fai.uisu.ac.id Open in urlscan Pro
103.165.239.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip
Submission Tags: @phish_report
Submission: On September 05 via api (September 5th 2024, 2:49:23 pm UTC) from FI — Scanned from FI

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 13 HTTP transactions. The main IP is 103.165.239.201, located in Jakarta, Indonesia and belongs to SOLUSINET-AS-ID PT iForte Global Internet, ID. The main domain is fai.uisu.ac.id.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on December 22nd 2023. Valid for: a year.

This is the only time fai.uisu.ac.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.165.239.201 103.165.239.201	17995 (SOLUSINET...) (SOLUSINET-AS-ID PT iForte Global Internet)
2	66.29.132.116 66.29.132.116	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	104.18.3.36 104.18.3.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
13	6

3 103.165.239.201 (Jakarta, Indonesia) 1 redirects

ASN17995 (SOLUSINET-AS-ID PT iForte Global Internet, ID)
PTR: 201.239.165.103.net.iforte.net.id

fai.uisu.ac.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.29.132.116 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business143-3.web-hosting.com

shortrelax.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	125 KB
3	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 19721	23 KB
3	uisu.ac.id 1 redirects fai.uisu.ac.id	11 KB
2	shortrelax.site shortrelax.site	72 KB
13	4

	Domain	Requested by
6	cdn.ampproject.org	fai.uisu.ac.id cdn.ampproject.org
3	imagedelivery.net	fai.uisu.ac.id
3	fai.uisu.ac.id	1 redirects
2	shortrelax.site	fai.uisu.ac.id
13	4

This site contains links to these domains. Also see Links.

Domain
lewatya.xyz

Subject Issuer	Validity	Valid
*.uisu.ac.id RapidSSL TLS RSA CA G1	`2023-12-22` - `2024-11-24`	a year	crt.sh
shortrelax.site Sectigo RSA Domain Validation Secure Server CA	`2024-06-14` - `2025-06-14`	a year	crt.sh
misc-sni.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
imagedelivery.net WE1	`2024-08-31` - `2024-11-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip
Frame ID: 25AF0C665B7A0BAA957B3CC4209A6722
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Keluaran Terbaru Buku REPUBLIKVIP dari Sekolah Tinggi Universitas Islam SumuT

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Lightbox (JavaScript Libraries) Expand

Page Statistics

13
Requests

92 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

6
IPs

4
Countries

230 kB
Transfer

585 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lewatya.xyz/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://fai.uisu.ac.id/favicon.ico HTTP 302
https://fai.uisu.ac.id/wp-content/uploads/2014/10/cropped-favicon-baru-2018-1-32x32.png

13 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fai.uisu.ac.id/wp-includes/pomo/ 37 KB
8 KB 946ms
285ms Document
text/html 103.165.239.201
SOLUSINET-AS-ID P...

General

Check archive.org

Show headers Download Go to

Full URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 103.165.239.201 Jakarta, Indonesia, ASN17995 (SOLUSINET-AS-ID PT iForte Global Internet, ID),
Reverse DNS: 201.239.165.103.net.iforte.net.id
Software: LiteSpeed /
Resource Hash: a57ec88e33c78310b418b6564ecb1165bc9f9eb8e2e134503b88db58325c2b30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 8282
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 14:49:15 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 hfghfcbcs.webp
shortrelax.site/img/ 57 KB
57 KB 1034ms
498ms Image
image/webp 66.29.132.116
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shortrelax.site/img/hfghfcbcs.webp
Requested by: Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.116 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business143-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc048d518c339b66411e81c093b61ebed2f9af6c5654c5870881af02dc254344

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 14:49:16 GMT
last-modified: Mon, 02 Sep 2024 18:04:02 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 57990
expires: Thu, 12 Sep 2024 14:49:16 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 354ms
153ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc62c28bbcaa4c3fd88d9448415ac2ee1de8bb47ffa346798b76183f99b84203

