urlscan.io logo urlscan.io
SecurityTrails logo

www.transaction.theoregons.biz.id Open in urlscan Pro
103.163.138.101  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.transaction.theoregons.biz.id/
Submission: On January 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 103.163.138.101, located in Indonesia and belongs to BEON-AS-ID PT. Beon Intermedia, ID. The main domain is www.transaction.theoregons.biz.id.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.
This is the only time www.transaction.theoregons.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.163.138.101 55688 (BEON-AS-I...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 45.13.255.247 47583 (AS-HOSTINGER)
1 2a04:4e42:200... 54113 (FASTLY)
6 4
Apex Domain
Subdomains		 Transfer
2 artiknesia.com
artiknesia.com
370 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
57 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 theoregons.biz.id
www.transaction.theoregons.biz.id
2 KB
6 4
Domain Requested by
2 artiknesia.com www.transaction.theoregons.biz.id
2 cdn.jsdelivr.net www.transaction.theoregons.biz.id
1 code.jquery.com www.transaction.theoregons.biz.id
1 www.transaction.theoregons.biz.id
6 4

This site contains links to these domains. Also see Links.

Domain
artiknesia.com
Subject Issuer Validity Valid
transaction.theoregons.biz.id
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.artiknesia.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.transaction.theoregons.biz.id/
Frame ID: 9ED5507E508EB413B5FD5ABB25F94779
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Artiknesia

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

459 kB
Transfer

766 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.transaction.theoregons.biz.id/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.transaction.theoregons.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.163.138.101 , Indonesia, ASN55688 (BEON-AS-ID PT. Beon Intermedia, ID),
Reverse DNS
willow.jagoanhosting.com
Software
JagoanHosting /
Resource Hash
acee22d958eb63376e1a1319275c40c30aca325016834d2f71a128625e716be9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Jan 2024 12:26:57 GMT
server
JagoanHosting
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: www.transaction.theoregons.biz.id
URL: https://www.transaction.theoregons.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.transaction.theoregons.biz.id/
Origin
https://www.transaction.theoregons.biz.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 12:26:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
506925
x-jsd-version
5.3.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220083-FRA, cache-lga21945-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XCtYhz3dSgTWtmFKBPbSSO9havjHhFf51uupYpC2HTkrY8MkkKev6gFwGwk39yuxcT5fQo5UmIPanF4bSGpMwq7BQGiNOnyVNxNrszYzRAPoPuJLa1aaMkBbJY%2FvHVj21m3fuVZ9ZON41szN1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8466599478229b67-FRA
24-600x424.png
artiknesia.com/wp-content/uploads/2023/05/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://artiknesia.com/wp-content/uploads/2023/05/24-600x424.png
Requested by
Host: www.transaction.theoregons.biz.id
URL: https://www.transaction.theoregons.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.13.255.247 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv77.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
85c65d3ddcbd06925a8a451bf111f66ca68b6380ed7a104649f037e220e171bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.transaction.theoregons.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 12:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 23 May 2023 07:29:13 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
121443
x-xss-protection
1; mode=block
expires
Tue, 23 Jan 2024 12:26:59 GMT
Say-Cheese-MU-1-600x424.png
artiknesia.com/wp-content/uploads/2023/10/ 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://artiknesia.com/wp-content/uploads/2023/10/Say-Cheese-MU-1-600x424.png
Requested by
Host: www.transaction.theoregons.biz.id
URL: https://www.transaction.theoregons.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.13.255.247 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv77.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
f2707e6b390049320c8ef93d4c316d0d41d7b2d484884d39aeb61b4507b51986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.transaction.theoregons.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 12:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 17 Oct 2023 16:20:57 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
256416
x-xss-protection
1; mode=block
expires
Tue, 23 Jan 2024 12:26:59 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.transaction.theoregons.biz.id
URL: https://www.transaction.theoregons.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.transaction.theoregons.biz.id/
Origin
https://www.transaction.theoregons.biz.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 12:26:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6604955
x-jsd-version
5.3.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230099-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjUKqfwZ%2FkdoVzydT3FDwbiJlJXpDDAdnFvIYNj72g3enW9yL%2FchVfWaz%2FjrRWDorLrEoqFgQisKvm%2BUZEdeeHVSo8B6GMx58Szk3vwCE3ANkAXK7u9lvOlrwRzs6x1nam72WNN02WTCbI5oBVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8466599478269b67-FRA
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: www.transaction.theoregons.biz.id
URL: https://www.transaction.theoregons.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://www.transaction.theoregons.biz.id/
Origin
https://www.transaction.theoregons.biz.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 12:26:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10209345
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-fra-etou8220111-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705408019.635661,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 27716

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
www.transaction.theoregons.biz.id/ Name: XSRF-TOKEN
Value: eyJpdiI6IjJWNFE5Si81UkJzZXE1V2xDK1EwbUE9PSIsInZhbHVlIjoiQ2xJMnpyK3UyQlhKcVNGK3pyME1ZbUJwb0lFVThUdXgrdkdLaTVEY1k0Q082QVcwVEpSWGJYK1JOU3k3dXZRSTc2bWlLdGkwNGFUU3loa0xKZlZTTEdhSy9QTktSd3V0bDR2NTltdzlUZlFWVXk4aTB4S21DSDhhbC9hVEkwcG0iLCJtYWMiOiJjM2JkYWZiZDdmNTMzY2U2YjUxZWRhZWU3MWEyNmUyZDllMmY2NWRmZmZjYzNhYjE4NDRjNjFlZDEwMDI5OWRlIiwidGFnIjoiIn0%3D
www.transaction.theoregons.biz.id/ Name: laravel_session
Value: eyJpdiI6IjFoTldaZzhxcmtVS29XTkp3dUpTYmc9PSIsInZhbHVlIjoiWTdUbVl3dDNKT1dIOVRZc3RXUWg4SmFZUWNwckcvai9UUldsd29xZkhUeDlaN0drQjFkN1RRdmJOb2NqWmZZRWZFckhLVldiRWxUL3VwclV1bk9wS0FhTmV4YjlUbEdDTlN5N2Y1aW1JYWtMbFFmSExldFltbFRPU0FIazYzZk8iLCJtYWMiOiI0YWNjZTJhOGY5NGNlMWFlODc0ZGU1YjE5MTM5MzVjNjcyMmVhYjE4YWU2M2Q5MDEyMDg3NDg3ZTMzYzQzODE1IiwidGFnIjoiIn0%3D