urlscan.io logo urlscan.io
SecurityTrails logo

legin.shop Open in urlscan Pro
2606:4700:3037::6815:3e0  Public Scan

Go To Rescan Add Verdict Report
URL: https://legin.shop/
Submission: On November 23 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3037::6815:3e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is legin.shop.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.
This is the only time legin.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 7 188.166.185.110 14061 (DIGITALOC...)
2 143.198.201.173 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 165.232.165.130 ()
2 143.198.198.194 ()
28 7
5    2606:4700:3037::6815:3e0 (United States)

ASN13335 (CLOUDFLARENET, US)
legin.shop
1    2606:4700:3037::ac43:8af9 (United States)

ASN13335 (CLOUDFLARENET, US)
turbokode.com
7    188.166.185.110 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
188.166.185.110
2    143.198.201.173 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
143.198.201.173
1    2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
3    165.232.165.130 (None, )

ASN- ()
165.232.165.130
2    143.198.198.194 (None, )

ASN- ()
143.198.198.194
Apex Domain
Subdomains		 Transfer
5 legin.shop
legin.shop
107 KB
1 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 28626
1 KB
1 turbokode.com
turbokode.com
23 KB
0 Failed
function sub() { [native code] }. Failed
28 4
Domain Requested by
5 legin.shop legin.shop
1 4.bp.blogspot.com
1 turbokode.com
0 188.166.185.110 Failed
0 143.198.198.194 Failed
0 165.232.165.130 Failed
28 6

This site contains links to these domains. Also see Links.

Domain
51.79.246.67
188.166.181.224
opesia.vip
188.166.191.18
Subject Issuer Validity Valid
legin.shop
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
turbokode.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://legin.shop/
Frame ID: 8C70D29E4405436FF6D6904575DBF23C
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kode Syair toto, FORUM SYAIR SGP - KODE SYAIR SINGAPORE HARI INI VALID - Forum Syair Toto Valid melampirkan berbagai percikan gambar-gambar syair utamanya sgp atau singapore

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

25 %
HTTPS

43 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

146 kB
Transfer

1253 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://188.166.185.110/hokitoto/960x200.php HTTP 302
  • https://165.232.165.130/hokitoto/960x200.gif
Request Chain 13
  • https://188.166.185.110/kingtogel/960x200.php HTTP 302
  • https://165.232.165.130/kingtogel/960x200.gif
Request Chain 14
  • https://188.166.185.110/bingotogel/960x200.php HTTP 302
  • https://165.232.165.130/bingotogel/960x200.gif
Request Chain 15
  • https://188.166.185.110/alitoto/960x200.php HTTP 302
  • https://143.198.198.194/alitoto/960x200.gif
Request Chain 16
  • https://188.166.185.110/luxtogel/960x200.php HTTP 302
  • https://143.198.201.173/luxtogel/960x200.gif
Request Chain 17
  • https://188.166.185.110/plustogel/728x90.php HTTP 302
  • https://165.232.165.130/plustogel/728x90.gif
Request Chain 23
  • https://opesia.vip/banner-float-atas-satu.php HTTP 302
  • https://188.166.185.110/oscar/728x90.php HTTP 302
  • https://165.232.165.130/oscartogel/728x90.gif
Request Chain 24
  • https://opesia.vip/banner-float-atas-dua.php HTTP 302
  • https://188.166.185.110/platinumslot/728x90.php HTTP 302
  • https://165.232.165.130/platinumslot/728x90.gif
Request Chain 26
  • https://opesia.vip/banner-float-bawah-satu.php HTTP 302
  • https://188.166.185.110/crown/728x90.php HTTP 302
  • https://143.198.198.194/crowntogel/728x90.gif
Request Chain 27
  • https://opesia.vip/banner-float-bawah-dua.php HTTP 302
  • https://188.166.185.110/maxtoto/728x90.php HTTP 302
  • https://165.232.165.130/maxtoto/728x90.gif
Request Chain 29
  • https://188.166.185.110/dotatogel/728x90.php HTTP 302
  • https://165.232.165.130/dotatogel/728x90.gif
Request Chain 30
  • https://188.166.185.110/platinumtoto/728x90.php HTTP 302
  • https://143.198.201.173/platinumtoto/728x90.gif
Request Chain 31
  • https://188.166.185.110/djtogel/728x90.php HTTP 302
  • https://165.232.165.130/djtogel/728x90.gif
Request Chain 32
  • https://188.166.185.110/mvptogel/728x90.php HTTP 302
  • https://143.198.198.194/mvptogel/728x90.gif
Request Chain 33
  • https://188.166.185.110/viptoto/728x90.php HTTP 302
  • https://165.232.165.130/viptoto/728x90.gif
Request Chain 34
  • https://188.166.185.110/autotogel/728x90.php HTTP 302
  • https://143.198.198.194/autotogel/728x90.gif

