theplangt.com Open in urlscan Pro
83.136.216.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://theplangt.com/
Submission Tags: tranco_l324
Submission: On March 05 via api (March 5th 2024, 12:40:59 pm UTC) from DE — Scanned from SG

Summary HTTP 24 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 83.136.216.20, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is theplangt.com.

This is the only time theplangt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	83.136.216.20 83.136.216.20	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	172.96.160.210 172.96.160.210	23470 (RELIABLESITE) (RELIABLESITE)
5	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
9	108.181.3.133 108.181.3.133	40676 (AS40676) (AS40676)
1	104.19.166.65 104.19.166.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.21.52.201 104.21.52.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	104.22.51.93 104.22.51.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	11

2 83.136.216.20 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv51.niagahoster.com

theplangt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.96.160.210 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.181.3.133 (Los Angeles, United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.166.65 (None, )

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.52.201 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prediksitogelterjitu.tebak-angka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totomacau.tebak-angka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.51.93 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19317	1 MB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 397	86 KB
3	tebak-angka.com 1 redirects prediksitogelterjitu.tebak-angka.com totomacau.tebak-angka.com	7 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1141 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2945	28 KB
2	theplangt.com theplangt.com	16 KB
1	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4704	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	3 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2409	2 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 11855	1 KB
24	9

	Domain	Requested by
9	i.postimg.cc	theplangt.com
5	cdn.ampproject.org	theplangt.com cdn.ampproject.org
2	totomacau.tebak-angka.com	cdn.ampproject.org totomacau.tebak-angka.com
2	theplangt.com	theplangt.com
1	cdn.datatables.net	totomacau.tebak-angka.com
1	cdn.jsdelivr.net	totomacau.tebak-angka.com
1	stackpath.bootstrapcdn.com	totomacau.tebak-angka.com
1	maxcdn.bootstrapcdn.com	totomacau.tebak-angka.com
1	prediksitogelterjitu.tebak-angka.com	1 redirects
1	res.cloudinary.com	theplangt.com
1	i.ibb.co	theplangt.com
24	11

This site contains links to these domains. Also see Links.

Domain
tinyurl.com
like.akanmakmur.com
api.whatsapp.com

Subject Issuer	Validity	Valid
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
postimg.cc R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-06-22`	6 months	crt.sh
tebak-angka.com GTS CA 1P5	`2024-01-08` - `2024-04-07`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://theplangt.com/
Frame ID: 45F417A43A3AB6710D3860A4AA093DF5
Requests: 19 HTTP requests in this frame

Frame: https://totomacau.tebak-angka.com/iframe/iresultmacau
Frame ID: E621585A96564F19C8D07390788094A2
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BLACKTOGEL : LINK RESMI LIVE DRAW TOTO MACAU SERTA DATA TOTO MACAU

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

92 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1457 kB
Transfer

1900 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://tinyurl.com/cuan889
Title: <img src="https://i.postimg.cc/bJFKQ2N3/logoblacktogel.webp" alt="logo" width="127" height="35" class="nc">

Search URL Search Domain Scan URL

URL: https://like.akanmakmur.com/
Title: interactive-button-3

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6287865950258
Title: <img src="https://i.postimg.cc/9FRfVNXH/BLACKTOGEL7.webp" width="400px" height="106px" class="nc" alt=" banner blacktogel ">

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://prediksitogelterjitu.tebak-angka.com/iframe/iresultmacau HTTP 301
https://totomacau.tebak-angka.com/iframe/iresultmacau

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
theplangt.com/ 82 KB
14 KB 53ms
33ms Document
text/html 83.136.216.20
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

http://theplangt.com/

Protocol

HTTP/1.1

Server

83.136.216.20 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv51.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

66991be891c943062318eba494a24cc6b3efc4c855dca358080d914b660d16ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 14342
content-type: text/html
date: Tue, 05 Mar 2024 12:40:50 GMT
last-modified: Fri, 22 Dec 2023 02:20:10 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

