xn--ok0bu30cba.online Open in urlscan Pro Puny
전기전.online IDN
143.95.73.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn--138-jg1nq14h.com/
Effective URL:
https://xn--ok0bu30cba.online/
Submission: On October 26 via api (October 26th 2023, 1:06:16 am UTC) from US — Scanned from US

Summary HTTP 12 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 8 domains to perform 12 HTTP transactions. The main IP is 143.95.73.224, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is xn--ok0bu30cba.online.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 11th 2023. Valid for: 3 months.

This is the only time xn--ok0bu30cba.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:8d63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::6815:2803	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.95.73.224 143.95.73.224	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	146.75.36.193 146.75.36.193	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3037::6815:974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:867b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3038::6815:eb46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	6

1 2606:4700:3031::ac43:8d63 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--138-jg1nq14h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2803 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--ok0bu30c4fh.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.95.73.224 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: ip-143-95-73-224.iplocal

xn--ok0bu30cba.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:974 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--138-yg9l964hzzm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:867b (United States)

ASN13335 (CLOUDFLARENET, US)

petarung138go.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3038::6815:eb46 (United States)

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	iili.io iili.io — Cisco Umbrella Rank: 47896	95 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	82 KB
1	petarung138go.org petarung138go.org
1	xn--138-yg9l964hzzm.com 1 redirects xn--138-yg9l964hzzm.com	498 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7529	217 KB
1	xn--ok0bu30cba.online xn--ok0bu30cba.online	6 KB
1	xn--ok0bu30c4fh.online 1 redirects xn--ok0bu30c4fh.online	456 B
1	xn--138-jg1nq14h.com 1 redirects xn--138-jg1nq14h.com	465 B
12	8

	Domain	Requested by
5	iili.io	xn--ok0bu30cba.online
4	cdn.ampproject.org	xn--ok0bu30cba.online cdn.ampproject.org
1	petarung138go.org	xn--ok0bu30cba.online
1	xn--138-yg9l964hzzm.com	1 redirects
1	i.imgur.com	xn--ok0bu30cba.online
1	xn--ok0bu30cba.online
1	xn--ok0bu30c4fh.online	1 redirects
1	xn--138-jg1nq14h.com	1 redirects
12	8

This site contains links to these domains. Also see Links.

Domain
petarung138.org
api.whatsapp.com
direct.lc.chat

Subject Issuer	Validity	Valid
xn--ok0bu30cba.online ZeroSSL RSA Domain Secure Site CA	`2023-10-11` - `2024-01-09`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
iili.io E1	`2023-10-08` - `2024-01-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xn--ok0bu30cba.online/
Frame ID: 15912E56A2313C7759F5731AD402C5EE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petarung138 : Situs Game Slot Online Gacor dan Bandar Togel Online Terpercaya

Page URL History Show full URLs

https://xn--138-jg1nq14h.com/ HTTP 301
https://xn--ok0bu30c4fh.online/ HTTP 301
https://xn--ok0bu30cba.online/ Page URL

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

12
Requests

92 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

6
IPs

1
Countries

400 kB
Transfer

631 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://petarung138.org/
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6283135500115
Title: WHATSAPP

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/16141026/
Title: LIVECHAT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--138-jg1nq14h.com/ HTTP 301
https://xn--ok0bu30c4fh.online/ HTTP 301
https://xn--ok0bu30cba.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://xn--138-yg9l964hzzm.com/images/logoweb.png HTTP 301
https://petarung138go.org/images/logoweb.png

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xn--ok0bu30cba.online/
Redirect Chain

https://xn--138-jg1nq14h.com/
https://xn--ok0bu30c4fh.online/
https://xn--ok0bu30cba.online/

17 KB
6 KB

336ms
125ms

Document
text/html

143.95.73.224
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--ok0bu30cba.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.95.73.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: ip-143-95-73-224.iplocal
Software: Apache /
Resource Hash: 0562dd5e0e67543732af32989e1b3cb00067606ae605fc0604626cb2874a498f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 6114
content-type: text/html
date: Thu, 26 Oct 2023 01:06:09 GMT
last-modified: Tue, 17 Oct 2023 05:25:47 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81becb86ef904bcf-BUF
content-type: text/html; charset=iso-8859-1
date: Thu, 26 Oct 2023 01:06:09 GMT
location: https://xn--ok0bu30cba.online/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52kt5AYk4v3PW2jLGJGeJURI%2FcgWDH1ZLtT19oWxOeEOGTGVQhK%2B8MZ33wguDIgMPdlGL4mufv5TUa5xCx1PYl9xm9WxYv5wPcNWGzFBl%2B64gQe50wJb4sijjFX0kXeU0NSr0g%2BGTFDJilMFzhSlGrCrM9Td"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ulpmwGo.jpg
i.imgur.com/ 217 KB
217 KB 127ms
36ms Image
image/jpeg 146.75.36.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ulpmwGo.jpg

Requested by

Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

52e4243ea1df42b27ece8f40f7f3c6d0e7deec51f06645774944cc456e1e1477

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:06:09 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-C1
age: 1180171
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 222153
x-served-by: cache-iad-kcgs7200113-IAD
last-modified: Wed, 20 Sep 2023 22:49:36 GMT
server: cat factory 1.0
x-timer: S1698282370.624621,VS0,VE2
etag: "be3dcf9a8eb2676951e9874e7c728c66"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: RQI2XMu8sV73C_6CNnRoXEJOR2h6gnxe0hozBm92XvR3czhF2oX3OA==
x-cache-hits: 1

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
71 KB 121ms
54ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 26 Oct 2023 01:06:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73031
x-xss-protection: 0
server: sffe
etag: "aa4f775a8c339659"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 01:06:09 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 80ms
40ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c6229d3f588fab3903ada7ee094e20d32f21b0fcde7983daf6807bff8e4618a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 26 Oct 2023 01:06:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2469
x-xss-protection: 0
server: sffe
etag: "62c954107acf2f68"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Oct 2023 01:06:09 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2

404

logoweb.png
petarung138go.org/images/
Redirect Chain

https://xn--138-yg9l964hzzm.com/images/logoweb.png
https://petarung138go.org/images/logoweb.png

0
0

271ms
181ms

Image
text/html

2606:4700:3033::ac43:867b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://petarung138go.org/images/logoweb.png
Requested by: Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/
Protocol: H2
Server: 2606:4700:3033::ac43:867b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date: Thu, 26 Oct 2023 01:06:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBgqVkCaHJ38M3%2BRbCUkvcgykqneDZBpGamrYuhP2vJ0nf388W%2FSSv9cAEz2aCfWkJ6l6CVHJr0RF1MEcWF0ZH5FjRlMmXp%2BSnDUZCJyBEmjHhK%2FonqgMBFcbhQDT4FhD7UbqQ3aVa86ZLFFbvOtok%2BeNt86yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://petarung138go.org/images/logoweb.png
cache-control: max-age=14400
cf-ray: 81becb8bcb504bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 Hoy3wj2.webp
iili.io/ 564 B
1 KB 423ms
302ms Image
image/webp 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/Hoy3wj2.webp
Requested by: Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07c2ec43af232fcc8bb75cc7d8cc17e20807c37e65a3192b30a981e59d8a379

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:06:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 564
last-modified: Sat, 17 Dec 2022 01:30:51 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OplbGUHRvDw%2FaaFGDKYvLltecuedXCEiTYMzlbuTqCHLOPM%2BDYzObXg2h9ZnAukv2yKhl8TpSwZjrdAyIvTxYEqUwOSsaJ2DtjgxioOLRbF9uz1dGTcW18jQIkb2Gv3nPJdf2MRZ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 81becb8bcb814bc3-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HznzV49.webp
iili.io/ 490 B
787 B 452ms
331ms Image
image/webp 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/HznzV49.webp
Requested by: Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1696b3a66a20ea7308dded5d15eda90a78a88dbef3385fad81fd358b0a1b9c88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:06:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 490
last-modified: Wed, 21 Dec 2022 03:56:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDeYqbJ0vUxj7cc8uQsf3Yo8mNTo5ENPoqosMBJB8Lb1KLwapPSS2BTdeRP2Ovk6mM0zq75JgjwIIf9gbwhNlwvatO9fEubUVy7ZsC0wcxC%2Fn8aq7KllatHMi%2FRUcc6mzz0owKRA"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 81becb8bcb834bc3-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HuifFqb.gif
iili.io/ 72 KB
72 KB 707ms
587ms Image
image/gif 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/HuifFqb.gif
Requested by: Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5eb582057157890a59c8906d651e4c75fc5851c34d6d4f87b879486dd49ffa5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:06:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 73623
last-modified: Mon, 02 Jan 2023 19:12:07 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8HIoIhgO37eGdHtlL3iA3%2B7TW1ydxpa%2B4tNil%2F5m5L%2FlPOlwyg1%2BbgWAT8BSS3SbkHoRuhehMePOGSTiUBw8gHpvqni34zWL4Gm7rq4wNBdljmpWXbioKR1z3POw%2FXi18WF7Mff"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 81becb8bcb804bc3-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HAhXoCv.png
iili.io/ 19 KB
20 KB 519ms
399ms Image
image/png 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/HAhXoCv.png
Requested by: Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842d17e49864d3afa0ee77f42f6a540e56c0920bfb1c59ec7909255adf9c146c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:06:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19796
last-modified: Wed, 04 Jan 2023 13:05:51 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Emiua41eQj6MBjaK0Zkd5rVmErT8GEMQre%2BLrMkyGRNlJQCUyCE4V3luDAvdb3FGn6f%2Bzn%2BOKVM3fORbBPOoNnJPIAzA8Pt9d4l7gQCWdnHFq2MGAqqibOYctbxvwQU03a7LN7Kg"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 81becb8bcb844bc3-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hoy3UYb.webp
iili.io/ 440 B
738 B 450ms
330ms Image
image/webp 2606:4700:3038::6815:eb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/Hoy3UYb.webp
Requested by: Host: xn--ok0bu30cba.online
URL: https://xn--ok0bu30cba.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f7ad96a0c7782fcbef63b22ec47411251352f08c4fe0f838c076458dd296cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn--ok0bu30cba.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:06:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 440
last-modified: Sat, 17 Dec 2022 01:31:55 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZnfxbWJNqiKab2WRxumiQGM3ILzGoyMMhylJnJRn1KGB0ApaGs5SxUJKTcuPrNLlNSh9dIcOyKULmetTzTXMRN8X9noRMd1qDJrL6Z5xeBH6xNVebabm%2FQhUoFa46rLVOPIFiyv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 81becb8bcb824bc3-BUF
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 8 KB
3 KB 101ms
36ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--ok0bu30cba.online/
Origin: https://xn--ok0bu30cba.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 24 Oct 2023 18:02:56 GMT
age: 111793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: sffe
etag: "d3318576b6061a39"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Oct 2024 18:02:56 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012310111731000/v0/ 12 KB
4 KB 55ms
29ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310111731000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--ok0bu30cba.online/
Origin: https://xn--ok0bu30cba.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 24 Oct 2023 18:02:56 GMT
age: 111793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3951
x-xss-protection: 0
server: sffe
etag: "e11a2f49b1f47e4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Oct 2024 18:02:56 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://petarung138go.org/images/logoweb.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
i.imgur.com
iili.io
petarung138go.org
xn--138-jg1nq14h.com
xn--138-yg9l964hzzm.com
xn--ok0bu30c4fh.online
xn--ok0bu30cba.online
143.95.73.224
146.75.36.193
2606:4700:3031::6815:2803
2606:4700:3031::ac43:8d63
2606:4700:3033::ac43:867b
2606:4700:3037::6815:974
2606:4700:3038::6815:eb46
2607:f8b0:4006:81e::2001
0562dd5e0e67543732af32989e1b3cb00067606ae605fc0604626cb2874a498f
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
1696b3a66a20ea7308dded5d15eda90a78a88dbef3385fad81fd358b0a1b9c88
1c6229d3f588fab3903ada7ee094e20d32f21b0fcde7983daf6807bff8e4618a
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
52e4243ea1df42b27ece8f40f7f3c6d0e7deec51f06645774944cc456e1e1477
56f7ad96a0c7782fcbef63b22ec47411251352f08c4fe0f838c076458dd296cb
842d17e49864d3afa0ee77f42f6a540e56c0920bfb1c59ec7909255adf9c146c
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
c07c2ec43af232fcc8bb75cc7d8cc17e20807c37e65a3192b30a981e59d8a379
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb582057157890a59c8906d651e4c75fc5851c34d6d4f87b879486dd49ffa5
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

xn--ok0bu30cba.online Open in urlscan Pro Puny 전기전.online IDN 143.95.73.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

75 %IPv6

8 Domains

8 Subdomains

6 IPs

1 Countries

400 kBTransfer

631 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

xn--ok0bu30cba.online Open in urlscan Pro Puny
전기전.online IDN
143.95.73.224 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

6
IPs

1
Countries

400 kB
Transfer

631 kB
Size

0
Cookies

12 HTTP transactions
1 data transactions