165.22.105.116 Open in urlscan Pro
165.22.105.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://daftarrajabandot.com/
Effective URL:
https://165.22.105.116/
Submission: On November 23 via api (November 23rd 2023, 3:11:34 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 165.22.105.116, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is 165.22.105.116.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 9th 2023. Valid for: 3 months.

This is the only time 165.22.105.116 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:48e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	165.22.105.116 165.22.105.116	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2607:f8b0:400... 2607:f8b0:4006:807::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3038::6815:eb46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.19.61.80 162.19.61.80	16276 (OVH) (OVH)
13	5

1 2606:4700:3033::6815:48e2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

daftarrajabandot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.22.105.116 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

165.22.105.116	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:807::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb46 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	89 KB
4	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18725	22 KB
3	iili.io iili.io — Cisco Umbrella Rank: 43900	714 KB
1	daftarrajabandot.com 1 redirects daftarrajabandot.com	685 B
13	4

	Domain	Requested by
5	cdn.ampproject.org	165.22.105.116 cdn.ampproject.org
4	i.postimg.cc	165.22.105.116
3	iili.io	165.22.105.116
1	daftarrajabandot.com	1 redirects
13	4

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
untungraban.com
jangansayalagipak.com
secure.livechatinc.com

Subject Issuer	Validity	Valid
165.22.105.116 ZeroSSL RSA Domain Secure Site CA	`2023-11-09` - `2024-02-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
iili.io E1	`2023-10-08` - `2024-01-06`	3 months	crt.sh
postimg.cc R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://165.22.105.116/
Frame ID: 81CCFCFAB1515FB424ED62D84F535C5F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RAJABANDOT - Situs Games Online no 1 di indonesia

Page URL History Show full URLs

http://daftarrajabandot.com/ HTTP 301
https://165.22.105.116/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Lightbox (JavaScript Libraries) Expand

Page Statistics

13
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

832 kB
Transfer

1096 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://rebrand.ly/Hoki11111
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://rebrand.ly/hoki22222
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://untungraban.com/
Title: Bonus

Search URL Search Domain Scan URL

URL: https://jangansayalagipak.com/
Title: Link Alternatif

Search URL Search Domain Scan URL

URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=10686782
Title: Live Chat

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://daftarrajabandot.com/ HTTP 301
https://165.22.105.116/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
165.22.105.116/
Redirect Chain

http://daftarrajabandot.com/
https://165.22.105.116/

41 KB
7 KB

1069ms
537ms

Document
text/html

165.22.105.116
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 165.22.105.116 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 42a46f5522cac317c89ac857f39d89538791abed41ccf6a97703306951080008

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 6620
content-type: text/html
date: Thu, 23 Nov 2023 15:11:25 GMT
etag: "a4d9-655d8353-47170;br"
last-modified: Wed, 22 Nov 2023 04:28:03 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

CF-RAY: 82aa582f19720f85-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 23 Nov 2023 15:11:24 GMT
Expires: Thu, 23 Nov 2023 16:11:24 GMT
Location: https://165.22.105.116/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diE6KKyzekn8KxQKtZJU2SXEOOG%2FImsv2eWmp3KywnlIskda0RTmzrI1E2X%2B2yHikzz6xxOPlzhc%2FbvbpLxSSXY5jDcyZCROChJ0V1M%2B2ILV5dFdQMNGU1AA%2BKrjkaPvlQZtPK7lP1i1V1HjdbXLB33aLA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 152ms
48ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: 165.22.105.116
URL: https://165.22.105.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73200
x-xss-protection: 0
server: sffe
etag: "b209cac081bc437c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 23 Nov 2023 15:11:25 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 147ms
43ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: 165.22.105.116
URL: https://165.22.105.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2398c290df4fb448137c4c566f9284814c029f08f5ec3614a536a18d355500d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2469
x-xss-protection: 0
server: sffe
etag: "29844d029adb4485"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 23 Nov 2023 15:11:25 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 116ms
45ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: 165.22.105.116
URL: https://165.22.105.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4caba1632ee87c41c4af00f053108b1930cca2f33f249b2e4587e86338ab83

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 15:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5829
x-xss-protection: 0
server: sffe
etag: "d5c10f6b1d53ea05"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 23 Nov 2023 15:11:25 GMT

GET
H2 200 JBE06D7.jpg
iili.io/ 549 KB
550 KB 128ms
39ms Image
image/jpeg 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/JBE06D7.jpg
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42261af02d44d3a03b62c34377a307d67d6eeb6d1bf9b6ae86786114c0174a91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 724174
alt-svc: h3=":443"; ma=86400
content-length: 562122
last-modified: Thu, 09 Nov 2023 07:49:36 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs5OnpVeW5cphI6acDmxubOleeQ%2B4U9BKRJyarD6xnQjkTN0d0NeyZaoqmYe9%2B%2BojGb5rDtIcRANXDxNIRH9ZwtHtim9HTqjWE4W%2Bb%2FTFX68rO4lSVRMkkIotdtoHfG3fNOk4gn%2F"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82aa5837cd494408-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ee3b47153fa12aa7de01b4eccfdc747f5be7c315804ebb9f1f7bd6ea55e2340

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 045b6bc71bdea1865aa633013e990099200473acb01fe6d0025690a65e88e29d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 JdaFhpS.png
iili.io/ 43 KB
43 KB 31ms
28ms Image
image/png 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/JdaFhpS.png
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a2890dd8c11a3313aa5b320cf6cb0a9d847cc0a7d6393cb31dbc082af152c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697730
alt-svc: h3=":443"; ma=86400
content-length: 44090
last-modified: Sat, 30 Sep 2023 10:31:35 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGnOqeP4VxMdFzR2ToOIHCJSuoLZTS876V9V69sfLypSKwmfasFgRma0rwrs7Ovho6ws46gr%2FOR7OabhOOTRWBp6pd71RgSoJYTbn%2FgwIWDWMxAJKUu74VZBsa1kOuX%2BfqaGnO6M"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82aa5838ae264408-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JqJ36Bt.webp
iili.io/ 120 KB
120 KB 46ms
44ms Image
image/webp 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/JqJ36Bt.webp
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebfc23fe1151cb0f188b4e74a5e88d510e91ce8d058beccfed9804c993385bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 969026
alt-svc: h3=":443"; ma=86400
content-length: 122720
last-modified: Thu, 02 Nov 2023 08:54:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziC8WrNtS1CIoyKiSXOuUMR0tulyL5ItmSYvqPyJstuXT1QgWAvjHybIBs9tv059JSOk6esElNYUbkaA0hfsVNUA6y7GR%2B4qHTCO1io7LvGjM5%2BXzQD2%2Boindf7F%2F6ZN5jtU6oHL"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82aa5838ce414408-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-KUNING-8.png
i.postimg.cc/rs929F6x/ 5 KB
5 KB 543ms
177ms Image
image/png 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/rs929F6x/icon-KUNING-8.png
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: 95a6d9679b9ecc2a3e4f1db4f8898992dc9c7f8bee71e8728cf359f712f35e24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:26 GMT
last-modified: Sat, 17 Sep 2022 09:01:58 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-KUNING-login.png
i.postimg.cc/vT64BGw2/ 5 KB
5 KB 543ms
177ms Image
image/png 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vT64BGw2/icon-KUNING-login.png
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: 77086ba810f3de48b4968e4da0d9183c192f8be9161e70293c6336de0efb8e0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:26 GMT
last-modified: Mon, 19 Sep 2022 09:13:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5293
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-KUNING-18.png
i.postimg.cc/8cdNnmvF/ 6 KB
6 KB 542ms
177ms Image
image/png 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/8cdNnmvF/icon-KUNING-18.png
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: 013bc82d8c4b738f5e65593269792ec2d9b67de4446c151d56bffd5a7450797f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:26 GMT
last-modified: Sat, 17 Sep 2022 09:01:58 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6209
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-KUNING-11.png
i.postimg.cc/d1rYLj4W/ 5 KB
6 KB 541ms
176ms Image
image/png 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/d1rYLj4W/icon-KUNING-11.png
Requested by: Host: 165.22.105.116
URL: https://165.22.105.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: d8ce368afe48ba8e68e1e9648db18f1a1b1c8fffe91cb7beadbf7b4a46ab1043

Request headers

accept-language: en-US,en;q=0.9
Referer: https://165.22.105.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:11:26 GMT
last-modified: Sat, 17 Sep 2022 09:01:58 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5519
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 8 KB
4 KB 112ms
30ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://165.22.105.116/
Origin: https://165.22.105.116
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Nov 2023 21:07:01 GMT
age: 151464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "ebb1be4e47c7faed"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Nov 2024 21:07:01 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310301456000/v0/ 12 KB
4 KB 111ms
32ms Script
text/javascript 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://165.22.105.116/
Origin: https://165.22.105.116
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Nov 2023 09:12:38 GMT
age: 107927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "3c281510b2fc8bce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Nov 2024 09:12:38 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
daftarrajabandot.com
i.postimg.cc
iili.io
162.19.61.80
165.22.105.116
2606:4700:3033::6815:48e2
2606:4700:3038::6815:eb46
2607:f8b0:4006:807::2001
013bc82d8c4b738f5e65593269792ec2d9b67de4446c151d56bffd5a7450797f
01a2890dd8c11a3313aa5b320cf6cb0a9d847cc0a7d6393cb31dbc082af152c7
045b6bc71bdea1865aa633013e990099200473acb01fe6d0025690a65e88e29d
0ebfc23fe1151cb0f188b4e74a5e88d510e91ce8d058beccfed9804c993385bd
0ee3b47153fa12aa7de01b4eccfdc747f5be7c315804ebb9f1f7bd6ea55e2340
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
2398c290df4fb448137c4c566f9284814c029f08f5ec3614a536a18d355500d5
42261af02d44d3a03b62c34377a307d67d6eeb6d1bf9b6ae86786114c0174a91
42a46f5522cac317c89ac857f39d89538791abed41ccf6a97703306951080008
6b4caba1632ee87c41c4af00f053108b1930cca2f33f249b2e4587e86338ab83
77086ba810f3de48b4968e4da0d9183c192f8be9161e70293c6336de0efb8e0d
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
95a6d9679b9ecc2a3e4f1db4f8898992dc9c7f8bee71e8728cf359f712f35e24
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
d8ce368afe48ba8e68e1e9648db18f1a1b1c8fffe91cb7beadbf7b4a46ab1043
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8

165.22.105.116 Open in urlscan Pro 165.22.105.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

60 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

832 kBTransfer

1096 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

Indicators

165.22.105.116 Open in urlscan Pro
165.22.105.116 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

832 kB
Transfer

1096 kB
Size

0
Cookies

13 HTTP transactions
4 data transactions