GET
H2 404 Blacktogel-Landingpage-VN-1.webp
i.ibb.co/pXkDRKg/ 1 KB
1 KB 673ms
302ms Image
image/png 172.96.160.210
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/pXkDRKg/Blacktogel-Landingpage-VN-1.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.160.210 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
server: nginx
content-length: 1031
content-type: image/png

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
63 KB 385ms
14ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: theplangt.com
URL: http://theplangt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

f15bacb31bf5b5f098deef584a4aaea1317c5d05ed7912867b1ed26b0538edee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://theplangt.com/
Origin: http://theplangt.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 12:40:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63632
x-xss-protection: 0
server: sffe
etag: "1e53a5908fb28af0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 12:40:51 GMT

GET
H2 200 amp-iframe-0.1.mjs Show response
cdn.ampproject.org/v0/ 20 KB
7 KB 392ms
22ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs

Requested by

Host: theplangt.com
URL: http://theplangt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

193a3d40491e42d18d773b9671eb289b21dc0d9dae95e38931fb4cda78a6a87a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://theplangt.com/
Origin: http://theplangt.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 12:40:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7396
x-xss-protection: 0
server: sffe
etag: "30da9a8ec7068ef2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 12:40:51 GMT

GET
H2 200 amp-sidebar-0.1.mjs Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 393ms
23ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.mjs

Requested by

Host: theplangt.com
URL: http://theplangt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

c5b0358c220c747fee8aa3fe1099575a5a8cb206e127c119c7468f9dd4c023df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://theplangt.com/
Origin: http://theplangt.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 12:40:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8226
x-xss-protection: 0
server: sffe
etag: "c8db679b3537a36b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 12:40:51 GMT

GET
H2 200 Blacktogel-Landingpage-VN-1.webp
i.postimg.cc/brH9qxnJ/ 41 KB
41 KB 1391ms
745ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/brH9qxnJ/Blacktogel-Landingpage-VN-1.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: e3477b0901b6ade6c4b4b75045e722d1ab882d744002f492905698a6f88ee18c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Fri, 22 Dec 2023 01:52:14 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 41794
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rtp.webp
i.postimg.cc/pXhR4VDY/ 489 KB
490 KB 822ms
204ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/pXhR4VDY/rtp.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: a505c2d92b576c32027ba66e0e45dcd1e795fd2034288cf4c90b789e722fae8d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Thu, 14 Dec 2023 10:09:17 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 500542
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 TOGEL.webp
i.postimg.cc/kgJrc8gX/ 68 KB
69 KB 1361ms
745ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/kgJrc8gX/TOGEL.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: c8a6a5d26fce3bcc4a5573c5aa9cb4422303da560cfddeced6e1e3527d275dd3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Tue, 19 Dec 2023 02:35:42 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 69894
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SLOT.webp
i.postimg.cc/Qd02ntFg/ 77 KB
78 KB 1360ms
744ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Qd02ntFg/SLOT.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: 4a2537e0c91d555e48b3b079ba96a67825b0f3767a7aa54192a8c83bd7e04c44

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Tue, 19 Dec 2023 02:35:42 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79120
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RTP-SLOT.webp
i.postimg.cc/bwMkcC5g/ 83 KB
83 KB 1491ms
875ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/bwMkcC5g/RTP-SLOT.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: 0d366c19e54073e6d1807d16dff7eda85e5358755a1c9bfa8ca9dad46c255c55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Fri, 22 Dec 2023 01:55:49 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84832
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 LIVE-CASINO.webp
i.postimg.cc/Nf7qmbYz/ 86 KB
87 KB 1361ms
745ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Nf7qmbYz/LIVE-CASINO.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: 4cd81868a997960ef8b9109718bb5736f0fdbe919c303ac4b2f71e973df43dd6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Tue, 19 Dec 2023 02:35:42 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 88548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logoblacktogel.webp
i.postimg.cc/bJFKQ2N3/ 25 KB
25 KB 1079ms
874ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/bJFKQ2N3/logoblacktogel.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: 1ebc1ca0c9d6ae180a97ef8791084cf0f94e5f2df4e3cc705bc7b9f858a265f8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Fri, 22 Dec 2023 02:14:28 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 25114
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 speaker.webp
i.postimg.cc/cCzKmZQd/ 352 B
598 B 1079ms
874ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/cCzKmZQd/speaker.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: 35a4a719c41aaf9931dbebeb6590e0a5a82a2b03670235f9f3cf0d6abaaaad25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Tue, 19 Dec 2023 02:39:17 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 352
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BLACKTOGEL7.webp
i.postimg.cc/9FRfVNXH/ 442 KB
443 KB 950ms
745ms Image
image/webp 108.181.3.133
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/9FRfVNXH/BLACKTOGEL7.webp
Requested by: Host: theplangt.com
URL: http://theplangt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.181.3.133 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: openresty /
Resource Hash: bddf2ae1f8bff0d52de066f23648f75a88e268481be2b5a29bf1e4d0d7ddaf7b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
last-modified: Fri, 15 Dec 2023 03:06:18 GMT
server: openresty
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 452822
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found fallback.jpg
theplangt.com/ 1 KB
1 KB 12ms
11ms Image
text/html 83.136.216.20
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://theplangt.com/fallback.jpg

Requested by

Host: theplangt.com
URL: http://theplangt.com/

Protocol

HTTP/1.1

Server

83.136.216.20 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv51.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 12:40:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: LiteSpeed
x-powered-by: Niagahoster
vary: User-Agent
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1251
x-xss-protection: 1; mode=block

GET
H2 200 itu4u63m418sv1dz1plc
res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/ 2 KB
2 KB 402ms
42ms Image
image/svg+xml 104.19.166.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dooxvcrqj/image/upload/v1695889245/31LP/assets/itu4u63m418sv1dz1plc

Requested by

Host: theplangt.com
URL: http://theplangt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.166.65 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ebd5b5c475630a77109a654abebe9eb86cc1829c7d4c77bf34f2a049652f08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://theplangt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="itu4u63m418sv1dz1plc"
server-timing: cld-cloudflare;dur=16;start=2024-03-05T12:40:51.578Z;desc=hit,rtt;dur=5,content-info;desc="width=12,height=12,bytes=2205,owidth=12,oheight=12,obytes=2205;"
content-length: 1112
last-modified: Thu, 28 Sep 2023 09:21:05 GMT
server: cloudflare
etag: W/"9dc133b4e3cff3ce458e5045bbae9542"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 85fa2d4a5c856bf1-SIN
timing-allow-origin: *

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012402141842000/v0/ 7 KB
3 KB 14ms
13ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402141842000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

7ff9e5795b6251fc8673b15b39f031e80931bc14890ce29d4a248d4a9bcc80cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://theplangt.com/
Origin: http://theplangt.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Feb 2024 23:04:28 GMT
age: 394583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2820
x-xss-protection: 0
server: sffe
etag: "65ce99597fef2a71"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Feb 2025 23:04:28 GMT

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012402141842000/v0/ 12 KB
4 KB 13ms
12ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402141842000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

3994172c6ef36b25e3c4b643afef52d913e884a37291402056dce2e3c46a4814

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://theplangt.com/
Origin: http://theplangt.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Feb 2024 23:05:05 GMT
age: 394546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3915
x-xss-protection: 0
server: sffe
etag: "3efc0d0e63fda451"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Feb 2025 23:05:05 GMT

GET
H2

200

iresultmacau Show response
totomacau.tebak-angka.com/iframe/ Frame E621
Redirect Chain

https://prediksitogelterjitu.tebak-angka.com/iframe/iresultmacau
https://totomacau.tebak-angka.com/iframe/iresultmacau

