urlscan.io logo urlscan.io
SecurityTrails logo

bansos.duckdns.org Open in urlscan Pro
185.218.126.152  Public Scan

Go To Rescan Add Verdict Report
URL: http://bansos.duckdns.org/
Submission: On January 31 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 10 HTTP transactions. The main IP is 185.218.126.152, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is bansos.duckdns.org.
This is the only time bansos.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.218.126.152 51167 (CONTABO)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 143.204.98.19 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 158.69.248.123 16276 (OVH)
10 8
2    185.218.126.152 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi699930.contaboserver.net
bansos.duckdns.org
1    2606:4700:3038::6815:eabd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.idntimes.com
1    2606:4700:3037::ac43:df0b (United States)

ASN13335 (CLOUDFLARENET, US)
dailyspin.id
1    143.204.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-19.fra50.r.cloudfront.net
i1.sndcdn.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    158.69.248.123 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns542881.ip-158-69-248.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14234
s4.histats.com — Cisco Umbrella Rank: 12293
5 KB
2 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 8202
28 KB
2 duckdns.org
bansos.duckdns.org
123 KB
1 sndcdn.com
i1.sndcdn.com — Cisco Umbrella Rank: 8903
50 KB
1 dailyspin.id
dailyspin.id — Cisco Umbrella Rank: 637954
39 KB
1 idntimes.com
cdn.idntimes.com — Cisco Umbrella Rank: 110021
178 KB
0 jsprivate.one Failed
cdn.jsprivate.one Failed
10 7
Domain Requested by
2 1.bp.blogspot.com bansos.duckdns.org
2 bansos.duckdns.org bansos.duckdns.org
1 s4.histats.com s10.histats.com
1 s10.histats.com bansos.duckdns.org
1 i1.sndcdn.com bansos.duckdns.org
1 dailyspin.id bansos.duckdns.org
1 cdn.idntimes.com bansos.duckdns.org
0 cdn.jsprivate.one Failed bansos.duckdns.org
10 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.dailyspin.id
R3		 2021-12-31 -
2022-03-31		 3 months crt.sh
*.sndcdn.com
GlobalSign GCC R3 DV TLS CA 2020		 2022-01-17 -
2023-02-18		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://bansos.duckdns.org/
Frame ID: A048142DCAB560FEF83859232178F2F6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Subsidi Bansos Kemendikbud RIicon 65 file gif

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

10
Requests

60 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

422 kB
Transfer

479 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bansos.duckdns.org/ 		71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bansos.duckdns.org/
Protocol
HTTP/1.1
Server
185.218.126.152 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi699930.contaboserver.net
Software
LiteSpeed /
Resource Hash
f75f12fdd0c7959e77eb7ab43442aff4a3d19b6658fd4770990f9c7c6c700f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-length
18089
content-encoding
gzip
date
Mon, 31 Jan 2022 04:13:08 GMT
server
LiteSpeed
belajar_online2.jpg
bansos.duckdns.org/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bansos.duckdns.org/belajar_online2.jpg
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
HTTP/1.1
Server
185.218.126.152 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi699930.contaboserver.net
Software
LiteSpeed /
Resource Hash
eb066b154e042e25fdc45b38b4135847f1704627aaad914cebb0b5d91330f40e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:13:08 GMT
last-modified
Tue, 25 Jan 2022 13:42:58 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
107379
expires
Mon, 07 Feb 2022 04:13:08 GMT
58409621-2364435567170481-8062474964280319137-n-aa678deb81b5050d7abdb2441f55dda9.jpg
cdn.idntimes.com/content-images/post/20190919/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idntimes.com/content-images/post/20190919/58409621-2364435567170481-8062474964280319137-n-aa678deb81b5050d7abdb2441f55dda9.jpg
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdcbf757f12356e771ab6ce28935c9717a5c8f2ca40e9a98b253b87e1d197b7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:13:09 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
181534
last-modified
Thu, 19 Sep 2019 03:59:43 GMT
server
cloudflare
etag
"5d82fd2f-2c51e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQYZMQ4ArdlY40tMoHOB2WKP3qEE7xY%2F1lxsBZJa%2BBXXRmAxHkKvtH1DHXGd1COJYAY12Jy0JXB%2FOAEluPYZdLr5lXHLd3akl9crTlMvi%2BicbjqDotepG0GPso7V6vP4uPGDGoO4TWcgCNHbDhrT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, public
accept-ranges
bytes
cf-ray
6d601b11ec987795-LHR
expires
Sat, 19 Oct 2019 03:59:43 GMT
Notnot.jpg
dailyspin.id/wp-content/uploads/2020/09/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyspin.id/wp-content/uploads/2020/09/Notnot.jpg
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:df0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac5057dc4840847239ffddfe2d5c53c6a88942c51df7151f11b4504a32f5130d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:13:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
488982
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39180
last-modified
Sun, 20 Jun 2021 23:11:31 GMT
server
cloudflare
etag
"60cfcb23-990c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sw0773cDozMXTyKjP9bckDrBzosvE9STwK35LZqop6CyB%2F8H9cnqk4nbUrl%2FUcXrS1C78fuGIscHqqDi%2FsHfuVfVA%2BIW%2BFeBMMjSJYnJhV5E9lMc6mx6AUhTMI%2BYsz2%2FZPfakHkIHk6yIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6d601b11ca5691ed-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
artworks-zbpi96JdvMpyLPpL-9k5o0A-t500x500.jpg
i1.sndcdn.com/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/artworks-zbpi96JdvMpyLPpL-9k5o0A-t500x500.jpg
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-19.fra50.r.cloudfront.net
Software
/
Resource Hash
a925fb08c968022b8417550bbb028f484a1899d9c09af1f32fec958231ac4488

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 18:20:12 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
age
2627576
access-control-allow-methods
GET
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=3628800
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id
Q16fmjVgjD7GE1ZI_Fj_5eU1OuN-unL-efaGw7CZe1lfnz3jvxY2CQ==
3.jpg
1.bp.blogspot.com/-EpCGMpq_hb8/XoyMgWpzVCI/AAAAAAAAA-w/eAocnTjnGFcmc_Jt_bEHOpBDGjzemKp1QCLcBGAsYHQ/s320/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-EpCGMpq_hb8/XoyMgWpzVCI/AAAAAAAAA-w/eAocnTjnGFcmc_Jt_bEHOpBDGjzemKp1QCLcBGAsYHQ/s320/3.jpg
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cc8b231dc8206b0f2cb5b9a8b1acbf3267b6726da4e3115e6268cd398e3985fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 02:23:15 GMT
x-content-type-options
nosniff
age
6593
content-disposition
inline;filename="3.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24098
x-xss-protection
0
server
fife
etag
"v3f2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 04:24:16 GMT
user-3.jpg
1.bp.blogspot.com/-UHwDHbmaCR8/XpKdLrYzZMI/AAAAAAAAADc/ZGJBHQHk0sE-mX6hEWrF9KIJS05FUet0gCLcBGAsYHQ/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-UHwDHbmaCR8/XpKdLrYzZMI/AAAAAAAAADc/ZGJBHQHk0sE-mX6hEWrF9KIJS05FUet0gCLcBGAsYHQ/s1600/user-3.jpg
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d5e93d29f9f42aacb3a01e670d8fe946089075a7e93f587da5422e1944d0db68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 02:23:15 GMT
x-content-type-options
nosniff
age
6593
content-disposition
inline;filename="user-3.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3607
x-xss-protection
0
server
fife
etag
"v3e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 16 Nov 2021 21:29:41 GMT
oneConnect.js
cdn.jsprivate.one/ajax/libs/private/2.0/ 		0
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: bansos.duckdns.org
URL: http://bansos.duckdns.org/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:06:12 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
42473
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
8AC72685:8758_2E69C9F0:0050_61F761D7_53041:27407
content-length
4547
x-request-id
32442480
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4600649&@f16&@g1&@h1&@i1&@j1643602391021&@k0&@l1&@mSubsidi%20Bansos%20Kemendikbud%20RI&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-193831252&@b3:1643602391&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fbansos.duckdns.org%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.248.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns542881.ip-158-69-248.net
Software
/
Resource Hash
ca6dec268181f612129048c1a6b0dce64b86fd3284cde9eaf885a757a0142783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bansos.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 04:13:11 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jsprivate.one
URL
https://cdn.jsprivate.one/ajax/libs/private/2.0/oneConnect.js?v=1643602388762

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| set_Cookie function| get_Cookie function| prevent string| _0xodF object| _0x3d76 function| _0x2994 function| _0x40837a function| _0x3b9713 object| DOMString object| objServer string| adsLink string| landingDomain1 function| enviar function| tip_text function| deadline function| messageToSend function| adhtml number| counter number| counter2 number| seconds function| getTextNodesIn object| _Hasync function| hh function| jp function| fh function| goon function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
bansos.duckdns.org/ Name: HstCfa4600649
Value: 1643602391021
bansos.duckdns.org/ Name: HstCla4600649
Value: 1643602391021
bansos.duckdns.org/ Name: HstCmu4600649
Value: 1643602391021
bansos.duckdns.org/ Name: HstPn4600649
Value: 1
bansos.duckdns.org/ Name: HstPt4600649
Value: 1
bansos.duckdns.org/ Name: HstCnv4600649
Value: 1
bansos.duckdns.org/ Name: HstCns4600649
Value: 1

3 Console Messages

Source Level URL
Text
javascript warning URL: http://bansos.duckdns.org/(Line 1133)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsprivate.one/ajax/libs/private/2.0/oneConnect.js?v=1643602388762, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://bansos.duckdns.org/(Line 1133)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsprivate.one/ajax/libs/private/2.0/oneConnect.js?v=1643602388762, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.jsprivate.one/ajax/libs/private/2.0/oneConnect.js?v=1643602388762
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED