urlscan.io logo urlscan.io
SecurityTrails logo

bantuanppkm.digital Open in urlscan Pro
64.20.52.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bantuanppkm.digital/
Effective URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Submission: On July 12 via manual from ID
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 23 HTTP transactions. The main IP is 64.20.52.82, located in United States and belongs to IS-AS-1, US. The main domain is bantuanppkm.digital.
This is the only time bantuanppkm.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    64.20.52.82 (United States)

ASN19318 (IS-AS-1, US)
bantuanppkm.digital
1    2600:9000:2190:8200:2:96bd:21c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.pikiran-rakyat.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.250.126.6 (United States)

ASN19318 (IS-AS-1, US)
PTR: mt5.deal4.deal4mails.in
cdn.jsprivate.one
1    199.232.82.2 (Marseille, France)

ASN54113 (FASTLY, US)
media.giphy.com
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
4    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
uprimp.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    198.54.121.168 (United States)

ASN22612 (NAMECHEAP-NET, US)
cdn.myjs.one
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
3    192.99.8.34 (Guelph, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
Domain Requested by
4 uprimp.com bantuanppkm.digital
uprimp.com
4 bantuanppkm.digital 1 redirects bantuanppkm.digital
ajax.googleapis.com
3 s4.histats.com s10.histats.com
1 s10.histats.com bantuanppkm.digital
1 cdn.myjs.one ajax.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 i.imgur.com bantuanppkm.digital
1 media.giphy.com bantuanppkm.digital
1 cdn.jsprivate.one ajax.googleapis.com
1 fonts.googleapis.com bantuanppkm.digital
1 ajax.googleapis.com bantuanppkm.digital
1 maxcdn.bootstrapcdn.com bantuanppkm.digital
1 assets.pikiran-rakyat.com bantuanppkm.digital
0 owo-owo.vip Failed ajax.googleapis.com
0 record.php Failed bantuanppkm.digital
23 15

This site contains no links.

Subject Issuer Validity Valid
pikiran-rakyat.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
cdn.jsprivate.one
cPanel, Inc. Certification Authority		 2021-07-09 -
2021-10-07		 3 months crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
uprimp.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
cdn.myjs.one
Sectigo RSA Domain Validation Secure Server CA		 2021-07-08 -
2022-07-08		 a year crt.sh
histats.com
R3		 2021-05-21 -
2021-08-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://bantuanppkm.digital/pembagian-subsidi/?index
Frame ID: 42419DE0A19DC0FADED9B89D44000BB6
Requests: 21 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=377687&format=300x50&ga=g&xt=162606538082795&xtt=3563334
Frame ID: 0E3E64893A2C59E0DC2E4E18CCAB5DA0
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=377687&format=300x50&ga=g&xt=162606538058931&xtt=2688300
Frame ID: 989F85D558E1B9B25C934AAEA65E8E06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bantuanppkm.digital/ HTTP 302
    http://bantuanppkm.digital/pembagian-subsidi/?index Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

70 %
HTTPS

38 %
IPv6

13
Domains

15
Subdomains

14
IPs

5
Countries

317 kB
Transfer

555 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bantuanppkm.digital/ HTTP 302
    http://bantuanppkm.digital/pembagian-subsidi/?index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bantuanppkm.digital/pembagian-subsidi/
Redirect Chain
  • http://bantuanppkm.digital/
  • http://bantuanppkm.digital/pembagian-subsidi/?index
112 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
HTTP/1.1
Server
64.20.52.82 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
75a6e638b3993ae3c4048407ec6df66b94e32db840e74160e38703a1e0d18849

Request headers

Host
bantuanppkm.digital
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Mon, 12 Jul 2021 04:49:40 GMT
Server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Location
http://bantuanppkm.digital/pembagian-subsidi/?index
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Mon, 12 Jul 2021 04:49:39 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
2048193673.jpg
assets.pikiran-rakyat.com/crop/0x136:1071x835/x/photo/2021/07/03/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pikiran-rakyat.com/crop/0x136:1071x835/x/photo/2021/07/03/2048193673.jpg
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8200:2:96bd:21c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f6535b6803b4ff793b7156511c587fb25da345013cae36b9448ecafb1c25313f

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 03:09:16 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
server
nginx
age
697224
etag
"fa273a3bb18f5897017823da760486489c01ee43"
x-cache-status
MISS
access-control-allow-methods
GET, OPTION
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
content-length
128073
x-amz-cf-id
QhkSXzbv4j8HcePkpUDCk_wm75wzg49Gn5CUqPJHk9qlgSmrHsaLJQ==
expires
Mon, 04 Jul 2022 03:09:16 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://bantuanppkm.digital
Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 04:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617, 617
age
325522
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
00ceeefdc4ad4617ae8dace1076c5462
cf-ray
66d7a5717db3dfbf-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 03:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 03:07:32 GMT
css
fonts.googleapis.com/ 		2 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
546c9cf28ee399e9811641e9a676a11fa382881a3cc3c5c4dadab2ec9b847c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Jul 2021 03:06:13 GMT
server
ESF
date
Mon, 12 Jul 2021 04:49:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jul 2021 04:49:40 GMT
oneConnect.js
cdn.jsprivate.one/ajax/libs/private/2.0/ 		237 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsprivate.one/ajax/libs/private/2.0/oneConnect.js?v=1626065380193&_=1626065380106
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.250.126.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
mt5.deal4.deal4mails.in
Software
LiteSpeed /
Resource Hash
2225e3b4083a67eedc0f6589cf787e503f793e5ec51ccaf2a91546334b357943

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 04:49:40 GMT
content-encoding
gzip
last-modified
Sun, 11 Jul 2021 10:48:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
195
expires
Mon, 19 Jul 2021 04:49:40 GMT
history.php
bantuanppkm.digital/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://bantuanppkm.digital/history.php
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
HTTP/1.1
Server
64.20.52.82 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bantuanppkm.digital
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://bantuanppkm.digital/pembagian-subsidi/?index
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bantuanppkm.digital/pembagian-subsidi/?index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Jul 2021 04:49:40 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1238
Content-Type
text/html
giphy.gif
media.giphy.com/media/8DcYkij7pUxUY/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.giphy.com/media/8DcYkij7pUxUY/giphy.gif
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.82.2 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d066c2f996b7f65f25c0e62529c9884d12c4609cffe5888edacc3c2fec67826
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 04:49:40 GMT
via
1.1 varnish, 1.1 varnish
age
2776108
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
21938
x-served-by
cache-bwi5121-BWI, cache-mrs10560-MRS
last-modified
Sat, 09 Nov 2019 14:15:50 GMT
x-timer
S1626065380.270003,VS0,VE0
etag
"c932390d7ef8b6e381a5cdfab589e781"
strict-transport-security
max-age=86400
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 12065
aR2WaUf.gif
i.imgur.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/aR2WaUf.gif
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
df05a30a83f67ea288e0d8dc960a799ceeebe92e77aed625217454ec663a19ba
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 04:49:40 GMT
x-content-type-options
nosniff
age
4564498
x-cache
HIT, HIT
content-length
52932
x-served-by
cache-bwi5164-BWI, cache-fra19143-FRA
last-modified
Sat, 26 Sep 2020 02:44:40 GMT
server
cat factory 1.0
x-timer
S1626065380.262234,VS0,VE1
etag
"479e7c9a0103d73e8013e62922818853"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
bnr.php
uprimp.com/ 		372 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/bnr.php?section=General&pub=377687&format=300x50&ga=g
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
14d90c5ad20b95b3ccc92bfc4641d034f8f221ad1df275ecf73760873be075e2

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jul 2021 04:49:40 GMT
last-modified
Mon, 12 Jul 2021 04:49:40 GMT
server
nginx
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Mon, 12 Jul 2021 04:49:40 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://bantuanppkm.digital
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 01:25:02 GMT
x-content-type-options
nosniff
age
530678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 01:25:02 GMT
yuming.js
bantuanppkm.digital/pembagian-subsidi/ 		78 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://bantuanppkm.digital/pembagian-subsidi/yuming.js?1626065380301&_=1626065380107
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
HTTP/1.1
Server
64.20.52.82 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
92877c924e0bbebb446ae9e4152d00cdfcf2e3e3bec6097c183209f0a1ba78e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bantuanppkm.digital
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://bantuanppkm.digital/pembagian-subsidi/?index
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://bantuanppkm.digital/pembagian-subsidi/?index
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 04:49:40 GMT
Last-Modified
Thu, 08 Jul 2021 06:41:26 GMT
Server
LiteSpeed
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
78
Expires
Mon, 19 Jul 2021 04:49:40 GMT
oneTouch.js
cdn.myjs.one/ajax/libs/private/ 		673 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.myjs.one/ajax/libs/private/oneTouch.js?v=1626065380303&_=1626065380108
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6eda89bde57201fb03ccf57a78dcd8a76f4d8dd61875d35b0c799dc6c1d4eb11

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 04:49:40 GMT
content-encoding
br
last-modified
Sun, 11 Jul 2021 10:38:22 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
319
expires
Mon, 19 Jul 2021 04:49:40 GMT
/
record.php/ 		0
0
/
record.php/ 		0
0
bnr_xload.php
uprimp.com/ Frame 0E3E 		0
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/bnr_xload.php?section=General&pub=377687&format=300x50&ga=g&xt=162606538082795&xtt=3563334
Requested by
Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=377687&format=300x50&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
uprimp.com
:scheme
https
:path
/bnr_xload.php?section=General&pub=377687&format=300x50&ga=g&xt=162606538082795&xtt=3563334
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bantuanppkm.digital/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bantuanppkm.digital/

Response headers

server
nginx
date
Mon, 12 Jul 2021 04:49:40 GMT
content-type
text/html; charset=UTF-8
expires
Mon, 12 Jul 2021 04:49:40 GMT
last-modified
Mon, 12 Jul 2021 04:49:40 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bnr.php
uprimp.com/ 		372 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/bnr.php?section=General&pub=377687&format=300x50&ga=g
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
2b8f171ae848062e6d4177384848cced538d6de9d528bfbe54fa130b7a9f6f9f

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jul 2021 04:49:40 GMT
last-modified
Mon, 12 Jul 2021 04:49:40 GMT
server
nginx
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Mon, 12 Jul 2021 04:49:40 GMT
bnr_xload.php
uprimp.com/ Frame 989F 		0
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/bnr_xload.php?section=General&pub=377687&format=300x50&ga=g&xt=162606538058931&xtt=2688300
Requested by
Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=377687&format=300x50&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
uprimp.com
:scheme
https
:path
/bnr_xload.php?section=General&pub=377687&format=300x50&ga=g&xt=162606538058931&xtt=2688300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bantuanppkm.digital/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://bantuanppkm.digital/

Response headers

server
nginx
date
Mon, 12 Jul 2021 04:49:40 GMT
content-type
text/html; charset=UTF-8
expires
Mon, 12 Jul 2021 04:49:40 GMT
last-modified
Mon, 12 Jul 2021 04:49:40 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: bantuanppkm.digital
URL: http://bantuanppkm.digital/pembagian-subsidi/?index
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 04:44:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
40745
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
X-IPLB-Request-ID
52661272:DBE8_2E69C9F0:0050_60EBC9E4_4CF03:2236
Content-Length
4547
X-Request-ID
358778509
verify.js
owo-owo.vip/ 		0
0
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4564767&@f16&@g1&@h1&@i1&@j1626065380483&@k0&@l1&@mBantuan%20Sosial%20Tunai&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:139376380&@b3:1626065380&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fbantuanppkm.digital%2Fpembagian-subsidi%2F%3Findex&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Guelph, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
8ef0f56041ea7b6ccc3e13c0b68b5355b35d9e7edcd7c1fa96ce33230efd7f03

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 04:49:40 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4564767&@f16&@g0&@h2&@i1&@j1626065380872&@k389&@l2&@mBantuan%20Sosial%20Tunai&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:1283228&@b3:1626065381&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fbantuanppkm.digital%2Fpembagian-subsidi%2F%3Findex&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Guelph, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
8ef0f56041ea7b6ccc3e13c0b68b5355b35d9e7edcd7c1fa96ce33230efd7f03