22 KB
2 KB

161ms
148ms

Document
text/html

104.21.52.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totomacau.tebak-angka.com/iframe/iresultmacau
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 417c2699460c04c42863e60b4af93d8b5495c6ae76c94d61afbedad6f053dd20

Request headers

Referer: http://theplangt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85fa2d4adc4e4be6-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 12:40:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7scxFmvRD44KMPMMTmQnDKGkAJVeqnq4t20rSabv4oQQES%2BexCJbearmZEp%2BQvjaubxuSPJaCp0f8Ciyf4RHJRkFjuAB6bAs0bDJYRzUeUZEFyhHeGSHpQbkzyF8bg2fM1Z08lxBrtyjrVcB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 85fa2d4a8c1d4be6-SIN
date: Tue, 05 Mar 2024 12:40:51 GMT
expires: Tue, 05 Mar 2024 13:40:51 GMT
location: https://totomacau.tebak-angka.com/iframe/iresultmacau
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nQ9uBYrarXV%2FNzfbfOnWIU80hSJCRdimnuY89w59No9H8heTkBWhMfalHbONnGQe7IagK9P%2FXTbia7%2Bd3OF0jf%2Flai8uUbGRjQ5sSz0Bz9t5JywPknOQilFpJLGWOts8OY9LBfNw82DjEafsBr6a2CLakDXUEs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame E621 118 KB
20 KB 381ms
23ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: totomacau.tebak-angka.com
URL: https://totomacau.tebak-angka.com/iframe/iresultmacau

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://totomacau.tebak-angka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 603
age: 10156831
cdn-cachedat: 09/27/2021 14:18:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0f1310bf9ea8d4961a2ada07a2669960
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85fa2d4de9704b7a-SIN
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E621 30 KB
7 KB 384ms
36ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: totomacau.tebak-angka.com
URL: https://totomacau.tebak-angka.com/iframe/iresultmacau

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://totomacau.tebak-angka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 640574
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 308bdae313a3d2469d18298167319299
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85fa2d4dd9f13dad-SIN
cdn-requestpullsuccess: True

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-beta.1/dist/css/ Frame E621 15 KB
3 KB 362ms
18ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-beta.1/dist/css/select2.min.css

Requested by

Host: totomacau.tebak-angka.com
URL: https://totomacau.tebak-angka.com/iframe/iresultmacau

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://totomacau.tebak-angka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Mar 2024 12:40:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 30757267
x-jsd-version: 4.1.0-beta.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2372
x-served-by: cache-fra-eddf8230060-FRA, cache-qpg1238-QPG
x-jsd-version-type: version
etag: W/"3dcf-yUSO+/Irxvb7u7/rvWVmQrqxN2c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 app.css
totomacau.tebak-angka.com/assets/css/ Frame E621 25 KB
4 KB 100ms
98ms Stylesheet
text/css 104.21.52.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totomacau.tebak-angka.com/assets/css/app.css
Requested by: Host: totomacau.tebak-angka.com
URL: https://totomacau.tebak-angka.com/iframe/iresultmacau
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57942f991d8948f3bddf14eb8ad21c02495eac801ad195d030a2f12c48edf494

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://totomacau.tebak-angka.com/iframe/iresultmacau
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Dec 2023 23:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638d-6574f9f6-866840;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fST1Ou2oYl9nY9KnYYx3YLw3sjHRhyn%2F8wYmM1fFHP7S52bBDZ11fsiXZYZrzhDtGTvzASj1x9NsI45IygxHNZOOQKg%2FR3zhRFSbrZYIiP0GMRer77%2BFAJqnkvUebE9dKsCpPcCZrQtjvNbj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85fa2d4bacd24be6-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 09:52:52 GMT

GET
H2 200 responsive.bootstrap4.min.css
cdn.datatables.net/responsive/2.2.5/css/ Frame E621 4 KB
1 KB 377ms
25ms Stylesheet
text/css 104.22.51.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/responsive/2.2.5/css/responsive.bootstrap4.min.css

