kitamaumaju.us Open in urlscan Pro
104.21.74.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Submission Tags: @phish_report
Submission: On January 11 via api (January 11th 2025, 8:22:19 am UTC) from FI — Scanned from US

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 104.21.74.171, located in and belongs to CLOUDFLARENET, US. The main domain is kitamaumaju.us.
TLS certificate: Issued by WE1 on January 9th 2025. Valid for: 3 months.

This is the only time kitamaumaju.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.74.171 104.21.74.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.179.132 142.251.179.132	15169 (GOOGLE) (GOOGLE)
4	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
1	104.238.220.6 104.238.220.6	23470 (RELIABLESITE) (RELIABLESITE)
2	35.186.229.178 35.186.229.178	15169 (GOOGLE) (GOOGLE)
3	172.67.131.220 172.67.131.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	7

1 104.21.74.171 (None, )

ASN13335 (CLOUDFLARENET, US)

kitamaumaju.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.179.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.238.220.6 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.229.178 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 178.229.186.35.bc.googleusercontent.com

m-g.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.131.220 (United States)

ASN13335 (CLOUDFLARENET, US)

groundzero.quest	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
3	groundzero.quest groundzero.quest	757 KB
3	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	79 KB
2	m-g.io m-g.io — Cisco Umbrella Rank: 325241	86 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18404	168 KB
1	kitamaumaju.us kitamaumaju.us	9 KB
14	6

	Domain	Requested by
4	fonts.googleapis.com	kitamaumaju.us
3	groundzero.quest	kitamaumaju.us
3	cdn.ampproject.org	kitamaumaju.us cdn.ampproject.org
2	m-g.io	kitamaumaju.us
1	i.postimg.cc	kitamaumaju.us
1	kitamaumaju.us
14	6

This site contains links to these domains. Also see Links.

Domain
36.91.165.163
t.ly

Subject Issuer	Validity	Valid
kitamaumaju.us WE1	`2025-01-09` - `2025-04-09`	3 months	crt.sh
misc-sni.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
postimg.cc E6	`2024-12-19` - `2025-03-19`	3 months	crt.sh
m-g.io WR3	`2024-12-06` - `2025-03-06`	3 months	crt.sh
groundzero.quest WE1	`2024-12-27` - `2025-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Frame ID: B8230AC28F0D3321DE187CFA57231E54
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Situs Slot Gacor Hari Ini Mudah Maxwin Terpercaya Slot Thailand Resmi

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1103 kB
Transfer

1374 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://36.91.165.163:2023/images/terbang/?hot=MIOTOTO

Search URL Search Domain Scan URL

URL: https://t.ly/panasya
Title: DAFTAR !

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
kitamaumaju.us/moel/win2/ 38 KB
9 KB 282ms
207ms Document
text/html 104.21.74.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.31
Resource Hash: 11521ecf92c94b886b1a18ade5c7ceffd21c2ebb1e45065e615ff33c759b5ab3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 90037f5d7de5ed3b-SJC
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 11 Jan 2025 08:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MBttPyy%2FUl7LLz7wqRKZVHdmDN41zt7xkPmlTu51xEUZwLVFHXYP8yyPo%2FQFNeLH26%2Bl8cwO0ViSAYk9HXFBfNn9%2BX2H016iU8YaQUET8tO4HTGKJOR5GoTqnspXbCC%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=69527&min_rtt=69516&rtt_var=14683&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4466&delivery_rate=8369&cwnd=12000&unsent_bytes=0&cid=b3aae96821c18276&ts=213&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.1.31
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 556ms
212ms Script
text/javascript 142.251.179.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f132.1e100.net

Software

sffe /

Resource Hash

e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

content-encoding: br
etag: "6cd5bd85d22351ce"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 08:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 11 Jan 2025 08:22:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73112
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 439ms
163ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900

Requested by

Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

f0e26da432963634493f5b1658adf5b9eeed4875e4889f7fe91ad1aa5a00a3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 08:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 11 Jan 2025 08:22:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 11 Jan 2025 08:22:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
717 B 436ms
162ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto%20Condensed:ital,wght@0,400

Requested by

Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

ab9be57d25e0da4fc8608a70844198e1eacfb30f803b2be3042267476339fb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 08:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 11 Jan 2025 08:22:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 11 Jan 2025 08:22:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
629 B 437ms
162ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Exo%202:ital,wght@0,400

Requested by

Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

6e0f545642d04cad1d9236b0cd7cfa24f2440050c9873d5f2ea1851f8f43315a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 08:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 11 Jan 2025 08:22:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 11 Jan 2025 08:22:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 575 B
817 B 433ms
159ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material%20Icons:ital,wght@0,400