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
legin.shop/ 		69 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legin.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d00c82bc1fbd2a82efeeabbc5f970802222152e8ecb277e4fc4409596f77ab3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e735a184b9442e9-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 23 Nov 2024 18:51:41 GMT
link
<https://legin.shop/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mk%2F7AmRRwsJpaHAyVbIEQJkoM3Az3n7aMqlZnqA5eIPXw7O%2FvzPyUPIHbkDDpn8tqqLVPvDU8lNa49%2BzCZ6AhmJWUlWP8IXFkaSptl%2BjNdkYHjMG%2BTHN6xCMeF2d6O3%2BVg7fDhWGFv%2F8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=67476&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4207&recv_bytes=4518&delivery_rate=407&cwnd=12000&unsent_bytes=0&cid=d1147166efe29e94&ts=1425&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-tag
d06_HTTP.200,d06_PGSRP,d06_home,d06_URL.6666cd76f96956469e7be39d750cc7d9,d06_F,d06_,d06_MIN.143c141589132834e9490c2942cd76b7.css,d06_MIN.395008c5ea55b29d0d73b9da81c90153.js
x-turbo-charged-by
LiteSpeed
143c141589132834e9490c2942cd76b7.css
legin.shop/wp-content/litespeed/css/ 		183 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legin.shop/wp-content/litespeed/css/143c141589132834e9490c2942cd76b7.css?ver=efea7
Requested by
Host: legin.shop
URL: https://legin.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2041e25900bddcfc20bbbb178020ce905ec140f254c8838277b6b3cb0393bba0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NF0ZNn1E2xQPUHZe7S%2BC22mGpWl8KUNb5yu41uZCVb9HvJCAdeWmXsbHo8lS8TcgaDvOy%2BS6CmgD%2FQ4CFzJd98uqVNYQ%2FTzlgi7w016uYZSxrTwK2nSGzYGfgHEZW4b16UbkFJL0Tucy"}],"group":"cf-nel","max_age":604800}
cf-ray
8e735a22a97f42e9-EWR
expires
Sat, 23 Nov 2024 19:51:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=146552&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16251&recv_bytes=5121&delivery_rate=2718&cwnd=22800&unsent_bytes=0&cid=d1147166efe29e94&ts=2305&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 18:51:42 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Thu, 21 Nov 2024 19:34:23 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4996c5ec12bc1bd17bca3884c3a8215e3bb15e7f93e3733f3f341a5d4fb78cb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26d98abc4791508dea56def361cd7fbce7ef0a687aed0c5194f5e2853747d4c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3d82e22814c3d7c11b2ac38084db9070c37d318f95e70ee504f145e57427b23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa94becb3cfe4babd58329f3e266f8dc85f8b4da15f8cf9cbf6dbfd419c089a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa5d446a59c9da4d60c038971e25326ba487a8a5e49a25ceb2ed2d39490d50a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ac8c9b1fc2c79c3f43f95650223328a7eec79dc7a98d99074364b8d893f4608

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac8831e8d8b3e6a7752c5a9d5c59005ac503539b7d1a7cb46ffda8ab490efd01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
honeycomb.png
legin.shop/wp-content/themes/frontier/images/ 		265 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legin.shop/wp-content/themes/frontier/images/honeycomb.png
Requested by
Host: legin.shop
URL: https://legin.shop/wp-content/litespeed/css/143c141589132834e9490c2942cd76b7.css?ver=efea7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/wp-content/litespeed/css/143c141589132834e9490c2942cd76b7.css?ver=efea7

