urlscan.io logo urlscan.io
SecurityTrails logo

103.241.66.238
103.241.66.238  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: http://103.241.66.238:1337/
Submission Tags: c2 malware twiz Search All
Submission: On April 06 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 103.241.66.238, located in Milan, Italy and belongs to KAMATERA - Kamatera, Inc., US. The main domain is 103.241.66.238.
This is the only time 103.241.66.238 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 103.241.66.238 36007 (KAMATERA)
1 142.251.14.95 15169 (GOOGLE)
1 104.16.174.226 13335 (CLOUDFLAR...)
1 142.251.13.94 15169 (GOOGLE)
7 4
Apex Domain
Subdomains		 Transfer
1 gstatic.com
fonts.gstatic.com — Cisco Umbrella Rank: 27 9yr old
47 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 256 13yr old
71 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 56yr old
1 KB
7 3
Domain Requested by
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net 103.241.66.238
1 fonts.googleapis.com 103.241.66.238
7 3

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
WE2		 2026-03-16 -
2026-06-08		 3mo crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2025-04-25 -
2026-05-04		 1yr crt.sh
*.gstatic.com
WE2		 2026-03-16 -
2026-06-08		 3mo crt.sh

This page contains 1 frames:

Primary Page: http://103.241.66.238:1337/
Frame ID: 1AF98119D8AC04B4688A8AD981A227CC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TwizAdmin | Dashboard

Detected technologies

Overall confidence: 75%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.jsdelivr\.net

Page Statistics

7
Requests

43 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

142 kB
Transfer

285 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
103.241.66.238/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://103.241.66.238:1337/
Protocol
HTTP/1.1
Server
103.241.66.238 Milan, Italy, ASN36007 (KAMATERA - Kamatera, Inc., US),
Reverse DNS
Software
uvicorn /
Resource Hash
0375687ad6971ca4f29d8c0b97a6bca7e82cb8d4f69cc6199b9a6d47b8cadf25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
5551
content-type
text/html; charset=utf-8
date
Mon, 06 Apr 2026 23:51:12 GMT
etag
"6cc59d6714433b29ffd0c8f08b6ae53f"
last-modified
Fri, 27 Mar 2026 18:48:34 GMT
server
uvicorn
style.css
103.241.66.238/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://103.241.66.238:1337/style.css
Requested by
Host: 103.241.66.238
URL: http://103.241.66.238:1337/
Protocol
HTTP/1.1
Server
103.241.66.238 Milan, Italy, ASN36007 (KAMATERA - Kamatera, Inc., US),
Reverse DNS
Software
uvicorn /
Resource Hash
e255beedfb6727ab6c0361d4c0c25a35a47901c0831856259107d1fcaec6de3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer
http://103.241.66.238:1337/

Response headers

accept-ranges
bytes
content-length
6516
date
Mon, 06 Apr 2026 23:51:12 GMT
etag
"5f5aed4a70c729dad4858657eabea439"
content-type
text/css; charset=utf-8
last-modified
Fri, 27 Mar 2026 18:48:46 GMT
server
uvicorn
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: 103.241.66.238
URL: http://103.241.66.238:1337/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.251.14.95 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
pm-in-f95.1e100.net
Software
ESF /
Resource Hash
840421ed70002f154ec853c0637381a3e8135c8585d5776ef24f9b68fa3ba364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Linux"
Referer
http://103.241.66.238:1337/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="146", "Google Chrome";v="146", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 06 Apr 2026 23:51:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Apr 2026 23:51:13 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 06 Apr 2026 23:24:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
chart.js
cdn.jsdelivr.net/npm/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/chart.js
Requested by
Host: 103.241.66.238
URL: http://103.241.66.238:1337/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.174.226 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48444a82d4edcb5bec0f1965faacdde18d9c17db3063d042abada2f705c9f54a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Linux"
Referer
http://103.241.66.238:1337/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="146", "Google Chrome";v="146", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"32e8a-y1VYFBBM+4v4jk0bIQM7SVw8Wnc"
age
25133
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VyGPkMYYPDjP6oiQc%2FC%2FsCB4W2h6kI%2FslVkTyCvOfPJ4G0wf6R7fWVrnKOp6%2BVVMe9nFV6MZWHyv9z7piVhd9CaW7GGQ0xqO5d%2Bd5NcrfYAH%2BrYLQR4NXZLq3tPcyOFlGVs%3D"}]}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT
date
Mon, 06 Apr 2026 23:51:13 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230056-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9e84b306cd68cb3f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
71722
server
cloudflare
x-jsd-version
4.5.1
app.js
103.241.66.238/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://103.241.66.238:1337/app.js
Requested by
Host: 103.241.66.238
URL: http://103.241.66.238:1337/
Protocol
HTTP/1.1
Server
103.241.66.238 Milan, Italy, ASN36007 (KAMATERA - Kamatera, Inc., US),
Reverse DNS
Software
uvicorn /
Resource Hash
c9670183c3b02996f7d1899b08c60d2ab699b8af58beda4dd07c88ca7fb5196c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer
http://103.241.66.238:1337/

Response headers

accept-ranges
bytes
content-length
10469
date
Mon, 06 Apr 2026 23:51:12 GMT
etag
"907a47df50787d1750fcc8cd82c288f1"
content-type
text/javascript; charset=utf-8
last-modified
Fri, 27 Mar 2026 18:48:48 GMT
server
uvicorn
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v20/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.13.94 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wt-in-f94.1e100.net
Software
sffe /
Resource Hash
3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://103.241.66.238:1337
sec-ch-ua-platform
"Linux"
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="146", "Google Chrome";v="146", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

age
81275
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 06 Apr 2027 01:16:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Apr 2026 01:16:38 GMT
last-modified
Tue, 09 Sep 2025 18:33:53 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48256
x-xss-protection
0
server
sffe
favicon.ico
103.241.66.238/ 		22 B
154 B 		Other
General
Check archive.org
Download Go to
Full URL
http://103.241.66.238:1337/favicon.ico
Protocol
HTTP/1.1
Server
103.241.66.238 Milan, Italy, ASN36007 (KAMATERA - Kamatera, Inc., US),
Reverse DNS
Software
uvicorn /
Resource Hash
37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
Referer
http://103.241.66.238:1337/

Response headers

content-length
22
date
Mon, 06 Apr 2026 23:51:13 GMT
content-type
application/json
server
uvicorn

Verdicts & Comments Add Verdict or Comment

1 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| Chart

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: http://103.241.66.238:1337/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: http://103.241.66.238:1337/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)