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 14:49:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73069
x-xss-protection: 0
server: sffe
etag: "aa99a87e81a93834"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 14:49:16 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 256ms
80ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bd969699043f9a17b0271adea9a139bfea11bd00fb1194fa20558c359afe0f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 14:49:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32178
x-xss-protection: 0
server: sffe
etag: "26790a275994fc5f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 14:49:16 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 318ms
143ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d01c50e6790c45ebdc7a51dc297ca5169f242f0bb0acded7a58d063835101494

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 14:49:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2470
x-xss-protection: 0
server: sffe
etag: "1b2d79d82074dae8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 14:49:16 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 243ms
68ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef062166a581303abf12e244a38b6780595710e5fbe4fc6d8ff4a71b8c05e027

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 14:49:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11484
x-xss-protection: 0
server: sffe
etag: "096b4ab58c35a0c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 14:49:16 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 SLOT-GACOR-9-3-2024.webp
shortrelax.site/img/ 15 KB
15 KB 799ms
749ms Image
image/webp 66.29.132.116
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shortrelax.site/img/SLOT-GACOR-9-3-2024.webp
Requested by: Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.29.132.116 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business143-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e05a6624e1ebf6f41f5b1e75b46813d96399654deb37faacd9edc13fdc03eb21

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 14:49:16 GMT
last-modified: Mon, 02 Sep 2024 18:04:09 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 15412
expires: Thu, 12 Sep 2024 14:49:16 GMT

GET
H3 200 public
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/e56f8bfd-c0c6-46c7-19e7-cd22b3c8db00/ 4 KB
4 KB 154ms
108ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/e56f8bfd-c0c6-46c7-19e7-cd22b3c8db00/public

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a77ef8df8276cc3c9e6d7f46fe2cab851645c2cc7aeefe6c6244b19c21b36eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1170+205 c=0+0 v=2024.9.1 l=4153 f=false
date: Thu, 05 Sep 2024 14:49:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 4153
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfAxhUXJLUfvh_9DNUUudhurRAfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8be706672bc782c1-ARN

GET
H3 200 public
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/cdaae5aa-9f1a-436d-433c-194817f6f400/ 9 KB
9 KB 191ms
144ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/cdaae5aa-9f1a-436d-433c-194817f6f400/public

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5af133c346cfb76ca928edeed83f84497c21d79daf5c744c143ed752a3e1d59

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=1240+132 c=0+0 v=2024.8.1 l=8722 f=false
date: Thu, 05 Sep 2024 14:49:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 8722
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf7UpvSRNt140zzIIQBbKKaaN-fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8be706672bca82c1-ARN

GET
H3 200 public
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/17b932a0-3936-49b2-f532-4b956bf82300/ 9 KB
10 KB 156ms
110ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/17b932a0-3936-49b2-f532-4b956bf82300/public

Requested by

Host: fai.uisu.ac.id
URL: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b62d8bdd1a0160fe6aa6deb4103363ebdc8ea24b5eab0eb62bebd19455bfba

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://fai.uisu.ac.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=669+180 c=0+0 v=2024.9.1 l=9455 f=false
date: Thu, 05 Sep 2024 14:49:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 9455
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfN4IuVMC1miFRHEDq09JIZELpfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8be706672bc282c1-ARN

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406252034000/v0/ 8 KB
3 KB 181ms
63ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

f2d32e990f8c2cdea703482d182b72015b64ef9d7de4cf1ef01043236062c7fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fai.uisu.ac.id/
Origin: https://fai.uisu.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Sep 2024 18:03:00 GMT
age: 74776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "b3a7da082c4f77e9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Sep 2025 18:03:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406252034000/v0/ 12 KB
4 KB 166ms
62ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

d7ce36593c3ca293f7d3a4c8faae86175961860eb64a0acaf597b6b03e35d04c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fai.uisu.ac.id/
Origin: https://fai.uisu.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Sep 2024 18:03:00 GMT
age: 74776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: sffe
etag: "24d297f33544dfa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Sep 2025 18:03:00 GMT

GET
H2

200

cropped-favicon-baru-2018-1-32x32.png
fai.uisu.ac.id/wp-content/uploads/2014/10/
Redirect Chain

https://fai.uisu.ac.id/favicon.ico
https://fai.uisu.ac.id/wp-content/uploads/2014/10/cropped-favicon-baru-2018-1-32x32.png

