malangsite.amazondeforestation.io Open in urlscan Pro
172.96.191.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://malangsite.amazondeforestation.io/
Submission Tags: @phishunt_io
Submission: On October 21 via api (October 21st 2021, 12:52:08 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 6 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 172.96.191.49, located in Fergus, Canada and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is malangsite.amazondeforestation.io.
TLS certificate: Issued by R3 on October 20th 2021. Valid for: 3 months.

This is the only time malangsite.amazondeforestation.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	172.96.191.49 172.96.191.49		59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	216.58.212.170 216.58.212.170		15169 (GOOGLE) (GOOGLE)
3	142.250.186.163 142.250.186.163		15169 (GOOGLE) (GOOGLE)
16	4

9 172.96.191.49 (Fergus, Canada)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.49-static.reverse.arandomserver.com

malangsite.amazondeforestation.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
malangsite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	malangsite.net malangsite.net	194 KB
3	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	amazondeforestation.io malangsite.amazondeforestation.io	6 KB
16	4

	Domain	Requested by
8	malangsite.net	malangsite.amazondeforestation.io malangsite.net
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	malangsite.amazondeforestation.io
1	malangsite.amazondeforestation.io
16	4

This site contains links to these domains. Also see Links.

Domain
malangsite.net
web.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
www.malangsite.amazondeforestation.io R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://malangsite.amazondeforestation.io/
Frame ID: FA6C38B42FBF1455ACD814B79DA6F8A4
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malangsite.net - Info Wisata, Cafe dan Penginapan

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

249 kB
Transfer

482 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://malangsite.net/

Search URL Search Domain Scan URL

URL: https://malangsite.net/cafe-monstera-batu/
Title: <img width="640" height="428" src="https://malangsite.net/wp-content/uploads/2021/10/cafe-monstera-batu-640x428.jpg" class="attachment-kutak-blog size-kutak-blog is-object-fit object-fit-taller" alt="cafe monstera batu" loading="lazy" data-type="featured" data-no-lazy="true" sizes="(min-width: 1200px) 760px, (min-width: 870px) calc(66vw - 60px), calc(100vw - 40px)" />

Search URL Search Domain Scan URL

URL: https://malangsite.net/category/cafe/
Title: Cafe

Search URL Search Domain Scan URL

URL: https://malangsite.net/2021/10/
Title: Oktober 2021

Search URL Search Domain Scan URL

URL: https://web.facebook.com/malangsite/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malangsite/
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
malangsite.amazondeforestation.io/ 20 KB
6 KB 1166ms
656ms Document
text/html 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.24
Resource Hash: 1b12513b7df245096cb9ed3c7ab73631697fd95162c797c0467d068a859fd651

Request headers

:method: GET
:authority: malangsite.amazondeforestation.io
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.4.24
content-type: text/html; charset=UTF-8
link: <https://malangsite.net/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Thu, 21 Oct 2021 00:52:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 38ms
16ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i%2C600%2C600i%2C700%2C700i&subset=latin%2Clatin-ext&ver=2.5

Requested by

Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

ESF /

Resource Hash

ad172f23aa9faf9104c104656fd411f16002677361f1c51f5212b5089869c692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 00:52:02 GMT
server: ESF
date: Thu, 21 Oct 2021 00:52:02 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 21 Oct 2021 00:52:02 GMT

GET
H2 200 style.css
malangsite.net/wp-content/themes/kutak/ 133 KB
22 KB 398ms
363ms Stylesheet
text/css 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.net/wp-content/themes/kutak/style.css?ver=2.5
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: bd1f89ad2e0383fe608eb3feeb16c32529a3f55cb0b30e4fe2e4b4e62d6dd80f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:02 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 08:59:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22965
expires: Thu, 28 Oct 2021 00:52:02 GMT

GET
H2 200 jquery.min.js Show response
malangsite.net/wp-includes/js/jquery/ 87 KB
30 KB 220ms
185ms Script
application/javascript 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:02 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 12:37:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30273
expires: Thu, 28 Oct 2021 00:52:02 GMT

GET
H2 200 jquery-migrate.min.js Show response
malangsite.net/wp-includes/js/jquery/ 11 KB
4 KB 397ms
362ms Script
application/javascript 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:02 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 06:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Thu, 28 Oct 2021 00:52:02 GMT

GET
H2 200 malangsite.net-logo.png
malangsite.net/wp-content/uploads/2021/10/ 5 KB
5 KB 182ms
181ms Image
image/png 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malangsite.net/wp-content/uploads/2021/10/malangsite.net-logo.png
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 34f3248ca63eb210375e07b25ef1e9b31098efce721825a695929f21287465bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:03 GMT
last-modified: Wed, 20 Oct 2021 09:06:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5215
expires: Thu, 28 Oct 2021 00:52:03 GMT

GET
H2 200 main.js Show response
malangsite.net/wp-content/themes/kutak/assets/js/ 25 KB
6 KB 178ms
178ms Script
application/javascript 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.net/wp-content/themes/kutak/assets/js/main.js?ver=2.5
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 6f83ce6efecf11b4952e6eb70a5d986471ae74743f53cc8e0f25df8079067600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:03 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 08:59:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5968
expires: Thu, 28 Oct 2021 00:52:03 GMT

GET
H2 200 wp-embed.min.js Show response
malangsite.net/wp-includes/js/ 1 KB
719 B 179ms
179ms Script
application/javascript 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:03 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 12:59:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 663
expires: Thu, 28 Oct 2021 00:52:03 GMT

GET
H2 200 wp-emoji-release.min.js Show response
malangsite.net/wp-includes/js/ 18 KB
4 KB 181ms
181ms Script
application/javascript 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://malangsite.net/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:03 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 19:45:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4539
expires: Thu, 28 Oct 2021 00:52:03 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec844bcfc81f9b22d7d1fd1b428398dc5f2d7094f210ccd22053f685585ac1de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 30ms
7ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i%2C600%2C600i%2C700%2C700i&subset=latin%2Clatin-ext&ver=2.5

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://malangsite.amazondeforestation.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:16:30 GMT
x-content-type-options: nosniff
age: 308133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 11:16:30 GMT

GET kutak.woff2
malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/ 0
0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
16 KB 37ms
14ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i%2C600%2C600i%2C700%2C700i&subset=latin%2Clatin-ext&ver=2.5

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://malangsite.amazondeforestation.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 22:36:07 GMT
x-content-type-options: nosniff
age: 180956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 22:36:07 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 34ms
11ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i%2C600%2C600i%2C700%2C700i&subset=latin%2Clatin-ext&ver=2.5

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://malangsite.amazondeforestation.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 23:11:53 GMT
x-content-type-options: nosniff
age: 351610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 16 Oct 2022 23:11:53 GMT

GET
H2 200 cafe-monstera-batu-640x428.jpg
malangsite.net/wp-content/uploads/2021/10/ 121 KB
121 KB 179ms
179ms Image
image/jpeg 172.96.191.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malangsite.net/wp-content/uploads/2021/10/cafe-monstera-batu-640x428.jpg
Requested by: Host: malangsite.amazondeforestation.io
URL: https://malangsite.amazondeforestation.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.49 Fergus, Canada, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.49-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: a2e7c0e15b1a7177ba3065ab25787321d22a631249cd508c385dddd22d931201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://malangsite.amazondeforestation.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:52:03 GMT
last-modified: Wed, 20 Oct 2021 11:57:42 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 124095
expires: Thu, 28 Oct 2021 00:52:03 GMT

GET kutak.woff
malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/ 0
0

GET kutak.ttf
malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: malangsite.net
URL: https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.woff2

Domain: malangsite.net
URL: https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.woff

Domain: malangsite.net
URL: https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.ttf

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| kutak_vars object| wp object| twemoji

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://malangsite.amazondeforestation.io/ Message: Access to font at 'https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.woff2' from origin 'https://malangsite.amazondeforestation.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://malangsite.amazondeforestation.io/ Message: Access to font at 'https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.woff' from origin 'https://malangsite.amazondeforestation.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://malangsite.amazondeforestation.io/ Message: Access to font at 'https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.ttf' from origin 'https://malangsite.amazondeforestation.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://malangsite.net/wp-content/themes/kutak/assets/font-icons/fontello/font/kutak.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
malangsite.amazondeforestation.io
malangsite.net
malangsite.net
142.250.186.163
172.96.191.49
216.58.212.170
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
1b12513b7df245096cb9ed3c7ab73631697fd95162c797c0467d068a859fd651
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
34f3248ca63eb210375e07b25ef1e9b31098efce721825a695929f21287465bb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6f83ce6efecf11b4952e6eb70a5d986471ae74743f53cc8e0f25df8079067600
a2e7c0e15b1a7177ba3065ab25787321d22a631249cd508c385dddd22d931201
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ad172f23aa9faf9104c104656fd411f16002677361f1c51f5212b5089869c692
bd1f89ad2e0383fe608eb3feeb16c32529a3f55cb0b30e4fe2e4b4e62d6dd80f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
ec844bcfc81f9b22d7d1fd1b428398dc5f2d7094f210ccd22053f685585ac1de
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309