promosi.prediksigandatoto.xyz Open in urlscan Pro
2606:4700:3037::ac43:bbf6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promosi.prediksigandatoto.xyz/
Submission: On October 29 via api (October 29th 2024, 2:09:55 pm UTC) from US — Scanned from CA

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3037::ac43:bbf6, located in United States and belongs to CLOUDFLARENET, US. The main domain is promosi.prediksigandatoto.xyz.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time promosi.prediksigandatoto.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3037::ac43:bbf6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::84	15169 (GOOGLE) (GOOGLE)
9	2606:4700:440... 2606:4700:4400::6812:2ae3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	4

6 2606:4700:3037::ac43:bbf6 (United States)

ASN13335 (CLOUDFLARENET, US)

promosi.prediksigandatoto.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::6812:2ae3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.stargroup99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	stargroup99.com cdn.stargroup99.com	9 MB
6	prediksigandatoto.xyz promosi.prediksigandatoto.xyz	48 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10512	4 MB
0	cloudflare.com Failed cdnjs.cloudflare.com Failed
17	4

	Domain	Requested by
9	cdn.stargroup99.com	promosi.prediksigandatoto.xyz
6	promosi.prediksigandatoto.xyz	promosi.prediksigandatoto.xyz
1	blogger.googleusercontent.com	promosi.prediksigandatoto.xyz
0	cdnjs.cloudflare.com Failed	promosi.prediksigandatoto.xyz
17	4

This site contains no links.

Subject Issuer	Validity	Valid
prediksigandatoto.xyz WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
stargroup99.com E6	`2024-10-20` - `2025-01-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://promosi.prediksigandatoto.xyz/
Frame ID: 8475082BEBC8EC4349CA63F85B40F83A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PROMOSI TOGEL

Detected technologies

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">
/particles(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

12789 kB
Transfer

12874 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
promosi.prediksigandatoto.xyz/ 23 KB
6 KB 852ms
561ms Document
text/html 2606:4700:3037::ac43:bbf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promosi.prediksigandatoto.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bbf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.30
Resource Hash: 5f702c6fd5676cfb149fbf49bfeaec8e6a4939183a27caf500b9c7cfd3a7bb88

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da3bec89ba0431b-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Oct 2024 14:09:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2B5%2B%2Bo0yFu2MC2Tm25So60BdTWBeLKy75kK7iqRI1UQ2ECV213p1TdoKk39GXnD7gJKpVnjnYwTXML56P94UnvMO%2F%2FfVBM4LqXFlIJKIxXNxywuIzHWikZ99XSNDcKN3gBJMz%2BEY76%2FMw3bZa6dU8KZKIHLn4OHNF58ZdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=92125&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4190&recv_bytes=4435&delivery_rate=211&cwnd=12000&unsent_bytes=0&cid=3080ea597881f014&ts=605&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.1.30
x-turbo-charged-by: LiteSpeed

GET
H3 200 styleeditor.css
promosi.prediksigandatoto.xyz/ 24 KB
4 KB 284ms
283ms Stylesheet
text/css 2606:4700:3037::ac43:bbf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promosi.prediksigandatoto.xyz/styleeditor.css
Requested by: Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bbf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62020ca38fc19e66243760a2422615a578da725c308a73c5c263c835ca2dc623

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQkZ32ODzGnq3goldx2clpV%2BEx19jsUlhgDwNl%2FDsrsUd6oGVR8PwSQIwzJ3J87KDINQIurglYO%2Bvuc26Oox%2FN1dtF0oPRoDRF6hVm1zQpqK9O4h0U%2Bkf5RFSe7co9nYkdLJib6t3Yu%2FUOiInCJfVYOdsphU70BQm97Oug%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3becc2f75431b-EWR
expires: Tue, 05 Nov 2024 14:09:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=86102&sent=25&recv=15&lost=0&retrans=0&sent_bytes=14663&recv_bytes=5208&delivery_rate=87391&cwnd=12000&unsent_bytes=0&cid=3080ea597881f014&ts=821&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 14:09:47 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
last-modified: Thu, 24 Oct 2024 13:38:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gandatoto%20(1).gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4tzutVl3W2cGk2kWz2YW2c8FQVUBVJmkJOkhyYofmOH95mEGzyNF5JsHwnmlr0LdIHjugnVSr-BjWuPUNl2PDZalwU4PD13z6UUZM2SuQIUlGOI_yBOfYDmXm8q9OqRRiWhe_K4ETLrmIcdNV... 4 MB
4 MB 641ms
329ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4tzutVl3W2cGk2kWz2YW2c8FQVUBVJmkJOkhyYofmOH95mEGzyNF5JsHwnmlr0LdIHjugnVSr-BjWuPUNl2PDZalwU4PD13z6UUZM2SuQIUlGOI_yBOfYDmXm8q9OqRRiWhe_K4ETLrmIcdNVLb7BzSMRznXZF5jk7SFnEk4J0eiZcGZLbei7gFoIJlDg/s840/gandatoto%20(1).gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3f219295ec107a89b4301785e3bab925fc7a8c53847e31ad3d36fc689beb7bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v6e7"
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 14:09:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4045209
date: Tue, 29 Oct 2024 14:09:47 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="gandatoto (1).gif"