Requested by

Host: totomacau.tebak-angka.com
URL: https://totomacau.tebak-angka.com/iframe/iresultmacau

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.51.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb2d5e099062e9cb9b6b48dd41347ce94e5ad05cdb8f06edce25ce000a4bf4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://totomacau.tebak-angka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 12:40:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 9969652
content-length: 985
last-modified: Mon, 06 Nov 2023 12:02:49 GMT
server: cloudflare
etag: "13200cc-1042-6097aa20487f0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85fa2d4de8a15cd9-SIN
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sun, 10 Nov 2024 03:20:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://theplangt.com/fallback.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://i.ibb.co/pXkDRKg/Blacktogel-Landingpage-VN-1.webp Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: http://theplangt.com/ Message: The resource https://i.ibb.co/pXkDRKg/Blacktogel-Landingpage-VN-1.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
cdn.datatables.net
cdn.jsdelivr.net
i.ibb.co
i.postimg.cc
maxcdn.bootstrapcdn.com
prediksitogelterjitu.tebak-angka.com
res.cloudinary.com
stackpath.bootstrapcdn.com
theplangt.com
totomacau.tebak-angka.com
104.18.10.207
104.18.11.207
104.19.166.65
104.21.52.201
104.22.51.93
108.181.3.133
151.101.193.229
172.253.118.132
172.96.160.210
83.136.216.20
0d366c19e54073e6d1807d16dff7eda85e5358755a1c9bfa8ca9dad46c255c55
193a3d40491e42d18d773b9671eb289b21dc0d9dae95e38931fb4cda78a6a87a
1ebc1ca0c9d6ae180a97ef8791084cf0f94e5f2df4e3cc705bc7b9f858a265f8
35a4a719c41aaf9931dbebeb6590e0a5a82a2b03670235f9f3cf0d6abaaaad25
3994172c6ef36b25e3c4b643afef52d913e884a37291402056dce2e3c46a4814
417c2699460c04c42863e60b4af93d8b5495c6ae76c94d61afbedad6f053dd20
4a2537e0c91d555e48b3b079ba96a67825b0f3767a7aa54192a8c83bd7e04c44
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4cd81868a997960ef8b9109718bb5736f0fdbe919c303ac4b2f71e973df43dd6
57942f991d8948f3bddf14eb8ad21c02495eac801ad195d030a2f12c48edf494
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
66991be891c943062318eba494a24cc6b3efc4c855dca358080d914b660d16ae
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ff9e5795b6251fc8673b15b39f031e80931bc14890ce29d4a248d4a9bcc80cf
8ebd5b5c475630a77109a654abebe9eb86cc1829c7d4c77bf34f2a049652f08e
907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a505c2d92b576c32027ba66e0e45dcd1e795fd2034288cf4c90b789e722fae8d
aeb2d5e099062e9cb9b6b48dd41347ce94e5ad05cdb8f06edce25ce000a4bf4b
bddf2ae1f8bff0d52de066f23648f75a88e268481be2b5a29bf1e4d0d7ddaf7b
c5b0358c220c747fee8aa3fe1099575a5a8cb206e127c119c7468f9dd4c023df
c8a6a5d26fce3bcc4a5573c5aa9cb4422303da560cfddeced6e1e3527d275dd3
e3477b0901b6ade6c4b4b75045e722d1ab882d744002f492905698a6f88ee18c
f15bacb31bf5b5f098deef584a4aaea1317c5d05ed7912867b1ed26b0538edee
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

theplangt.com Open in urlscan Pro 83.136.216.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

92 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

11 IPs

3 Countries

1457 kBTransfer

1900 kBSize

0 Cookies

3 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

theplangt.com Open in urlscan Pro
83.136.216.20 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

92 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1457 kB
Transfer

1900 kB
Size

0
Cookies

24 HTTP transactions
1 data transactions