Response headers

cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gV6P%2BbQ4zNzC73Yh1FkcD6wTWKXrzVMhhiOkjeKzM0pJTWytnqHnW5C7K%2FQ3YNON%2FDI7UHBRJFpZrqkTLKrD1cjR%2BUmQqq%2FuLMhyGcoVRFPgB57W2FTEuToUpkaafQu5yZ4zqnzCu616"}],"group":"cf-nel","max_age":604800}
expires
Sat, 23 Nov 2024 19:51:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=103939&sent=68&recv=41&lost=0&retrans=0&sent_bytes=59977&recv_bytes=6434&delivery_rate=27474&cwnd=39600&unsent_bytes=0&cid=d1147166efe29e94&ts=3331&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 18:51:43 GMT
content-type
image/png
last-modified
Tue, 18 Jan 2022 19:39:33 GMT
vary
Accept-Encoding
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e735a293a8942e9-EWR
accept-ranges
bytes
content-length
265
x-turbo-charged-by
LiteSpeed
server
cloudflare
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://legin.shop
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
pengeluaran-sgp.png
legin.shop/wp-content/uploads/2023/01/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legin.shop/wp-content/uploads/2023/01/pengeluaran-sgp.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
accf9dd3b78f50ffca781bc729b0036c003c9d511e798ad41e869b2ca01308b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxG79nY%2BgovD60KOGArXWW0%2BjuoCk6ARP1n6Bj0vOrFoH8D%2B%2B2gb5t90uE3E2KU0rwxcRg6cqznQOlThkNImcTcmtiel1VpwCLEKcle8PWCkpVkCWon4vaeh9cQlIImzbpwCCu24ypsI"}],"group":"cf-nel","max_age":604800}
expires
Sat, 23 Nov 2024 19:51:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=139653&sent=72&recv=45&lost=0&retrans=1&sent_bytes=61969&recv_bytes=7230&delivery_rate=1998&cwnd=39600&unsent_bytes=0&cid=d1147166efe29e94&ts=4304&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 18:51:44 GMT
content-type
image/png
last-modified
Fri, 20 Jan 2023 07:28:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e735a2f4ad242e9-EWR
accept-ranges
bytes
content-length
48646
x-turbo-charged-by
LiteSpeed
server
cloudflare
bannerboster.gif
turbokode.com/wp-content/uploads/2024/02/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turbokode.com/wp-content/uploads/2024/02/bannerboster.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3a0c253b663d5daac0146c32303f6f0985b0196f60a96a95e9a18b0babb427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

cf-cache-status
HIT
age
251248
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxbj1PIxIHeo4s83zLFb6Q4TdhB4%2F5Zp3Qkv8f18wFwZ4A4OcQqZfkdrWoa1uoDnG4YDpxFLnst5KTN%2Fp17QXpHl21Hb%2FYgWOGi%2FJE3Vk91PtF%2FfK%2Bif6UPgFrtsLG5Y7jnEz7detcqtWP03"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 21:04:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70682&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4207&recv_bytes=4321&delivery_rate=44737&cwnd=12000&unsent_bytes=0&cid=4db3b36f73ac19f5&ts=493&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 18:51:44 GMT
content-type
image/gif
last-modified
Thu, 15 Feb 2024 18:13:16 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e735a336b095e6d-EWR
accept-ranges
bytes
content-length
23264
x-turbo-charged-by
LiteSpeed
server
cloudflare
960x200.gif
165.232.165.130/hokitoto/
Redirect Chain
  • https://188.166.185.110/hokitoto/960x200.php
  • https://165.232.165.130/hokitoto/960x200.gif
0
0
960x200.gif
165.232.165.130/kingtogel/
Redirect Chain
  • https://188.166.185.110/kingtogel/960x200.php
  • https://165.232.165.130/kingtogel/960x200.gif
0
0
960x200.gif
165.232.165.130/bingotogel/
Redirect Chain
  • https://188.166.185.110/bingotogel/960x200.php
  • https://165.232.165.130/bingotogel/960x200.gif
0
0
960x200.gif
143.198.198.194/alitoto/
Redirect Chain
  • https://188.166.185.110/alitoto/960x200.php
  • https://143.198.198.194/alitoto/960x200.gif
0
0
960x200.gif
143.198.201.173/luxtogel/
Redirect Chain
  • https://188.166.185.110/luxtogel/960x200.php
  • https://143.198.201.173/luxtogel/960x200.gif
32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.201.173/luxtogel/960x200.gif
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b702a-ce6b2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
845490
Date
Sat, 23 Nov 2024 18:51:46 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:40:42 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://143.198.201.173/luxtogel/960x200.gif
Date
Sat, 23 Nov 2024 18:51:45 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
728x90.gif
165.232.165.130/plustogel/
Redirect Chain
  • https://188.166.185.110/plustogel/728x90.php
  • https://165.232.165.130/plustogel/728x90.gif
0
0
728x90.php
188.166.185.110/elitetogel/ 		0
0
728x90.php
188.166.185.110/bosstoto/ 		0
0
728x90.php
188.166.185.110/royaltogel/ 		0
0
728x90.php
188.166.185.110/ktvtogel/ 		0
0
728x90.php
188.166.185.110/oktogel/ 		0
0
728x90.gif
165.232.165.130/oscartogel/
Redirect Chain
  • https://opesia.vip/banner-float-atas-satu.php
  • https://188.166.185.110/oscar/728x90.php
  • https://165.232.165.130/oscartogel/728x90.gif
0
0
728x90.gif
165.232.165.130/platinumslot/
Redirect Chain
  • https://opesia.vip/banner-float-atas-dua.php
  • https://188.166.185.110/platinumslot/728x90.php
  • https://165.232.165.130/platinumslot/728x90.gif
0
0
Close-Button.png
4.bp.blogspot.com/-KCWiYluf77M/XbQ5-9H8MyI/AAAAAAAAVC4/Za-ijvWdofsSk5hCgMFigekJY9VIs4KHACNcBGAsYHQ/s1600/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-KCWiYluf77M/XbQ5-9H8MyI/AAAAAAAAVC4/Za-ijvWdofsSk5hCgMFigekJY9VIs4KHACNcBGAsYHQ/s1600/Close-Button.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
07f17d9f613d7f3e18ab4f896cb00c048ccc294134d4f96d635e92798735e9ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

access-control-expose-headers
Content-Length
etag
"v542f"
age
3671
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 17:50:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 17:50:33 GMT
content-disposition
inline;filename="Close-Button.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1098
x-xss-protection
0
server
fife
728x90.gif
143.198.198.194/crowntogel/
Redirect Chain
  • https://opesia.vip/banner-float-bawah-satu.php
  • https://188.166.185.110/crown/728x90.php
  • https://143.198.198.194/crowntogel/728x90.gif
0
0
728x90.gif
165.232.165.130/maxtoto/
Redirect Chain
  • https://opesia.vip/banner-float-bawah-dua.php
  • https://188.166.185.110/maxtoto/728x90.php
  • https://165.232.165.130/maxtoto/728x90.gif
0
0
favicon.ico
legin.shop/wp-content/uploads/fbrfg/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://legin.shop/wp-content/uploads/fbrfg/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76039fffa72de3b49c1b93b689e5579e0f5cf12cd3226c13f0f1f3f96a55bbae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMilOzKiFtCk5k7J9MwjgZQZsA6zcZ5nMPflnjw3xag33B0NubkJ1qF9r2kV%2BYVIS1rgc17URfIiNmS4O4YOTVxT6Wr%2B8rpcNv44MqMKPnAZDwiMwpLpVMgsf%2F9tq%2FeY%2F9t%2FNSJvqaOg"}],"group":"cf-nel","max_age":604800}
cf-ray
8e735a32af9f42e9-EWR
expires
Sat, 23 Nov 2024 19:51:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=336751&sent=115&recv=63&lost=0&retrans=1&sent_bytes=112391&recv_bytes=8334&delivery_rate=115005&cwnd=46800&unsent_bytes=0&cid=d1147166efe29e94&ts=4831&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 18:51:44 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/x-icon
last-modified
Fri, 20 Jan 2023 07:29:37 GMT
vary
Accept-Encoding
server
cloudflare
728x90.gif
165.232.165.130/dotatogel/
Redirect Chain
  • https://188.166.185.110/dotatogel/728x90.php
  • https://165.232.165.130/dotatogel/728x90.gif
128 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://165.232.165.130/dotatogel/728x90.gif
Protocol
HTTP/1.1
Server
165.232.165.130 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b6f1d-ac255"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
705109
Date
Sat, 23 Nov 2024 18:51:48 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:36:13 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://165.232.165.130/dotatogel/728x90.gif
Date
Sat, 23 Nov 2024 18:51:47 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
728x90.gif
143.198.201.173/platinumtoto/
Redirect Chain
  • https://188.166.185.110/platinumtoto/728x90.php
  • https://143.198.201.173/platinumtoto/728x90.gif
228 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.201.173/platinumtoto/728x90.gif
Protocol
HTTP/1.1
Server
143.198.201.173 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b702f-3d045"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249925
Date
Sat, 23 Nov 2024 18:51:48 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:40:47 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://143.198.201.173/platinumtoto/728x90.gif
Date
Sat, 23 Nov 2024 18:51:47 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
728x90.gif
165.232.165.130/djtogel/
Redirect Chain
  • https://188.166.185.110/djtogel/728x90.php
  • https://165.232.165.130/djtogel/728x90.gif
208 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://165.232.165.130/djtogel/728x90.gif
Protocol
HTTP/1.1
Server
165.232.165.130 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b6f22-374b3"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
226483
Date
Sat, 23 Nov 2024 18:51:48 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:36:18 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://165.232.165.130/djtogel/728x90.gif
Date
Sat, 23 Nov 2024 18:51:47 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
728x90.gif
143.198.198.194/mvptogel/
Redirect Chain
  • https://188.166.185.110/mvptogel/728x90.php
  • https://143.198.198.194/mvptogel/728x90.gif
96 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.198.194/mvptogel/728x90.gif
Protocol
HTTP/1.1
Server
143.198.198.194 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b7014-599d1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
367057
Date
Sat, 23 Nov 2024 18:51:48 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:40:20 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://143.198.198.194/mvptogel/728x90.gif
Date
Sat, 23 Nov 2024 18:51:47 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
728x90.gif
165.232.165.130/viptoto/
Redirect Chain
  • https://188.166.185.110/viptoto/728x90.php
  • https://165.232.165.130/viptoto/728x90.gif
113 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://165.232.165.130/viptoto/728x90.gif
Protocol
HTTP/1.1
Server
165.232.165.130 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b6c48-73032"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
471090
Date
Sat, 23 Nov 2024 18:51:48 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:24:08 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://165.232.165.130/viptoto/728x90.gif
Date
Sat, 23 Nov 2024 18:51:47 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
728x90.gif
143.198.198.194/autotogel/
Redirect Chain
  • https://188.166.185.110/autotogel/728x90.php
  • https://143.198.198.194/autotogel/728x90.gif
96 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://143.198.198.194/autotogel/728x90.gif
Protocol
HTTP/1.1
Server
143.198.198.194 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://legin.shop/