GET
H2 200 newpromosi_01.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 735 KB
736 KB 1410ms
1051ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_01.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c663a0f7a3de04172e7426196fa335b30f9a54246f51f504ddf8ae92aedabb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "a3c6fbd6c8e40609bcde60a10c3da89d"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:48 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000003e8b6c946cde23e0-00670a4e97-3f4360c5-sgp1b
cf-ray: 8da3bece68f5c45e-EWR
accept-ranges: bytes
content-length: 752180
server: cloudflare

GET
H2 200 newpromosi_02.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 981 KB
982 KB 1345ms
1011ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_02.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf1a07b6840213865021eec754fa51d846364c37c8aa12063f014887cb20418f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "53bd2392404672dfa32da65084b2a0b2"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:48 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx0000051802a99a4da3710-0066fe139e-3f435739-sgp1b
cf-ray: 8da3bece6904c45e-EWR
accept-ranges: bytes
content-length: 1004477
server: cloudflare

GET
H2 200 newpromosi_03.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 823 KB
825 KB 1385ms
1052ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_03.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559cba16a67baab08dc64ed7777b8f69b7afd9362c13c2ab1d0be04b422f7c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "912d8d38cbaea10f2210feddbbe02dbd"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000000ab0a9107d949ce2-00670a4e97-3f437eef-sgp1b
cf-ray: 8da3bece6902c45e-EWR
accept-ranges: bytes
content-length: 843207
server: cloudflare

GET
H2 200 newpromosi_04.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 1 MB
1 MB 1344ms
1011ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_04.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8685dfac5c0118265c23fc13e104ae2eade4aa15828d31116ccd9613999ca756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "8b7767310f3626701b1d034d838a806c"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000003f00a9d90d1c294b-00670a4e97-3f437eef-sgp1b
cf-ray: 8da3bece68f7c45e-EWR
accept-ranges: bytes
content-length: 1278839
server: cloudflare

GET
H2 200 newpromosi_05.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 859 KB
860 KB 1632ms
1299ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_05.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

740f8a35d17f2c6b12e8bb792d4976ebefad2541c4942982c92feb3e675ead98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "56b1dab82f9070a6826846e9b09c0cba"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:46 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000000e00f5e78a1cdb6e-00671ae542-3f435739-sgp1b
cf-ray: 8da3bece68fec45e-EWR
accept-ranges: bytes
content-length: 879634
server: cloudflare

GET
H2 200 newpromosi_06.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 1 MB
1 MB 990ms
658ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_06.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3298792f97b43c61f7488994dbf7c59597455a19dd76a5bbcf955c3787792100

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "18c941efb93d597192e4ca7cb9a8e841"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx0000031621283f5d39c1b-0066eafdcd-3cc88ff8-sgp1b
cf-ray: 8da3bece68fbc45e-EWR
accept-ranges: bytes
content-length: 1376723
server: cloudflare

GET
H2 200 newpromosi_07.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 1 MB
1 MB 1259ms
1213ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_07.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fb3f1537503be778f49f984776f23cd1153db1808ab6913ebcef7ec46ffea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "7fa7c12f0aeac53c9bd7756b9e1fcd5a"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx00000a82693e858d932ba-00670a4e97-3f43260d-sgp1b
cf-ray: 8da3bece6907c45e-EWR
accept-ranges: bytes
content-length: 1425427
server: cloudflare

GET
H2 200 newpromosi_08.gif
cdn.stargroup99.com/gandatoto/promosigandatoto/promo/ 474 KB
475 KB 1943ms
1896ms Image
image/gif 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/promosigandatoto/promo/newpromosi_08.gif

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3055f488efdfa58ac63787eddc2acced0522451e48ea911dcea55b96111828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status: HIT
etag: "eb79d68674c37cbefe1560e806d91dcc"
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/gif
last-modified: Wed, 18 Sep 2024 16:19:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx000004cea31ec133f87b5-0066eafdd6-3cc9161a-sgp1b
cf-ray: 8da3becec957c45e-EWR
accept-ranges: bytes
content-length: 485412
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
promosi.prediksigandatoto.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 222ms
222ms Script
application/javascript 2606:4700:3037::ac43:bbf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promosi.prediksigandatoto.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bbf6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67180f7e-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ysh1bzslfLUk5ZD41tKU0plteVXi4fM2h9X2foqUco%2B2lpmkRQwt3hySXQSvFGI8K9jmw7XHJGbB25YhJ%2FdgLamzRhUrqQUPj87%2F20oxtnYyYWf%2BO4vCAWTGRc%2B0k3k5rY4AKwah0IcHpv5Isd5dsLBuo8vEXaM%2FrgsFoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8da3becc5fa6431b-EWR
expires: Thu, 31 Oct 2024 14:09:46 GMT
date: Tue, 29 Oct 2024 14:09:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 20:47:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 particles.js Show response
promosi.prediksigandatoto.xyz/ 3 KB
1 KB 259ms
257ms Script
text/javascript 2606:4700:3037::ac43:bbf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promosi.prediksigandatoto.xyz/particles.js
Requested by: Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bbf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980163672d682a88bc0f4f70f3218048fae4929f60706c8027e119dd676d4790

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

cache-control: max-age=1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59m9X0xLTj0YY5oE5ZBmquEgN1qoBfPbWfKPfL%2Fgc4o8D38bRihRx9Ko6mVt2oylxncbrOcn1mj%2B1Q3S3VtDsUiC8DIYGNPijOi5THp2iVzH%2By1LJ58oDjbMao4QPF7gncMCVPbj1dVQy1CxMHBVc9Xaz7k3uEem3r%2BbkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3bece19b5431b-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=126903&sent=30&recv=21&lost=0&retrans=0&sent_bytes=18788&recv_bytes=6002&delivery_rate=34639&cwnd=12000&unsent_bytes=0&cid=3080ea597881f014&ts=1175&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 14:09:47 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 24 Oct 2024 13:38:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery-3.7.0.min.js Show response
promosi.prediksigandatoto.xyz/ 85 KB
31 KB 313ms
311ms Script
text/javascript 2606:4700:3037::ac43:bbf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promosi.prediksigandatoto.xyz/jquery-3.7.0.min.js
Requested by: Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bbf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646be94d8c530951d009c8553231592b098e8708da86fbf13019cde550148742

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

cache-control: max-age=1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcXQYs9S%2BFf0%2BrJrPrEmGctEYUkHCMZ8ytriEk9xE%2F0I9bhHR8KoBLtQ%2FVHRTn38WF81VJrwJot70E7sCUfCGwlIHM8f5epZC6LTEzr%2BIRqYEntdN4ycdApfhLmdHIOYafnzPUDunYF1k%2FngPzVFpXQH5XUuU6CQsXxk4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3bece19b7431b-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=126903&sent=32&recv=21&lost=0&retrans=0&sent_bytes=20252&recv_bytes=6002&delivery_rate=34639&cwnd=12000&unsent_bytes=0&cid=3080ea597881f014&ts=1183&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 14:09:47 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 24 Oct 2024 13:38:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bacground.jpg
cdn.stargroup99.com/gandatoto/background/ 918 KB
920 KB 181ms
134ms Image
image/jpeg 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.stargroup99.com/gandatoto/background/bacground.jpg

Requested by

Host: promosi.prediksigandatoto.xyz
URL: https://promosi.prediksigandatoto.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56e82d3bf3bd9df74b9426c878d16b655cde127058cd8ae1d3d7929f3a27749