Requested by

Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

ee1ebe6dcc42e92bdaf5567beaffd248acc5c311197777a5fe8ff7aa799b2b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 08:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 11 Jan 2025 08:22:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 11 Jan 2025 08:22:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jackpot-slot%20gacor.gif
i.postimg.cc/nVR36STR/ 167 KB
168 KB 240ms
79ms Image
image/gif 104.238.220.6
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/nVR36STR/jackpot-slot%20gacor.gif
Requested by: Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.220.6 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: openresty /
Resource Hash: 846750d2a931ed7353e3c1856191d64f2edb74069813624cc95fb10b1d77098a

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 171399
date: Sat, 11 Jan 2025 08:22:11 GMT
content-type: image/gif
last-modified: Mon, 01 Jul 2024 20:03:14 GMT
server: openresty

GET
H2 200 07bed153.woff2
m-g.io/istanaslot.com/ 74 KB
74 KB 286ms
72ms Font
font/woff2 35.186.229.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://m-g.io/istanaslot.com/07bed153.woff2
Requested by: Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.229.178 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.229.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Origin: https://kitamaumaju.us
Referer: https://kitamaumaju.us/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=BHRImA==, md5=tc+K4mdIVw2PuVpH9Gtp4Q==
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
age: 2052
x-goog-meta-originalurl: https://istanaslot.com/assets/fonts/fa-solid-900.woff2
x-goog-stored-content-encoding: identity
expires: Sat, 11 Jan 2025 08:47:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 75440
date: Sat, 11 Jan 2025 07:47:59 GMT
last-modified: Sun, 06 Feb 2022 06:37:24 GMT
content-type: font/woff2
x-guploader-uploadid: AFIdbgQieYGooDzmldDfvD61XcLynl-jkvUWCKgl2B_9_DVSR9XR0C8fP5hjh6RXv6vNgUx0GU9Z8-M
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1644129444944921
content-length: 75440
server: UploadServer

GET
H2 200 75c41c48.woff
m-g.io/istanaslot.com/ 11 KB
12 KB 378ms
164ms Font
font/woff 35.186.229.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://m-g.io/istanaslot.com/75c41c48.woff
Requested by: Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.229.178 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.229.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7ce6ee224e96c177a1483168fbc0e897ac1a90a934584e57aa9e5c36602dda0c

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Origin: https://kitamaumaju.us
Referer: https://kitamaumaju.us/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=8mWT8Q==, md5=BxldUbwMUqqt3mkDKpI26w==
etag: "07195d51bc0c52aaadde69032a9236eb"
age: 2052
x-goog-meta-originalurl: https://istanaslot.com/assets/fonts/custom.woff
x-goog-stored-content-encoding: identity
expires: Sat, 11 Jan 2025 08:47:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 11528
date: Sat, 11 Jan 2025 07:47:59 GMT
last-modified: Sun, 06 Feb 2022 06:37:24 GMT
content-type: font/woff
x-guploader-uploadid: AFIdbgQpQrMFMJ0wKyHtUGRh1h-20LucM3Om_KKKYdiwJWGUHsw4s5OcHFoohjF4H-07xD788sv_bM0
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1644129444880412
content-length: 11528
server: UploadServer

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e979568297bb34e0e65cc37a1a8eaf66ee396cd6a91dbd7f3f7dffd12a66faf9

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 giftalok.gif
groundzero.quest/ 620 KB
621 KB 475ms
250ms Image
image/gif 172.67.131.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groundzero.quest/giftalok.gif
Requested by: Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c3a8ff66a838f48d9073370de3d8891215b836681bad96a7ceb5c792e4cde6

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

cf-cache-status: HIT
etag: "71c6a416d882a90885cbc5677625546d"
age: 6574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zpX4%2FW9OycKhDfeAaCbRGyD8093m3cuRPngKktXdWZ8OaXsoVmGoaSKiICByPMHRcQvSfpNJvvk%2BMhbinKO6Lb8MjX4TSzG17owTTNDYhe5v34tlO04TflAJsZtbSmxYRVk5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1050&min_rtt=1018&rtt_var=182&sent=45&recv=9&lost=0&retrans=0&sent_bytes=56609&recv_bytes=2268&delivery_rate=4056022&cwnd=253&unsent_bytes=21665&cid=03074df6c34ab553&ts=92&x=0"
date: Sat, 11 Jan 2025 08:22:12 GMT
content-type: image/gif
last-modified: Mon, 16 Dec 2024 12:30:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 90037f64f83df973-SJC
accept-ranges: bytes
content-length: 634801
server: cloudflare

GET
H2 200 masterslot.jpg
groundzero.quest/ 71 KB
72 KB 306ms
81ms Image
image/jpeg 172.67.131.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groundzero.quest/masterslot.jpg
Requested by: Host: kitamaumaju.us
URL: https://kitamaumaju.us/moel/win2/?hai=MIOTOTO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d387e46aa1ed10a910ebc1388c6d24d065905e3f296fba89dd47d41507b685ac

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

cf-cache-status: HIT
etag: "062a631028de111fe8dc2fe3f7691b7c"
age: 3657
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0IeikmpWfxgIFic8NJCvKeMx6F%2FwiJwELoCajfcCxsoR0WYO2f%2BPFwLLIyZAa4lnPp1jtHmbz8nRYUBaSqfgjaaISkROo5I5He3VHTPZESXF9a0%2BjMnYi0F%2B4NIuwpz9oar"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1050&min_rtt=1018&rtt_var=182&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3957&recv_bytes=2268&delivery_rate=4056022&cwnd=253&unsent_bytes=0&cid=03074df6c34ab553&ts=91&x=0"
date: Sat, 11 Jan 2025 08:22:12 GMT
content-type: image/jpeg
last-modified: Mon, 16 Dec 2024 12:27:12 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 90037f64f840f973-SJC
accept-ranges: bytes
content-length: 72571
server: cloudflare

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 8 KB
3 KB 409ms
139ms Script
text/javascript 142.251.179.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f132.1e100.net

Software

sffe /

Resource Hash

abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Origin: https://kitamaumaju.us
Referer: https://kitamaumaju.us/

Response headers

content-encoding: br
etag: "f0f2b169fa87a905"
age: 35359
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 22:32:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 22:32:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2970
x-xss-protection: 0
server: sffe

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 12 KB
4 KB 411ms
141ms Script
text/javascript 142.251.179.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f132.1e100.net

Software

sffe /

Resource Hash

7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Origin: https://kitamaumaju.us
Referer: https://kitamaumaju.us/

Response headers

content-encoding: br
etag: "b22012622c63a36b"
age: 92572
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 06:39:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 06:39:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3929
x-xss-protection: 0
server: sffe

GET
H2 200 roketku.png
groundzero.quest/ 63 KB
64 KB 82ms
81ms Other
image/png 172.67.131.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://groundzero.quest/roketku.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983438ac638b51a9bf67365f48ebdf84a1009d7743ece4c21ebe4137808df164

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer: https://kitamaumaju.us/

Response headers

cf-cache-status: HIT
etag: "da24b9418c658b3047b61d2bac1c9a37"
age: 46
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H46HsMlXuiqzecbMHm7E2rjOHkYK9p%2FMezc%2F9ZJOHemsBP%2BrUViBVWytCN1xEF8X6cydsSX%2F3xHqygXv9Wez13G5Sg0GuM3dotye88nig97HBaKwuq%2BWXXtjcf7PRj0aINT4"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1706&min_rtt=1016&rtt_var=141&sent=510&recv=230&lost=0&retrans=0&sent_bytes=716040&recv_bytes=2358&delivery_rate=282728135&cwnd=670&unsent_bytes=0&cid=03074df6c34ab553&ts=561&x=0"
date: Sat, 11 Jan 2025 08:22:12 GMT
content-type: image/png
last-modified: Tue, 31 Dec 2024 01:32:41 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 90037f67da30f973-SJC
accept-ranges: bytes
content-length: 64937
server: cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
groundzero.quest
i.postimg.cc
kitamaumaju.us
m-g.io
104.21.74.171
104.238.220.6
142.251.179.132
172.253.63.95
172.67.131.220
35.186.229.178
11521ecf92c94b886b1a18ade5c7ceffd21c2ebb1e45065e615ff33c759b5ab3
14c3a8ff66a838f48d9073370de3d8891215b836681bad96a7ceb5c792e4cde6
6e0f545642d04cad1d9236b0cd7cfa24f2440050c9873d5f2ea1851f8f43315a
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
7ce6ee224e96c177a1483168fbc0e897ac1a90a934584e57aa9e5c36602dda0c
846750d2a931ed7353e3c1856191d64f2edb74069813624cc95fb10b1d77098a
983438ac638b51a9bf67365f48ebdf84a1009d7743ece4c21ebe4137808df164
ab9be57d25e0da4fc8608a70844198e1eacfb30f803b2be3042267476339fb75
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d387e46aa1ed10a910ebc1388c6d24d065905e3f296fba89dd47d41507b685ac
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
e979568297bb34e0e65cc37a1a8eaf66ee396cd6a91dbd7f3f7dffd12a66faf9
ee1ebe6dcc42e92bdaf5567beaffd248acc5c311197777a5fe8ff7aa799b2b33
f0e26da432963634493f5b1658adf5b9eeed4875e4889f7fe91ad1aa5a00a3f1

kitamaumaju.us Open in urlscan Pro 104.21.74.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

7 IPs

2 Countries

1103 kBTransfer

1374 kBSize

0 Cookies

2 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

kitamaumaju.us Open in urlscan Pro
104.21.74.171 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1103 kB
Transfer

1374 kB
Size

0
Cookies

14 HTTP transactions
1 data transactions