loket.com

.com crawl

First seen 2026-05-02 · Last seen 2026-05-02 · ok HTTP/1.1 200 700 ms crawled 2026-05-09

US · 172.66.157.87 · AS13335 Cloudflare, Inc.

Reputation 100/100

sector entertainment type ecommerce

HTML metadata

Title: LOKET: Beli Tiket Event & Tiket Konser Mudah dan Terpercaya
Description: Beli tiket konser, festival, sport event, dan event seru lainnya dengan mudah di LOKET. #PASTIBISA beli tiket event idaman!
Language: id-ID
Canonical: https://loket.com

Open Graph

url: https://loket.com
title: LOKET: Beli Tiket Event & Tiket Konser Mudah dan Terpercaya
description: Beli tiket konser, festival, sport event, dan event seru lainnya dengan mudah di LOKET. #PASTIBISA beli tiket event idaman!

Technology

CDN: Cloudflare

Registration

Registrar

GoDaddy.com, LLC

Created

2003-05-27

Expires

2027-05-27 372 days left

Updated

2025-09-08

Name servers

irma.ns.cloudflare.com
ned.ns.cloudflare.com

DNS records live

NS

irma.ns.cloudflare.com
ned.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 6 TXT records

google-site-verification=vqBjXeekO0W0yduq5A2JXHSl1p7EnqhohHi3fQb2G6M
google-site-verification=xtfGIlkgYRNRnyil2LPbXisfUQtcI-oLQkACno_G2tE
openai-domain-verification=dv-Ga8C2RujbT5zV5tqVazO5IKX
slack-domain-verification=LlUwbwAm663TFh9tmKNgc7p8YHMOPBt17jWLjnsx
tiktok-developers-site-verification=yVVLyI8gcPRVakwgv1i8fEOsnNN0mdl3
google-site-verification=JYQvdRBhTaoQomjDVB1gQtqLB2-2zv6s5Bo2r_hDHUQ

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:mailgun.org include:amazonses.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc@loket.com; ruf=mailto:dmarc@loket.com; adkim=r; aspf=r

policy: quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRIfBqU0YPZzCNrbwXuU8vfg0t8JSs3m8+ThjOwNrqc+OzdhuEpN0fR+sCPbfagZt6HrfncEjMNXf5…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-04-15 to 2026-10-31

Expires in 164 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.loket.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id;
strict-transport-security: max-age=16000000; includeSubDomains; preload;

Linked from (1)

up-thamrinnine.com×1