2 KB
2 KB

282ms
282ms

Other
image/png

103.165.239.201
SOLUSINET-AS-ID P...

General

Check archive.org

Show headers Download Go to

Full URL: https://fai.uisu.ac.id/wp-content/uploads/2014/10/cropped-favicon-baru-2018-1-32x32.png
Protocol: H2
Server: 103.165.239.201 Jakarta, Indonesia, ASN17995 (SOLUSINET-AS-ID PT iForte Global Internet, ID),
Reverse DNS: 201.239.165.103.net.iforte.net.id
Software: LiteSpeed /
Resource Hash: d9fc2c4d93da74f73aed9febdbb620680016ea4466bf6fc76737f7f8ca37e18f

Request headers

Referer: https://fai.uisu.ac.id/wp-includes/pomo/?bert=republikvip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 14:49:19 GMT
last-modified: Thu, 11 Apr 2019 03:32:32 GMT
server: LiteSpeed
etag: "8b4-5caeb550-101958f1;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2228
expires: Thu, 12 Sep 2024 14:49:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Sep 2024 14:49:19 GMT
server: LiteSpeed
x-redirect-by: WordPress
x-litespeed-cache: miss
content-type: text/html; charset=UTF-8
location: https://fai.uisu.ac.id/wp-content/uploads/2014/10/cropped-favicon-baru-2018-1-32x32.png
x-litespeed-cache-control: public,max-age=604800
cache-control: no-store, no-cache, must-revalidate
x-litespeed-tag: 4d3_HTTP.200,4d3_HTTP.302,4d3_default,4d3_URL.b54ff2eddcb0060bcd786ce388d8d4d7,4d3_
link: <https://fai.uisu.ac.id/wp-json/>; rel="https://api.w.org/"
content-length: 0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fai.uisu.ac.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: vn0eqj6do7t6biumervtb343mk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fai.uisu.ac.id
imagedelivery.net
shortrelax.site
103.165.239.201
104.18.3.36
142.250.184.225
2a00:1450:4001:80e::2001
66.29.132.116
29b62d8bdd1a0160fe6aa6deb4103363ebdc8ea24b5eab0eb62bebd19455bfba
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
3a77ef8df8276cc3c9e6d7f46fe2cab851645c2cc7aeefe6c6244b19c21b36eb
7bd969699043f9a17b0271adea9a139bfea11bd00fb1194fa20558c359afe0f0
a57ec88e33c78310b418b6564ecb1165bc9f9eb8e2e134503b88db58325c2b30
bc62c28bbcaa4c3fd88d9448415ac2ee1de8bb47ffa346798b76183f99b84203
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
d01c50e6790c45ebdc7a51dc297ca5169f242f0bb0acded7a58d063835101494
d5af133c346cfb76ca928edeed83f84497c21d79daf5c744c143ed752a3e1d59
d7ce36593c3ca293f7d3a4c8faae86175961860eb64a0acaf597b6b03e35d04c
d9fc2c4d93da74f73aed9febdbb620680016ea4466bf6fc76737f7f8ca37e18f
dc048d518c339b66411e81c093b61ebed2f9af6c5654c5870881af02dc254344
e05a6624e1ebf6f41f5b1e75b46813d96399654deb37faacd9edc13fdc03eb21
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ef062166a581303abf12e244a38b6780595710e5fbe4fc6d8ff4a71b8c05e027
f2d32e990f8c2cdea703482d182b72015b64ef9d7de4cf1ef01043236062c7fe
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

fai.uisu.ac.id Open in urlscan Pro 103.165.239.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

20 %IPv6

4 Domains

4 Subdomains

6 IPs

4 Countries

230 kBTransfer

585 kBSize

1 Cookies

1 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

Indicators

fai.uisu.ac.id Open in urlscan Pro
103.165.239.201 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

6
IPs

4
Countries

230 kB
Transfer

585 kB
Size

1
Cookies

13 HTTP transactions
4 data transactions