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-bgj: h2pri
etag: "e44de2943bc01ce36aad6adda88b0206"
cf-cache-status: HIT
date: Tue, 29 Oct 2024 14:09:47 GMT
x-rgw-object-type: Normal
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:47:42 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: b8917759-d016-48cc-ba25-80061bae9cd0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=3600
x-amz-request-id: tx00000d699005b536c598f-0066ec47c3-3cc900c0-sgp1b
cf-ray: 8da3bece68f2c45e-EWR
accept-ranges: bytes
content-length: 940090
server: cloudflare

GET particles.min.js
cdnjs.cloudflare.com/ajax/libs/particles.js/2.0.0/ 0
0

GET
H3 404 favicon.ico
promosi.prediksigandatoto.xyz/ 1 KB
1 KB 190ms
190ms Other
text/html 2606:4700:3037::ac43:bbf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promosi.prediksigandatoto.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bbf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://promosi.prediksigandatoto.xyz/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: BYPASS
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaehquvdwSkWVQ6G%2BUx%2FJ3AHgrnc1GINkwSg9pvDkhS6MDw25V4544Gb4sp%2BvTNc4WU%2BFNLACYiomxZu78gKGA1hDTu%2F5bAn%2F%2BZn%2BBekXqK%2BHmEQ2%2BFllyOHYFuUGlqGS35LUn1opLXWipdhy%2FwVUw74ES0E3wW97s7BcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8da3bedc39c8431b-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=256395&sent=62&recv=39&lost=0&retrans=0&sent_bytes=53090&recv_bytes=7100&delivery_rate=65002&cwnd=23100&unsent_bytes=0&cid=3080ea597881f014&ts=3394&x=1", cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 14:09:49 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/html
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/particles.js/2.0.0/particles.min.js?_=1730210989442

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cdn.stargroup99.com/	1970-01-21 00:36:52	Name: __cf_bm Value: aeRF5yyMp7v1KN.pCDqkb5qasdjYF_WJHcs.pEGZQ80-1730210987-1.0.1.1-6MSm2ozF8p_N9YDALWCwPk8JoTBH.HRGsETVfK0veCatiGI5BL6uayMumU5f0hzZZFsE6aMmdqea3JLiJD1G0w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://promosi.prediksigandatoto.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
cdn.stargroup99.com
cdnjs.cloudflare.com
promosi.prediksigandatoto.xyz
cdnjs.cloudflare.com
2606:4700:3037::ac43:bbf6
2606:4700:4400::6812:2ae3
2607:f8b0:4004:c1f::84
2c663a0f7a3de04172e7426196fa335b30f9a54246f51f504ddf8ae92aedabb4
3298792f97b43c61f7488994dbf7c59597455a19dd76a5bbcf955c3787792100
3f219295ec107a89b4301785e3bab925fc7a8c53847e31ad3d36fc689beb7bda
41fb3f1537503be778f49f984776f23cd1153db1808ab6913ebcef7ec46ffea6
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
559cba16a67baab08dc64ed7777b8f69b7afd9362c13c2ab1d0be04b422f7c26
5f702c6fd5676cfb149fbf49bfeaec8e6a4939183a27caf500b9c7cfd3a7bb88
62020ca38fc19e66243760a2422615a578da725c308a73c5c263c835ca2dc623
646be94d8c530951d009c8553231592b098e8708da86fbf13019cde550148742
740f8a35d17f2c6b12e8bb792d4976ebefad2541c4942982c92feb3e675ead98
8685dfac5c0118265c23fc13e104ae2eade4aa15828d31116ccd9613999ca756
980163672d682a88bc0f4f70f3218048fae4929f60706c8027e119dd676d4790
bf1a07b6840213865021eec754fa51d846364c37c8aa12063f014887cb20418f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf3055f488efdfa58ac63787eddc2acced0522451e48ea911dcea55b96111828
d56e82d3bf3bd9df74b9426c878d16b655cde127058cd8ae1d3d7929f3a27749

promosi.prediksigandatoto.xyz Open in urlscan Pro 2606:4700:3037::ac43:bbf6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

12789 kBTransfer

12874 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

promosi.prediksigandatoto.xyz Open in urlscan Pro
2606:4700:3037::ac43:bbf6 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

12789 kB
Transfer

12874 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions