43.217.22.146 Open in urlscan Pro
43.217.22.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://salampay.me/
Effective URL:
https://43.217.22.146/
Submission: On October 15 via api (October 15th 2024, 12:51:16 am UTC) from NL — Scanned from NL

Summary HTTP 14 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 14 HTTP transactions. The main IP is 43.217.22.146, located in Kuala Lumpur, Malaysia and belongs to AMAZON-02, US. The main domain is 43.217.22.146.
TLS certificate: Issued by E5 on October 14th 2024. Valid for: 3 months.

This is the only time 43.217.22.146 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	43.217.22.146 43.217.22.146	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
3	95.111.197.150 95.111.197.150	202053 (UPCLOUD) (UPCLOUD)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.105.51.113 34.105.51.113	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	6

8 43.217.22.146 (Kuala Lumpur, Malaysia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com

salampay.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
43.217.22.146	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.111.197.150 (Singapore)

ASN202053 (UPCLOUD, FI)
PTR: 95-111-197-150.movahost.com

bazar.mova.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.105.51.113 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.51.105.34.bc.googleusercontent.com

marketingagencyb.oxy.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	mova.my bazar.mova.my	333 KB
2	salampay.me 1 redirects salampay.me	33 KB
1	oxy.host marketingagencyb.oxy.host	2 MB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1941
1	gstatic.com fonts.gstatic.com	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	916 B
14	6

	Domain	Requested by
3	bazar.mova.my	43.217.22.146 bazar.mova.my
2	salampay.me	1 redirects 43.217.22.146
1	marketingagencyb.oxy.host	bazar.mova.my
1	player.vimeo.com	43.217.22.146
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	43.217.22.146
14	6

This site contains links to these domains. Also see Links.

Domain
fb.com
www.instagram.com
x.com
www.linkedin.com

Subject Issuer	Validity	Valid
salampay.me E5	`2024-10-14` - `2025-01-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.mova.my R10	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
player.vimeo.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
marketingagencyb.oxy.host R11	`2024-09-18` - `2024-12-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://43.217.22.146/
Frame ID: A6DC707B575119A4D6B35EB3F41E07AF
Requests: 13 HTTP requests in this frame

Frame: https://player.vimeo.com/video/293712185?api=1
Frame ID: 8F1E973C2126051138A481CCE20097FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SalamPay - Secure and easy payment platform

Page URL History Show full URLs

http://salampay.me/ HTTP 307
https://salampay.me/ HTTP 301
https://43.217.22.146/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Oxygen (Page builders) Expand

Overall confidence: 100%
Detected patterns

<body class=(?:"|')[^"']*oxygen-body
<link [^>]*href=(?:"|')[^>]*wp-content/plugins/oxygen/
wp-content/plugins/oxygen

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

57 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

2905 kB
Transfer

2929 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://fb.com/salampay.me
Title: Visit our Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/salampay.me
Title: Visit our Instagram

Search URL Search Domain Scan URL

URL: https://x.com/salampayme
Title: Visit our Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/salampay
Title: Visit our LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://salampay.me/ HTTP 307
https://salampay.me/ HTTP 301
https://43.217.22.146/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
43.217.22.146/
Redirect Chain

http://salampay.me/
https://salampay.me/
https://43.217.22.146/

28 KB
8 KB

631ms
275ms

Document
text/html

43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://43.217.22.146/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 76f824d2f44d64bc0a55d6f75a269cce58a638af4c328314c8c370f61bd573ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 00:51:10 GMT
Link: <https://43.217.22.146/wp-json/>; rel="https://api.w.org/" <https://43.217.22.146/wp-json/wp/v2/pages/84>; rel="alternate"; title="JSON"; type="application/json" <https://43.217.22.146/>; rel=shortlink
Server: nginx/1.24.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 00:51:09 GMT
Location: https://43.217.22.146/
Server: nginx/1.24.0 (Ubuntu)
Transfer-Encoding: chunked
X-Redirect-By: WordPress

GET
H2 200 css
fonts.googleapis.com/ 3 KB
916 B 78ms
30ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Public+Sans:500,600,regular,|Public+Sans:500,600,regular,

Requested by

Host: 43.217.22.146
URL: https://43.217.22.146/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b399e8311474de225ce8963bb00bc15d43ddec8885ff091957fcf8e02972030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 00:51:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 00:51:10 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Oct 2024 00:51:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK oxygen.css
43.217.22.146/wp-content/plugins/oxygen/component-framework/ 20 KB
20 KB 180ms
179ms Stylesheet
text/css 43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://43.217.22.146/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.9
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 52b14906d431f4169ae615361f6391278f5d35b9e93e57d076717b0d398435b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

ETag: "6706990f-50bd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20669
Date: Tue, 15 Oct 2024 00:51:10 GMT
Content-Type: text/css
Last-Modified: Wed, 09 Oct 2024 14:54:07 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H/1.1 200
OK jquery.min.js Show response
43.217.22.146/wp-includes/js/jquery/ 86 KB
86 KB 362ms
179ms Script
application/javascript 43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://43.217.22.146/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

ETag: "64ecb2c8-15601"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87553
Date: Tue, 15 Oct 2024 00:51:10 GMT
Content-Type: application/javascript
Last-Modified: Mon, 28 Aug 2023 14:44:24 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H2 200 79.css
bazar.mova.my/wp-content/uploads/oxygen/css/ 4 KB
1 KB 1534ms
172ms Stylesheet
text/css 95.111.197.150
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://bazar.mova.my/wp-content/uploads/oxygen/css/79.css?cache=1728859040&ver=6.6.2
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.111.197.150 , Singapore, ASN202053 (UPCLOUD, FI),
Reverse DNS: 95-111-197-150.movahost.com
Software: LiteSpeed /
Resource Hash: 5ef0f3ccd7719a0955410e88ba0e61f47928cab7382b11b76fee75ced5a8ee42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 22 Oct 2024 00:51:11 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 878
date: Tue, 15 Oct 2024 00:51:11 GMT
content-type: text/css
last-modified: Sun, 13 Oct 2024 22:37:20 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 84.css
bazar.mova.my/wp-content/uploads/oxygen/css/ 4 KB
1021 B 1533ms
171ms Stylesheet
text/css 95.111.197.150
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://bazar.mova.my/wp-content/uploads/oxygen/css/84.css?cache=1728861679&ver=6.6.2
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.111.197.150 , Singapore, ASN202053 (UPCLOUD, FI),
Reverse DNS: 95-111-197-150.movahost.com
Software: LiteSpeed /
Resource Hash: 663e4257af27a3c0390969fc407122fdca34f145fb446c80ea8dc8da37cfbcae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Tue, 22 Oct 2024 00:51:11 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 964
date: Tue, 15 Oct 2024 00:51:11 GMT
content-type: text/css
last-modified: Sun, 13 Oct 2024 23:21:19 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H/1.1 200
OK universal.css
salampay.me/wp-content/uploads/oxygen/css/ 32 KB
32 KB 706ms
351ms Stylesheet
text/css 43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://salampay.me/wp-content/uploads/oxygen/css/universal.css?cache=1728861679&ver=6.6.2
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 51e220e5e622e4ade9062d0d24cd3f65f5a7f1be6ac92c492dcb403af71dca08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

ETag: "670c55ef-80a6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32934
Date: Tue, 15 Oct 2024 00:51:10 GMT
Content-Type: text/css
Last-Modified: Sun, 13 Oct 2024 23:21:19 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H/1.1 200
OK salampay-logo-2048x495.png
43.217.22.146/wp-content/uploads/2024/10/ 60 KB
60 KB 708ms
354ms Image
image/png 43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://43.217.22.146/wp-content/uploads/2024/10/salampay-logo-2048x495.png
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 018a0b14b4ad8608d404683dc49011ee206e8673406b740cee1503190950c6b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

ETag: "670c16b6-ee9f"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61087
Date: Tue, 15 Oct 2024 00:51:10 GMT
Content-Type: image/png
Last-Modified: Sun, 13 Oct 2024 18:51:34 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H/1.1 200
OK salampay-logo-white-300x73.png
43.217.22.146/wp-content/uploads/2024/10/ 5 KB
5 KB 532ms
178ms Image
image/png 43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://43.217.22.146/wp-content/uploads/2024/10/salampay-logo-white-300x73.png
Requested by: Host: 43.217.22.146
URL: https://43.217.22.146/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: bcd1e870b7a20ac25c4b035159124dae1396981950ed679b48031f5bf3cbbf70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

ETag: "670c2d3d-1411"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5137
Date: Tue, 15 Oct 2024 00:51:10 GMT
Content-Type: image/png
Last-Modified: Sun, 13 Oct 2024 20:27:41 GMT
Server: nginx/1.24.0 (Ubuntu)

GET
H3 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v18/ 26 KB
26 KB 70ms
30ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v18/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Public+Sans:500,600,regular,|Public+Sans:500,600,regular,

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://43.217.22.146
Referer: https://fonts.googleapis.com/

Response headers

age: 578406
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 08:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 08:11:06 GMT
last-modified: Thu, 26 Sep 2024 23:19:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26832
x-xss-protection: 0
server: sffe

GET
H/1.1 404
Not Found 293712185
player.vimeo.com/video/ Frame 8F1E 0
0 235ms
205ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/293712185?api=1

Requested by

Host: 43.217.22.146
URL: https://43.217.22.146/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline'; script-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://43.217.22.146/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 8d2bd1c0efb39726-AMS
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 00:51:12 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
content-security-policy: default-src 'self'; style-src 'unsafe-inline'; script-src 'unsafe-inline'
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-6fdd4d856c-lhxzk
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-6fdd4d856c-lhxzk
x-player-backend: g
x-served-by: cache-ams2100113-AMS
x-timer: S1728953472.164324,VS0,VE169
x-vimeo-error: player-backend
x-xss-protection: 1; mode=block

GET
H2 200 jabat-tangan-scaled.jpg
bazar.mova.my/wp-content/uploads/2024/10/ 331 KB
331 KB 171ms
171ms Image
image/jpeg 95.111.197.150
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bazar.mova.my/wp-content/uploads/2024/10/jabat-tangan-scaled.jpg
Requested by: Host: bazar.mova.my
URL: https://bazar.mova.my/wp-content/uploads/oxygen/css/84.css?cache=1728861679&ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.111.197.150 , Singapore, ASN202053 (UPCLOUD, FI),
Reverse DNS: 95-111-197-150.movahost.com
Software: LiteSpeed /
Resource Hash: 0765e19a91340dddade480c78543e1ee318b801921f0b14c120e074a60d70f46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bazar.mova.my/wp-content/uploads/oxygen/css/84.css?cache=1728861679&ver=6.6.2

Response headers

cache-control: public, max-age=604800
expires: Tue, 22 Oct 2024 00:51:11 GMT
accept-ranges: bytes
content-length: 338888
date: Tue, 15 Oct 2024 00:51:11 GMT
content-type: image/jpeg
last-modified: Sun, 13 Oct 2024 21:20:45 GMT
server: LiteSpeed

GET
H2 200 Shelfs.jpg
marketingagencyb.oxy.host/wp-content/uploads/sites/54/2018/10/ 2 MB
2 MB 700ms
302ms Image
image/jpeg 34.105.51.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketingagencyb.oxy.host/wp-content/uploads/sites/54/2018/10/Shelfs.jpg
Requested by: Host: bazar.mova.my
URL: https://bazar.mova.my/wp-content/uploads/oxygen/css/84.css?cache=1728861679&ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.105.51.113 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.51.105.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a99d1b19aa42aa9d663f41739839298cd99e9265e43d0c832acc741d92ec2498

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bazar.mova.my/

Response headers

cache-control: public, max-age=31536000
etag: "66e33afe-24664a"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2385482
date: Tue, 15 Oct 2024 00:51:12 GMT
content-type: image/jpeg
last-modified: Thu, 12 Sep 2024 19:03:26 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK cropped-salampay-icon-sq-32x32.png
43.217.22.146/wp-content/uploads/2024/10/ 748 B
995 B 190ms
190ms Other
image/png 43.217.22.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://43.217.22.146/wp-content/uploads/2024/10/cropped-salampay-icon-sq-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 43.217.22.146 Kuala Lumpur, Malaysia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-217-22-146.ap-southeast-5.compute.amazonaws.com
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 4556bcc1c8b3c62fe352d86045c5d0581a1ce60c2c4d514a1ce7e61b33c448ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://43.217.22.146/

Response headers

ETag: "670c5216-2ec"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 748
Date: Tue, 15 Oct 2024 00:51:13 GMT
Content-Type: image/png
Last-Modified: Sun, 13 Oct 2024 23:04:54 GMT
Server: nginx/1.24.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vimeo.com/	1970-01-21 00:15:55	Name: __cf_bm Value: tKcM1ouRkPR.Q8xklWpr0Alhc1NTE9seEmACXXLM5_s-1728953472-1.0.1.1-vhzUKtJ4ZjmgYUY7nHy17gf0JizyyBQspoBWKaRvo6Jzycn0_cg6KtUmPOI4p7.N
			.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: iHp3Ef5BhurQ3_ZPBGfiYXunta7rQJNFZHUy3AzUE3w-1728953472340-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://43.217.22.146/ Message: Mixed Content: The page at 'https://43.217.22.146/' was loaded over HTTPS, but requested an insecure element 'http://marketingagencyb.oxy.host/wp-content/uploads/sites/54/2018/10/Shelfs.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bazar.mova.my
fonts.googleapis.com
fonts.gstatic.com
marketingagencyb.oxy.host
player.vimeo.com
salampay.me
142.250.186.131
162.159.138.60
2a00:1450:4001:81d::200a
34.105.51.113
43.217.22.146
95.111.197.150
018a0b14b4ad8608d404683dc49011ee206e8673406b740cee1503190950c6b5
0765e19a91340dddade480c78543e1ee318b801921f0b14c120e074a60d70f46
4556bcc1c8b3c62fe352d86045c5d0581a1ce60c2c4d514a1ce7e61b33c448ca
51e220e5e622e4ade9062d0d24cd3f65f5a7f1be6ac92c492dcb403af71dca08
52b14906d431f4169ae615361f6391278f5d35b9e93e57d076717b0d398435b8
5ed4d31c988e73b258894244f209069ebe77dc7e564861954b21198b6de90d68
5ef0f3ccd7719a0955410e88ba0e61f47928cab7382b11b76fee75ced5a8ee42
663e4257af27a3c0390969fc407122fdca34f145fb446c80ea8dc8da37cfbcae
76f824d2f44d64bc0a55d6f75a269cce58a638af4c328314c8c370f61bd573ef
9b399e8311474de225ce8963bb00bc15d43ddec8885ff091957fcf8e02972030
a99d1b19aa42aa9d663f41739839298cd99e9265e43d0c832acc741d92ec2498
bcd1e870b7a20ac25c4b035159124dae1396981950ed679b48031f5bf3cbbf70
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

43.217.22.146 Open in urlscan Pro 43.217.22.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

57 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

6 IPs

5 Countries

2905 kBTransfer

2929 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

43.217.22.146 Open in urlscan Pro
43.217.22.146 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

57 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

2905 kB
Transfer

2929 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions