKuyCgEDtKu5XeKV36i97I3p%2BjqlJoAYigzuBl6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7eca5d898f-SIN
x-amz-cf-id: V4K76dkNIFJZfNXO3G4iWNClM2a4cN4pBVL2wzY-fWVifJP8IebNCQ==

GET
H2 200 poker.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/ 2 KB
4 KB 800ms
776ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/menu/poker.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

1109ec10def03dfa3972bb0c067ae344cee8fd4fa24c9d1a5ecca2f7cbfe3930

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 2095
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:22 GMT
server: cloudflare
etag: "01ce6175c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtEWuGdIulxrhAHQk3uIQj7%2BBgT%2F2thTy75mwIYTk49%2BPdWqdAmzNMSSkidZkXAg%2Bz6Nk%2BP1V6KRz0lNWRtLViKBYEADEB2f7o6qi%2FApLxHHIO%2Bvlvu63hDx%2B8A4eeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7ebc3581a8-SIN
x-amz-cf-id: 1cMZCX0eO8JMNq7hXObqi_A-u-CrQ5YVbFuBOZgvi2Bu7WTdy8bmyw==

GET
H2 200 home-active.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/ 1 KB
3 KB 802ms
779ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/home-active.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

17769c0c79f010cfca9aaae364a4de7e82b3f9cb316464feacda1c65a968e9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 1182
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Nov 2020 20:35:02 GMT
server: cloudflare
etag: "05f394758c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWtJ17cpnj8YUO97qVgZABvdo1BWFBO22N3tmXY3yWZfbQduaM5rmBwVFd12UebYUOrDk0n4BnkfEfSi6EcoRxE9hmnsPcQ3L5z9J1h8rqkduB70Fh0%2FzNuRTQIGPbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7ecb054733-SIN
x-amz-cf-id: Q3OnLCnKubXl2nWyzMlnSx9rlTSmULelQFrHaxx2ZFQ4kMd33yFeQQ==

GET
H2 200 mobile-app.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/ 1006 B
2 KB 790ms
767ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/mobile-app.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

7d7f7530e7b987b396c1e87f7cb582020cb878befd9baecb8b7ac2ad17a11370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 1006
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:20:26 GMT
server: cloudflare
etag: "0c99232a066d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZxmVh%2Fai5%2BidnFQxt0Adc0X3pH5ZHf2r4jLoFpEQsV59S8h9pmePIFz%2FTQogQw12LmoE2cNfrLqLEZh5JpQSh1d2ytvFm0DhIFsfxQQ0f%2Bgssw%2BO%2FPlQlqWysp9Tsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7e9f27a3f4-SIN
x-amz-cf-id: qwCwsFkFrwiNEW5JbyXzxn27Uvbpqa25_wyRGEcgfhXurny7kkx3zw==

GET
H2 200 login.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/ 3 KB
4 KB 780ms
766ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/login.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

5b9bfaec13c20ec2346bbf54d0ce3734cea3d3b74acd411a61fb996e6128b2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:20:20 GMT
server: cloudflare
etag: W/"042ff2ea066d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2EWxZ3ca7EBgMW6quEr2f0pKX12uI5dHpmOW6s8mQotr7TVPUoepOCf%2BEhzuDrWw3Pdmn5iASKIsmTrIRELzwvkLZn%2FxEb8LZ%2FMvMB0L1n8uSH3NzcKjbHVih4Ajck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 86252b7e981c3dab-SIN
x-amz-cf-id: ITs22oNa2ys81QoVumRBtY7pG6zsUOxXC3FMeHk6ZN1CXF8tjKlO4A==

GET
H2 200 promotion.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/ 3 KB
5 KB 786ms
773ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/promotion.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

b86c9b10bfcb5ba985ace15206f49c7bf7457dec857b6c29133b350bf0e56d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:20:42 GMT
server: cloudflare
etag: W/"0311c3ca066d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B3Dwnc87U0ahCPmlrZdKwByMbAt22EgtWCAolmr9NEoRQse5ehytVeudeTYxMTRG8jKWsxUqKiLQe1GptNzFxdhlHffhBkvLhnE1fIwl0PnEgX22ahev%2FZXzEgefik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 86252b7ebce54bd4-SIN
x-amz-cf-id: OOsT61z3TxHMtc4XdcY7R3eodIdavOiKO4uQ1iiNNND_XXs1dDQGGw==

GET
H2 200 live-chat.svg
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/ 3 KB
5 KB 764ms
758ms Image
image/svg+xml 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/layout/footer/live-chat.svg?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

170a763f6eae45592966eace6d1856516cd1992fe57ad9fb3179f53ec857e281

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:20:02 GMT
server: cloudflare
etag: W/"0ad4424a066d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uFZWb%2FThDbxhYN%2BCPRVMgSLM39nCHbaGrwQ7TtlepirQn6t60tUJDg2aGCGb%2B0FNqUN1EIyiY%2FrxN5KbyfXYh8fuuuOi7J7es%2B5wk8sMNNVq278ThTc0%2BdXvzpuqv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 86252b7e9814919f-SIN
x-amz-cf-id: Zs88NVr1CbmRO-xJStf9u6OaIHYw2wThfX_-j_5qNjd2gjGuiAPEhw==

GET
H2 200 download-apk-phone.png
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/home/ 446 KB
448 KB 779ms
773ms Image
image/png 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/home/download-apk-phone.png?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

bf2deab9ced0668e429c766248d59f8bc284b62e50f3fe1fd0d947b75720e8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 456557
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 23:29:04 GMT
server: cloudflare
etag: "0208a6c744bd71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BhHFDe8yFybrTpYWhQUIBo9NPuqYlXQJOZ2R71bmprkf3fp0U5PCJZu2s7aoNyTZIM9EuxeUffQbkDvrMMLU4wK71oDK8b7yD3Fm83tP6kaCQkOuEhQGspRk5dEzvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7eb9264c23-SIN
x-amz-cf-id: lsHl4_ZWbui6aoylwIuJ-AxIn7Eqm0Px9i6xIbF2rqEykGvaKWYfGQ==

GET
H2 200 android-logo.png
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/home/ 12 KB
14 KB 337ms
332ms Image
image/png 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/home/android-logo.png?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

78b03444c9b9c107014a6e43864e3e1a481407bd8b27f48b54bfdfe1256806da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 12648
x-xss-protection: 1; mode=block
last-modified: Sun, 16 May 2021 19:36:06 GMT
server: cloudflare
etag: "0d796b68a4ad71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnoMmDpGjaoCwA%2FapAp56hHu3yHlajx3f9P%2FBpYkKNtvXO4Furi382F9%2FrAL9YuAw02XMgUXIkCihLvgur6Lljy1j7FAK%2BTMa8WoAQp53zDhzJ21e0mdgXzPOKfeCzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7c0df946c7-SIN
x-amz-cf-id: qhpD-d0s8TuzjKsGQhRpUJte7PJNJ5A8MQkbC5wrVTneC-4Nhiqung==

GET
H2 404 Facebook_4ed208d0-8bdb-4f48-a691-a8b35ae4a433_1703574922301.png
api2-msl.imgnxb.com/images/ 0
0 814ms
457ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/Facebook_4ed208d0-8bdb-4f48-a691-a8b35ae4a433_1703574922301.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 404 Twitter_6ece2240-3608-47d1-8b98-2864acd9a3c8_1703574922348.png
api2-msl.imgnxb.com/images/ 0
0 758ms
401ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/Twitter_6ece2240-3608-47d1-8b98-2864acd9a3c8_1703574922348.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 BANKJAGO_f79779cc-3fe6-4a92-8d92-50eeeb60ff28_1686043445047.png
api2-msl.imgnxb.com/images/ 2 KB
3 KB 819ms
463ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/BANKJAGO_f79779cc-3fe6-4a92-8d92-50eeeb60ff28_1686043445047.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c3cb1cac29c07d82cd8da34ed472086cfd9e323dc2a8fb28ce398633ffc63fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 13 Dec 2023 23:34:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1cf2f5e11c2eda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8foTHU5BkLK5%2BMA57Bj1NMZjWCIjU0F5gLHl84EyD8YAUQA2HBolxjrnOs85%2BPEaP5iB0OSa26Y8Y%2BZkCiEvoCczKnayJw61YUrZesAVFZQ5ujMnJZK8lznmRjx%2FWqd9x9kTm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b7d6ab4428b-EWR
content-length: 2155
x-xss-protection: 1; mode=block

GET
H2 200 BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1703283151360.png
api2-msl.imgnxb.com/images/ 3 KB
4 KB 820ms
464ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1703283151360.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb4afdef7fe88dd5a5c7de86d014ef721d80e7f7504fbeb05149f78ae4ad19f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Fri, 22 Dec 2023 22:15:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cf95e572435da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grpdGB1lSoJfRrQxHbLh%2FgZMvr0Fv9mtzPxZPel3lMvkM901dSTH5PnzVjnq6je28IC8PzxP9t55IGkDYYgOAXEzot96NJOrfsPHv4rmrQeXFTZGcSaVN1RoMLJnu2tx5UZoUls%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b7d6ab6428b-EWR
content-length: 2861
x-xss-protection: 1; mode=block

GET
H2 404 BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1701300627080.png
api2-msl.imgnxb.com/images/ 0
0 760ms
404ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1701300627080.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 404 BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1703543022643.png
api2-msl.imgnxb.com/images/ 0
0 759ms
404ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1703543022643.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 404 DANA_0227a47c-05f8-4e2e-ac18-3a5d0b564df1_1686044141627.png
api2-msl.imgnxb.com/images/ 0
0 470ms
467ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/DANA_0227a47c-05f8-4e2e-ac18-3a5d0b564df1_1686044141627.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 404 DANAMON_59329282-588d-4d93-9f58-1e202f3af526_1703543028377.png
api2-msl.imgnxb.com/images/ 0
0 375ms
371ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/DANAMON_59329282-588d-4d93-9f58-1e202f3af526_1703543028377.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 GOPAY_39944ecb-7f66-4259-ba2f-d46b06bd2b86_1686044178953.png
api2-msl.imgnxb.com/images/ 2 KB
3 KB 372ms
368ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/GOPAY_39944ecb-7f66-4259-ba2f-d46b06bd2b86_1686044178953.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f5a8f5e26569fec2463cc25432cd74f62091d3d22caa3ec1c6bf5d643932f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 13 Dec 2023 23:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c3f04ee21c2eda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZpstPziH3d4SIQ%2FN8K9IxW3iyFDTv8xLyxfaYKrvfBZrnmAgDboYqA66X9pYAIlEnUwxAXmYFmigG5dXlhhmAwm3Sn8Yh1ErtqKEG9I8BWBwfD6Hn0SrZYXNAUGghZeYc18Ors%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b7ffd39428b-EWR
content-length: 1998
x-xss-protection: 1; mode=block

GET
H2 200 LINKAJA_84e99d62-b308-478b-9d9c-0b374cd06f32_1686044194960.png
api2-msl.imgnxb.com/images/ 2 KB
3 KB 466ms
462ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/LINKAJA_84e99d62-b308-478b-9d9c-0b374cd06f32_1686044194960.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eda07754773ce0487e309628fe2f57caa2c61f930a585fcf8a857ec3b920618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 13 Dec 2023 23:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1dc660e21c2eda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3eBJR9kAABZiAw6gJtJWRg03xKCo0vtBijIUoHdL3S0%2F%2BVlmawF0JqwAQ%2FLalmcynuOawwX0EzUaTaf3Ro0XfTb9SAUACvqx1xwCMLepaIqmSnRo0CbPub4xiKyTpoQ0f%2Bd%2BBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b7ffd3a428b-EWR
content-length: 2395
x-xss-protection: 1; mode=block

GET
H2 404 MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1703543033297.png
api2-msl.imgnxb.com/images/ 0
0 376ms
373ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1703543033297.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 OVO_f148b5ea-5fea-4eec-ad57-a14580ced234_1686044245663.png
api2-msl.imgnxb.com/images/ 3 KB
4 KB 375ms
372ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/OVO_f148b5ea-5fea-4eec-ad57-a14580ced234_1686044245663.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7099cc311b4c22f024592756a725781fed6e11fda13c00e222380d6c50e219e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 13 Dec 2023 23:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6cf87be21c2eda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwzFLLk7aZUPv%2Batt8yZV9jrsXRKfdDlNZlKfkBI0QlCGzijgo23j6chYm%2Be8USYmIJ89e0leGjJx0jg%2FLNqrj7yOvl2kAW0BbAKc%2Bh%2BVqYxkVQiw%2BYl01IomDf7FMKcXc6PoH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b7ffd3d428b-EWR
content-length: 3270
x-xss-protection: 1; mode=block

GET
H2 404 PERMATA_9e978722-e854-4582-8194-e79a1697ad8a_1702482443290.png
api2-msl.imgnxb.com/images/ 0
0 380ms
376ms Image
application/json 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-msl.imgnxb.com/images/PERMATA_9e978722-e854-4582-8194-e79a1697ad8a_1702482443290.png
Requested by: Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 QRIS_1a1518b7-45cf-4f20-a388-07c3d5c078b2_1699331031233.png
api2-msl.imgnxb.com/images/ 1 KB
2 KB 380ms
377ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/QRIS_1a1518b7-45cf-4f20-a388-07c3d5c078b2_1699331031233.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76c46c464a856702728b5abb6e1dde8e2243bf183398ea2d7db2284cc73a7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 13 Dec 2023 23:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eb2e93e21c2eda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUNU2bvmbu8ok1zmL%2FMLxzmaLGbo3B%2Be9%2BPAGUV07iEJLxd9k0K7HmPxfdHA8BDGglzAd2HOIkt%2ByQQYch%2BPCfk3zlUJ4QJe9714zaFWWpXnuQY4eWD8F5MhLJY0jbZqxcUGgr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b800d51428b-EWR
content-length: 1519
x-xss-protection: 1; mode=block

GET
H2 200 SHOPEEPAY_29ed9159-0659-487c-8493-342110155cc2_1686044305010.png
api2-msl.imgnxb.com/images/ 3 KB
3 KB 382ms
379ms Image
image/png 172.67.69.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-msl.imgnxb.com/images/SHOPEEPAY_29ed9159-0659-487c-8493-342110155cc2_1686044305010.png

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aba6c1fae300b43c35f622d84de45feb9bd725e90de52a8db1fb3819fbd0990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 13 Dec 2023 23:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2ce599e21c2eda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IstwoTorChP6T6g5MFtCag2REexhUODU9%2FWFLf1GNphXKyLTmEC2k%2FfxmGZ407bhjr2rzOJHNz9G2wZYd8WzNFMXCVeuFcv3QCJa4pSlsyBBobQ0x1BFFOmKVydKOU0YK3B1rPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86252b800d53428b-EWR
content-length: 2879
x-xss-protection: 1; mode=block

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 8 KB
3 KB 324ms
9ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gerakanbiru.site.alt.gratis/
Origin: https://gerakanbiru.site.alt.gratis
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Mar 2024 22:10:40 GMT
age: 157425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "459060a7c7670829"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Mar 2025 22:10:40 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012402231941000/v0/ 12 KB
5 KB 298ms
7ms Script
text/javascript 142.251.40.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402231941000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.225 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f1.1e100.net

Software

sffe /

Resource Hash

667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gerakanbiru.site.alt.gratis/
Origin: https://gerakanbiru.site.alt.gratis
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Mar 2024 22:30:09 GMT
age: 156256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3947
x-xss-protection: 0
server: sffe
etag: "96d416c5baf5a1d0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Mar 2025 22:30:09 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 jackpot Show response
questairforce.com/amp/iframe/ Frame 2A95 1 KB
2 KB 707ms
398ms Document
text/html 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://questairforce.com/amp/iframe/jackpot

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d2c0f0daa910e0b9e158025356598eb12a3322d2537b34c7c10f405582ee49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gerakanbiru.site.alt.gratis/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 86252b7d9c8a19f7-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 10 Mar 2024 17:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pENswQbIe4bn7VpQLmqZDfkB9XWplVKYv%2BuTNha1kz7qm5Jl1sAGcDeBiTKMPAvsdAQnyS6ojo%2BKKyFHBpioILgweHxs2ZEkPrIpPWgRuomBfOJr%2FU%2BRcq7qGYDrchJWBS6zoBQQQF1%2FAiGkolxQ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp-animation.gif
dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/jackpot/ 204 KB
205 KB 733ms
732ms Image
image/gif 13.225.210.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlmxz0etq5yy6.cloudfront.net/Images/nexus-alpha/red/mobile/jackpot/amp-animation.gif?v=20231212-1

Requested by

Host: gerakanbiru.site.alt.gratis
URL: https://gerakanbiru.site.alt.gratis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.210.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-210-185.ewr50.r.cloudfront.net

Software

cloudflare /

Resource Hash

385d392ed395a8b72f438717309495513adeaf01480df34d7833648ad2418dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gerakanbiru.site.alt.gratis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:25 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
content-length: 208465
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 01:48:06 GMT
server: cloudflare
etag: "08f20619931d71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1EeNrQLzN8hUmkZ8BX7xJmSWl8tQutlO%2BK5YlNZJinxY1pO5KNjAd%2FReXGfMuf%2Bgr2mb4oNsPaEeDoouyFqnN3YWB%2BB1DDWNbIBP%2BluM9anZgVvycA3JK25J2yQkBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b7f0c9d8970-SIN
x-amz-cf-id: T3k23CF9O_x7jRPHpWxHKdqSQRzXJVa5wuCiU40QDEaTwbHISF9ZuQ==

GET
H2 200 mobile-css
questairforce.com/Content/Home/ Frame 2A95 157 KB
29 KB 375ms
373ms Stylesheet
text/css 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://questairforce.com/Content/Home/mobile-css?v=C7X7tVUeagWtyZb0mnLcsTnQ3_wmM9BraETShHASyYw1

Requested by

Host: questairforce.com
URL: https://questairforce.com/amp/iframe/jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

572ea4e9024f08a9b001269a139dd61eca5a04dc49fb7d7f25c3fb8dfc332f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questairforce.com/amp/iframe/jackpot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 10 Mar 2024 17:54:26 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpHZEutXf3LeU76kRJAG%2BfDfsTXbsvfSJ3V6hiQxmc%2BtHyHRqQePkI9220Foln6T%2FFJtmETMjcyFeDLnv1O9XpY4BsouWxA%2B7g%2BaXRLlzMrv4nzv1oxrL9TfWvD%2BaqOISBW1uaQ582aR3aBV1v7Erg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 86252b802e6319f7-EWR
expires: Mon, 10 Mar 2025 17:54:26 GMT

GET
H2 200 mobile-red-css
questairforce.com/Content/Theme/ Frame 2A95 22 KB
6 KB 216ms
214ms Stylesheet
text/css 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://questairforce.com/Content/Theme/mobile-red-css?v=MoFAk0hY4N8-dCtw6-P78214sGpBARedxzQUQCp0c8c1

Requested by

Host: questairforce.com
URL: https://questairforce.com/amp/iframe/jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbcc4bcb7f72680b0dfe69fbc56fd065ed32a2565b3379d75dddc91219c1fde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questairforce.com/amp/iframe/jackpot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 10 Mar 2024 17:54:26 GMT
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REYJZDcygyQFiff4t6xLeG8DxoTM7Njko5IxvgucPGqvMABXeqjUT7UeOho2ZdzgdEeoc6h02w6r0rvkDC5ylFVBbFj%2F7v%2FlvTcjRi0vnCJwgrC2105YGlqiCpaNX8QHO2h5WACl4A9Fay5xFdvyrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 86252b802e6419f7-EWR
expires: Mon, 10 Mar 2025 17:54:26 GMT

GET
H2 200 main-jackpot-js Show response
questairforce.com/bundles/Amp/ Frame 2A95 93 KB
35 KB 481ms
481ms Script
application/javascript 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://questairforce.com/bundles/Amp/main-jackpot-js?v=Ucx_c8Kr3mdGVw7Ew6Y6mqs6QYmKZR_YVxY1hfvf9xI1

Requested by

Host: questairforce.com
URL: https://questairforce.com/amp/iframe/jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a84f05f14de0bb0635ee6e8db741d7355b1a6928379c372f3ef3d218305fe366

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questairforce.com/amp/iframe/jackpot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 10 Mar 2024 17:54:26 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXoNbDbfWX0zqC%2FNIRVn1Eawu8XRax0LijGVKkYzo3KC9v4R1Qx%2Fsn0tMOXJ%2BVHQKqJQ9J9zAPAX0IEHG2I6pD%2FOLIpo3ZcqXr0kV3mbVGqJBykl4eEwQXNlPf0uiOELTulQsPNTEQ0bxu%2B4UKR7Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public
cf-ray: 86252b802e6719f7-EWR
expires: Mon, 10 Mar 2025 17:54:26 GMT

GET
H2 200 jackpot.gif
nx-cdn.nx2wl.com/Images/nexus-alpha/red/mobile/jackpot/ Frame 2A95 41 KB
42 KB 221ms
179ms Image
image/gif 2606:4700:3030::ac43:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.nx2wl.com/Images/nexus-alpha/red/mobile/jackpot/jackpot.gif?v=20240219

Requested by

Host: questairforce.com
URL: https://questairforce.com/amp/iframe/jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46d95e324944afeb891dc379e36cc27a330a4e70669b34e9cf9ad9ee291b461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questairforce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 42046
x-xss-protection: 1; mode=block
last-modified: Sun, 17 Sep 2023 21:19:30 GMT
server: cloudflare
etag: "09d3ca5ace9d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDNHik6LQ0R3uM03nJtb6Eqa76QgKtphOMAZlst4Doe0jfW%2BCtSeC8DS0%2FWGnvywsOMAIhrghiwEvJjnC0EzHzJAStlw3yArVTqBYDpPlx9X36l7Xidw4SSjid3cr8xgQasKo%2F%2FZr0Q6rtVXSLwv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b808dac18f6-EWR

GET
H2 200 jackpot-play-logo.webp
nx-cdn.nx2wl.com/Images/nexus-alpha/red/mobile/jackpot/ Frame 2A95 49 KB
50 KB 218ms
177ms Image
image/webp 2606:4700:3030::ac43:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.nx2wl.com/Images/nexus-alpha/red/mobile/jackpot/jackpot-play-logo.webp?v=20240219

Requested by

Host: questairforce.com
URL: https://questairforce.com/amp/iframe/jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc6eeae46423b2418e10c891757397901e92c5b3bd42d22c76ef475980cd5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://questairforce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 50028
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 02:42:56 GMT
server: cloudflare
etag: "0b8f0286cebd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDfzIy6J9SURmdqCwMWYhKbyiwDPJAevx7ZQNtDMkNfDpYfrFdWbypeUZRPLzrIBKXPqwPqXXvIthnCC5bbU%2BvwhwrWmNlz%2BBrt2p0HRYvLNX5ww7VPjud%2BwXO3ekesPrb0mvNeohY7csp2g4rZV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b808dad18f6-EWR

GET
H3 200 digital_sans_ef_medium.woff2
questairforce.com/fonts/ Frame 2A95 19 KB
20 KB 549ms
549ms Font
application/font-woff2 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://questairforce.com/fonts/digital_sans_ef_medium.woff2

Requested by

Host: questairforce.com
URL: https://questairforce.com/Content/Home/mobile-css?v=C7X7tVUeagWtyZb0mnLcsTnQ3_wmM9BraETShHASyYw1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://questairforce.com/Content/Home/mobile-css?v=C7X7tVUeagWtyZb0mnLcsTnQ3_wmM9BraETShHASyYw1
Origin: https://questairforce.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:27 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18996
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Feb 2024 08:32:04 GMT
server: cloudflare
etag: "09a789eb260da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eznYTskaCAWY7LqCjPvlFVe77p3VJbM4aXdmoYTSrhgUXmdAYZqRhZnEBIhqE4uxKX%2FJ8rlFyf7TLQIWNwkD1gT2%2FReFEWDnG8EhYDq%2FQw0PeTMw66lHvAUFHZaqn92H%2BmzlrNKyU2E5RWssmU%2F3QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86252b840f407d1c-EWR

OPTIONS
H2 204 progressive-jackpot
jp-api.nexus2wlb.com/ Frame 0
0 501ms
463ms Preflight 2606:4700:20::681a:987
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api.nexus2wlb.com/progressive-jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:987 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://questairforce.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 86252b86387c43bf-EWR
date: Sun, 10 Mar 2024 17:54:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VgZRSrlgMGO7EaKtIo87JZldJ8uewJ%2BxoF0RXdX1escUBNG8hUaPQK0B9ZHX7A4w7bUD8n3YslrPIQeaUx0JUgVHhVvyoS5cJcSjP8rrQ%2BwqarhDhsAHNnc0pVu%2FGVj7v3%2F%2BMNpIjtqMtaM%2F3G8DI5b"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 progressive-jackpot Show response
jp-api.nexus2wlb.com/ Frame 2A95 14 B
329 B 243ms
243ms XHR
application/json 2606:4700:20::681a:987
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api.nexus2wlb.com/progressive-jackpot

Requested by

Host: questairforce.com
URL: https://questairforce.com/bundles/Amp/main-jackpot-js?v=Ucx_c8Kr3mdGVw7Ew6Y6mqs6QYmKZR_YVxY1hfvf9xI1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:987 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0945fe184f6195808139ba8a31fd8fa6caf43bb8440a6548f92c97e48f5ce0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://questairforce.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 10 Mar 2024 17:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0fdx%2FiCesP4vV1zRoLfbdPmoT8%2BqRbrOluj2WMxqwLnB0FT7muwdGHcVOIrvi2Pj3t6VxFPhyBWs%2BuVk7Cdr0FJGYbUpG4%2FhpLDXJoL6%2F1Z%2FDgLemE6aC8BgPIHuqj7WyOEQnd0P5qksnF0cgWaD9mO"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 86252b892b2543bf-EWR
x-xss-protection: 1; mode=block

GET
H3 200 jackpot-slots.otf
questairforce.com/fonts/ Frame 2A95 189 KB
8 KB 541ms
540ms Font
font/otf 2606:4700:3033::6815:5e4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://questairforce.com/fonts/jackpot-slots.otf

Requested by

Host: questairforce.com
URL: https://questairforce.com/Content/Home/mobile-css?v=C7X7tVUeagWtyZb0mnLcsTnQ3_wmM9BraETShHASyYw1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5e4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d4b3a1e19d9626541df2e6898885c87e1c9e11324258d02eb5e95df5c3c6399

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://questairforce.com/Content/Home/mobile-css?v=C7X7tVUeagWtyZb0mnLcsTnQ3_wmM9BraETShHASyYw1
Origin: https://questairforce.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 17:54:27 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Feb 2024 08:32:04 GMT
server: cloudflare
etag: W/"09a789eb260da1:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYuBI%2FFm0NOSnSkTpLQ6gs4tA%2BBe2oWwmT5AUGHwnyYzKr2wfxThKobLoPio%2FDJ4FkArMD8KbgJs0UYZAPxjAmLUKFi450NOsciAIBNZ5JbfIE%2FzRwnoEti9Mm52B0XXf5bLXpAQ6Is9A%2BqvGELsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 86252b8609907d1c-EWR

GET progressive-jackpot
jp-api.nexus2wlb.com/ Frame 2A95 0
0

OPTIONS
H2 204 progressive-jackpot
jp-api.nexus2wlb.com/ Frame 0
0 236ms
235ms Preflight 2606:4700:20::681a:987
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api.nexus2wlb.com/progressive-jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:987 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://questairforce.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 86252ba3a80c43bf-EWR
date: Sun, 10 Mar 2024 17:54:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJldqesDVTfYH3RVEgIcioXVfXsE3KbUGGfTt6jbkEr5kLtiGF18r3%2BXFUGrPseZtQhq2U1JEmsHd7RZIZ4F4Ozf4l6XrHhr89nfDyfzWDGode%2FmHBRYlmFEkfp0GPqo9rRMxR5KdXa82vcXGVBz8QWS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.winslot.net
URL: https://www.winslot.net/fonts/icomoon/fonts/icomoon.woff2?5rf7nx

Domain: jp-api.nexus2wlb.com
URL: https://jp-api.nexus2wlb.com/progressive-jackpot

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://gerakanbiru.site.alt.gratis/ Message: Access to font at 'https://www.winslot.net/fonts/icomoon/fonts/icomoon.woff2?5rf7nx' from origin 'https://gerakanbiru.site.alt.gratis' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.winslot.net/fonts/icomoon/fonts/icomoon.woff2?5rf7nx Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://api2-msl.imgnxb.com/images/Twitter_6ece2240-3608-47d1-8b98-2864acd9a3c8_1703574922348.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1703543022643.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1701300627080.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/Facebook_4ed208d0-8bdb-4f48-a691-a8b35ae4a433_1703574922301.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/DANAMON_59329282-588d-4d93-9f58-1e202f3af526_1703543028377.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1703543033297.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/PERMATA_9e978722-e854-4582-8194-e79a1697ad8a_1702482443290.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api2-msl.imgnxb.com/images/DANA_0227a47c-05f8-4e2e-ac18-3a5d0b564df1_1686044141627.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-msl.imgnxb.com
cdn.ampproject.org
dlmxz0etq5yy6.cloudfront.net
gerakanbiru.site.alt.gratis
jerukijo.site
jp-api.nexus2wlb.com
nx-cdn.nx2wl.com
questairforce.com
www.winslot.net
jp-api.nexus2wlb.com
www.winslot.net
13.225.210.185
142.251.40.225
162.0.215.8
172.67.69.59
2606:4700:20::681a:987
2606:4700:3030::ac43:8bd1
2606:4700:3033::6815:5e4b
0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5
0af21d73241cf47a6eb53c067f9ffdcd1781972f0da1d6353bb0b1e505033cdc
0c3cb1cac29c07d82cd8da34ed472086cfd9e323dc2a8fb28ce398633ffc63fb
1109ec10def03dfa3972bb0c067ae344cee8fd4fa24c9d1a5ecca2f7cbfe3930
170a763f6eae45592966eace6d1856516cd1992fe57ad9fb3179f53ec857e281
17769c0c79f010cfca9aaae364a4de7e82b3f9cb316464feacda1c65a968e9dc
1eda07754773ce0487e309628fe2f57caa2c61f930a585fcf8a857ec3b920618
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
36f5a8f5e26569fec2463cc25432cd74f62091d3d22caa3ec1c6bf5d643932f9
3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d
385d392ed395a8b72f438717309495513adeaf01480df34d7833648ad2418dde
417d52512644c1c23d0e639990c258c14c2aedc8832aa25d863b4fc12dc547c4
4834ab8622f4ad0546fa0a08a3b5e72f8f3bd703bb1e6238c2b14aa02b838eb9
4aba6c1fae300b43c35f622d84de45feb9bd725e90de52a8db1fb3819fbd0990
4bc6eeae46423b2418e10c891757397901e92c5b3bd42d22c76ef475980cd5d6
4d4b3a1e19d9626541df2e6898885c87e1c9e11324258d02eb5e95df5c3c6399
4d676565bde99eca6ace6fddec27f5b2d874a52ba3f98208ad85984b27f54ded
51aa45ab288d2904468b3484a8fe3ce620a008bc716918727eef5b07a833c7c9
572ea4e9024f08a9b001269a139dd61eca5a04dc49fb7d7f25c3fb8dfc332f68
597a4d8f07e81fa602193405e26c037c9dd4e605ab8f36e371ae0855362e28f2
5b9bfaec13c20ec2346bbf54d0ce3734cea3d3b74acd411a61fb996e6128b2fe
667cc75196e1217f107399610857f6b17fb655367566cdad1411f13351df57c1
6b0e8f6079654d7d65f4e52152805a8a439b565d13afd79a53e5e3e0ea719a26
6e5c241fd7258f5ff5f5925e26d4e25624eb7336290b6e2d1b61e352a241ff13
7099cc311b4c22f024592756a725781fed6e11fda13c00e222380d6c50e219e6
7594035a66ca12f67265c60d8606a5d9b1fa220872d984cde7fdb412cbf742ae
7694a8dfa750568eddaba281d9c2ff0368cdbbc24d4606242df0abea49b73de9
78b03444c9b9c107014a6e43864e3e1a481407bd8b27f48b54bfdfe1256806da
7d7f7530e7b987b396c1e87f7cb582020cb878befd9baecb8b7ac2ad17a11370
7ea533fd7e01c5d5e5e36918152c348f9ec7bc7c8990f079c6e270a747216a57
851c61662592e02623c5868a99399cc88df050f8bf1a864007e29763db6b42bf
87a8b4f917f595fb559feec23a977d0bba4fbc18cf0b28b7cd900e68dc10f052
8fd4b10982ee43ef773d7ea50ae02542669d37b148b4dd90cc028d2356a3474e
9ce41807c2c5b0440c91ae1cdb3a9027885f98ed3d738a94fafa5e8725f16961
a0945fe184f6195808139ba8a31fd8fa6caf43bb8440a6548f92c97e48f5ce0c
a801ee9f1fa0648fa2a6567ce382f9794c7b5d43bfaf831d0cb8fa84071f3bb5
a84f05f14de0bb0635ee6e8db741d7355b1a6928379c372f3ef3d218305fe366
b86c9b10bfcb5ba985ace15206f49c7bf7457dec857b6c29133b350bf0e56d22
ba7c10ee318871f42ba6e765e929f176d8ea82888c29829e2fa81b03b3ddea05
ba8b6b5a4fc6bcc8a93550c43b0ca8bb2cec85a7cc03c9d6e00a1d44d3af17de
bf2deab9ced0668e429c766248d59f8bc284b62e50f3fe1fd0d947b75720e8bf
c67a5172b579d71e5e488b0d74114a908b94009c50307c4fe7950cf0b40acd47
c76c46c464a856702728b5abb6e1dde8e2243bf183398ea2d7db2284cc73a7d6
d1ca726e11d5b85e441ddc6515ff38ee3624f1e6276e2ca7bfceeab75d313ced
d76baeab286c791238f74507726503241ec7d7541a2c9bcb856dd4beb585ac26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d2c0f0daa910e0b9e158025356598eb12a3322d2537b34c7c10f405582ee49
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f36155873687d322061c1be122e0e6dbc7bca29949a451982c59137ab49f07e4
f46d95e324944afeb891dc379e36cc27a330a4e70669b34e9cf9ad9ee291b461
fb4afdef7fe88dd5a5c7de86d014ef721d80e7f7504fbeb05149f78ae4ad19f6
fbcc4bcb7f72680b0dfe69fbc56fd065ed32a2565b3379d75dddc91219c1fde3
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

gerakanbiru.site.alt.gratis Open in urlscan Pro 162.0.215.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

95 %HTTPS

43 %IPv6

9 Domains

9 Subdomains

8 IPs

1 Countries

1395 kBTransfer

2156 kBSize

0 Cookies

2 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gerakanbiru.site.alt.gratis Open in urlscan Pro
162.0.215.8 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

43 %
IPv6

9
Domains

9
Subdomains

8
IPs

1
Countries

1395 kB
Transfer

2156 kB
Size

0
Cookies

56 HTTP transactions
8 data transactions