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 04:49:41 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4565315&@f16&@g0&@h2&@i1&@j1626065380872&@k389&@l2&@mBantuan%20Sosial%20Tunai&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-42569107&@b3:1626065381&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fbantuanppkm.digital%2Fpembagian-subsidi%2F%3Findex&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Guelph, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
0b20a7cac4a9424867144097333b81265bafc095aab19355a9bc656bd49db4ee

Request headers

Referer
http://bantuanppkm.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Jul 2021 04:49:41 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
record.php
URL
https://record.php/?ac=total&name=null
Domain
record.php
URL
https://record.php/?ac=total&name=kfc
Domain
owo-owo.vip
URL
http://owo-owo.vip/verify.js?_=1626065380109

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| _0xodp object| _0x323b function| _0x1691 function| _0x1196c6 function| _0x5ac88e function| _0x28bd60 function| _0x55f9a9 function| _0x300794 function| _0x7bdc55 string| _0xodk object| _0x3347 function| _0x3dc7 number| timer_start number| total string| redirectURL string| WhatsApp_share_message string| Share_link function| incrementValue1 function| incrementValue_i function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| record object| zeit number| sec number| add object| zeit2 number| minute number| timer1 number| resttimer number| timer function| updateTimer number| myTimer function| stopFunction function| lasthtml function| dapp function| ads string| j string| banner string| theme number| qs function| hh function| jp function| fh function| goon object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

9 Cookies

Domain/Path Name / Value
bantuanppkm.digital/ Name: HstPt4564767
Value: 2
bantuanppkm.digital/ Name: HstCla4564767
Value: 1626065380872
bantuanppkm.digital/ Name: HstCns4564767
Value: 1
bantuanppkm.digital/ Name: HstCnv4564767
Value: 1
bantuanppkm.digital/ Name: HstCmu4564767
Value: 1626065380483
bantuanppkm.digital/ Name: kfc
Value: kfc
bantuanppkm.digital/ Name: HstCfa4564767
Value: 1626065380483
bantuanppkm.digital/ Name: HstPn4564767
Value: 2
bantuanppkm.digital/ Name: null
Value: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.pikiran-rakyat.com
bantuanppkm.digital
cdn.jsprivate.one
cdn.myjs.one
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
maxcdn.bootstrapcdn.com
media.giphy.com
owo-owo.vip
record.php
s10.histats.com
s4.histats.com
uprimp.com
owo-owo.vip
record.php
151.101.12.193
162.250.126.6
185.66.200.220
192.99.8.34
198.54.121.168
199.232.82.2
2600:9000:2190:8200:2:96bd:21c0:93a1
2606:4700::6812:acf
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
46.105.201.240
64.20.52.82
0b20a7cac4a9424867144097333b81265bafc095aab19355a9bc656bd49db4ee
14d90c5ad20b95b3ccc92bfc4641d034f8f221ad1df275ecf73760873be075e2
2225e3b4083a67eedc0f6589cf787e503f793e5ec51ccaf2a91546334b357943
2b8f171ae848062e6d4177384848cced538d6de9d528bfbe54fa130b7a9f6f9f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
546c9cf28ee399e9811641e9a676a11fa382881a3cc3c5c4dadab2ec9b847c59
6eda89bde57201fb03ccf57a78dcd8a76f4d8dd61875d35b0c799dc6c1d4eb11
75a6e638b3993ae3c4048407ec6df66b94e32db840e74160e38703a1e0d18849
7d066c2f996b7f65f25c0e62529c9884d12c4609cffe5888edacc3c2fec67826
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8ef0f56041ea7b6ccc3e13c0b68b5355b35d9e7edcd7c1fa96ce33230efd7f03
92877c924e0bbebb446ae9e4152d00cdfcf2e3e3bec6097c183209f0a1ba78e3
df05a30a83f67ea288e0d8dc960a799ceeebe92e77aed625217454ec663a19ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6535b6803b4ff793b7156511c587fb25da345013cae36b9448ecafb1c25313f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c