Response headers

X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
ETag
"660b7007-45d38"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
286008
Date
Sat, 23 Nov 2024 18:51:48 GMT
Content-Type
image/gif
Last-Modified
Tue, 02 Apr 2024 02:40:07 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
location
https://143.198.198.194/autotogel/728x90.gif
Date
Sat, 23 Nov 2024 18:51:47 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
165.232.165.130
URL
https://165.232.165.130/hokitoto/960x200.gif
Domain
165.232.165.130
URL
https://165.232.165.130/kingtogel/960x200.gif
Domain
165.232.165.130
URL
https://165.232.165.130/bingotogel/960x200.gif
Domain
143.198.198.194
URL
https://143.198.198.194/alitoto/960x200.gif
Domain
165.232.165.130
URL
https://165.232.165.130/plustogel/728x90.gif
Domain
188.166.185.110
URL
https://188.166.185.110/elitetogel/728x90.php
Domain
188.166.185.110
URL
https://188.166.185.110/bosstoto/728x90.php
Domain
188.166.185.110
URL
https://188.166.185.110/royaltogel/728x90.php
Domain
188.166.185.110
URL
https://188.166.185.110/ktvtogel/728x90.php
Domain
188.166.185.110
URL
https://188.166.185.110/oktogel/728x90.php
Domain
165.232.165.130
URL
https://165.232.165.130/oscartogel/728x90.gif
Domain
165.232.165.130
URL
https://165.232.165.130/platinumslot/728x90.gif
Domain
143.198.198.194
URL
https://143.198.198.194/crowntogel/728x90.gif
Domain
165.232.165.130
URL
https://165.232.165.130/maxtoto/728x90.gif

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| LazyLoad function| urlCreator function| litespeed_load_delayed_js_force function| litespeed_load_delayed_js function| litespeed_load_one function| litespeed_inline2src

0 Cookies