iya.mba - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 139.99.71.167, located in Singapore and belongs to OVH, FR. The main domain is iya.mba.

This is the only time iya.mba was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	139.99.71.167 139.99.71.167	16276 (OVH) (OVH)
1	2606:4700:30:... 2606:4700:30::681b:9cb0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2

4 139.99.71.167 (Singapore)

ASN16276 (OVH, FR)
PTR: ip167.ip-139-99-71.net

iya.mba	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9cb0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ganteng.stream	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	iya.mba iya.mba	31 KB
1	ganteng.stream ganteng.stream	30 KB
5	2

	Domain	Requested by
4	iya.mba	iya.mba
1	ganteng.stream	iya.mba
5	2

This site contains no links.

Subject Issuer	Validity	Valid
ganteng.stream CloudFlare Inc ECC CA-2	`2019-06-26` - `2020-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://iya.mba:8888/
Frame ID: B6145412D74D04E46EB4CFA8597484B1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

20 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

60 kB
Transfer

59 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response iya.mba/	1 KB 905 B	375ms 190ms	Document text/html	139.99.71.167 OVH
General Check archive.org Show headers Download Go to Full URL http://iya.mba:8888/ Protocol HTTP/1.1 Server 139.99.71.167 , Singapore, ASN16276 (OVH, FR), Reverse DNS ip167.ip-139-99-71.net Software nginx / PHP/5.6.3 Resource Hash `758d61641732ea144276029fa005dbee7db8056877703a76a2de164831600efb` Request headers Host iya.mba:8888 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Sun, 22 Sep 2019 11:11:47 GMT Content-Type text/html; charset=UTF-8 Connection close X-Powered-By PHP/5.6.3 Set-Cookie PHPSESSID=3t1ai84uepomsbmnn6uvl99vd4; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	login.css iya.mba/templates/css/	3 KB 4 KB	338ms 168ms	Stylesheet text/css	139.99.71.167 OVH
General Check archive.org Show headers Download Go to Full URL http://iya.mba:8888/templates/css/login.css Requested by Host: iya.mba URL: http://iya.mba:8888/ Protocol HTTP/1.1 Server 139.99.71.167 , Singapore, ASN16276 (OVH, FR), Reverse DNS ip167.ip-139-99-71.net Software nginx / Resource Hash `87385b09b9f6345eb5b3541ffc72e2013a54a99c32b5bac25b4a6c7f299e4a7e` Request headers Referer http://iya.mba:8888/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 22 Sep 2019 11:11:47 GMT Last-Modified Mon, 20 Mar 2017 22:49:12 GMT Server nginx ETag "58d05c68-d9c" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3484
GET H2	200	IPTV_FUTURE_READY_MEDIA-1.png ganteng.stream/wp-content/uploads/2018/04/	29 KB 30 KB	1087ms 1001ms	Image image/png	2606:4700:30::681b:9cb0 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://ganteng.stream/wp-content/uploads/2018/04/IPTV_FUTURE_READY_MEDIA-1.png Requested by Host: iya.mba URL: http://iya.mba:8888/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9cb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `444b26c7ccd14825bf6a2eb452de2ec756c6ee014686a2141d0a01c3e4eea52d` Request headers Sec-Fetch-Mode no-cors Referer http://iya.mba:8888/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 22 Sep 2019 11:11:48 GMT cf-cache-status MISS last-modified Thu, 12 Apr 2018 01:30:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 51a3d712ce518c8c-VIE content-length 30185 expires Sun, 22 Sep 2019 15:11:48 GMT
GET H/1.1	200 OK	captcha.php iya.mba/includes/	313 B 553 B	478ms 299ms	Image image/png	139.99.71.167 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://iya.mba:8888/includes/captcha.php Requested by Host: iya.mba URL: http://iya.mba:8888/ Protocol HTTP/1.1 Server 139.99.71.167 , Singapore, ASN16276 (OVH, FR), Reverse DNS ip167.ip-139-99-71.net Software nginx / PHP/5.6.3 Resource Hash `80e7b25f76386eb092784b35af1518b4d0b4a629ef37f3e22685f37a0dc05221` Request headers Referer http://iya.mba:8888/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 22 Sep 2019 11:11:47 GMT Server nginx X-Powered-By PHP/5.6.3 Content-Type image/png Cache-Control no-cache, must-revalidate Connection close Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	bg.jpg iya.mba/templates/images/	25 KB 25 KB	288ms 287ms	Image image/jpeg	139.99.71.167 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://iya.mba:8888/templates/images/bg.jpg Requested by Host: iya.mba URL: http://iya.mba:8888/ Protocol HTTP/1.1 Server 139.99.71.167 , Singapore, ASN16276 (OVH, FR), Reverse DNS ip167.ip-139-99-71.net Software nginx / Resource Hash `51373412a0692e1eb4ac00b17a6a3251d18617e055c8989c2279f68cb75353eb` Request headers Referer http://iya.mba:8888/templates/css/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 22 Sep 2019 11:11:47 GMT Last-Modified Thu, 19 Jan 2017 12:01:22 GMT Server nginx ETag "5880aa92-64f5" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 25845

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			iya.mba/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3t1ai84uepomsbmnn6uvl99vd4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ganteng.stream
iya.mba
139.99.71.167
2606:4700:30::681b:9cb0
444b26c7ccd14825bf6a2eb452de2ec756c6ee014686a2141d0a01c3e4eea52d
51373412a0692e1eb4ac00b17a6a3251d18617e055c8989c2279f68cb75353eb
758d61641732ea144276029fa005dbee7db8056877703a76a2de164831600efb
80e7b25f76386eb092784b35af1518b4d0b4a629ef37f3e22685f37a0dc05221
87385b09b9f6345eb5b3541ffc72e2013a54a99c32b5bac25b4a6c7f299e4a7e

iya.mba Open in urlscan Pro 139.99.71.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

20 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

60 kBTransfer

59 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

iya.mba Open in urlscan Pro
139.99.71.167 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

20 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

60 kB
Transfer

59 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions