www.citizenship.my.id Open in urlscan Pro
103.147.154.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.citizenship.my.id/
Submission: On June 22 via automatic, source certstream-suspicious (June 22nd 2020, 11:59:00 am UTC)

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 103.147.154.49, located in and belongs to IDNIC-DENEVA-AS-ID PT Deneva, ID. The main domain is www.citizenship.my.id.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 22nd 2020. Valid for: 3 months.

This is the only time www.citizenship.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.147.154.49 103.147.154.49	138115 (IDNIC-DEN...) (IDNIC-DENEVA-AS-ID PT Deneva)
2	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::681a:eb7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:fb7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.17 192.0.77.17	2635 (AUTOMATTIC) (AUTOMATTIC)
17	6

1 103.147.154.49 (None, )

ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID)
PTR: missandei.id.rapidplex.com

www.citizenship.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:eb7 (United States)

ASN13335 (CLOUDFLARENET, US)

files.domainesia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:fb7 (United States)

ASN13335 (CLOUDFLARENET, US)

static.domainesia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.17 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: cldup.com

cldup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	domainesia.com files.domainesia.com static.domainesia.com	306 KB
2	cloudflare.com cdnjs.cloudflare.com	72 KB
1	cldup.com cldup.com	6 KB
1	citizenship.my.id www.citizenship.my.id	3 KB
0	googleapis.com Failed fonts.googleapis.com Failed
17	5

	Domain	Requested by
10	files.domainesia.com	www.citizenship.my.id
2	static.domainesia.com	www.citizenship.my.id
2	cdnjs.cloudflare.com	www.citizenship.my.id
1	cldup.com	www.citizenship.my.id
1	www.citizenship.my.id
0	fonts.googleapis.com Failed	www.citizenship.my.id
17	6

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.domainesia.com

Subject Issuer	Validity	Valid
www.citizenship.my.id Let's Encrypt Authority X3	`2020-06-22` - `2020-09-20`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
domainesia.com CloudFlare Inc ECC CA-2	`2020-03-30` - `2020-10-09`	6 months	crt.sh
*.cldup.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-09` - `2021-06-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.citizenship.my.id/
Frame ID: F24D0FB1881BFA2D85BD2B2908B9D3DE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

94 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

386 kB
Transfer

513 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://bit.ly/panduan-wordpress
Title: download disini

Search URL Search Domain Scan URL

URL: https://www.domainesia.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.citizenship.my.id/ 11 KB
3 KB 1117ms
180ms Document
text/html 103.147.154.49
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citizenship.my.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.154.49 -, , ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),
Reverse DNS: missandei.id.rapidplex.com
Software: /
Resource Hash: f300d7eaa474c11f823a63437c869c293efa7dc85de56b334f182455fa03b614

Request headers

:method: GET
:authority: www.citizenship.my.id
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 22 Jun 2020 11:58:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 22 Jun 2020 11:18:11 GMT
expires: Mon, 22 Jun 2020 11:59:40 GMT
cache-control: max-age=60 public
x-cache-status: MISS
pragma: no-cache
content-encoding: br

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 15ms
12ms Stylesheet
text/css 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11772572
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 037d7e28860000dfe32f176200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-6b4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5a75cc873b9cdfe3-FRA
expires: Sat, 12 Jun 2021 11:58:41 GMT

GET
H2 200 main.css
files.domainesia.com/repo/instant-deploy/wordpress/main/ 47 KB
7 KB 235ms
202ms Stylesheet
text/css 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/main.css

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

607d4566e5d41191e56ecab2dd17b2e7e227e91e84e4a239be61028c4345c4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: W/"bc65-57636b926eaba-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; preload
cf-ray: 5a75cc877cf8d6d5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 037d7e28a70000d6d52c1e6200000001

GET
H2 200 instant-deploy.png
files.domainesia.com/repo/instant-deploy/wordpress/main/ 12 KB
13 KB 219ms
187ms Image
image/webp 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/instant-deploy.png

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ce7ebd44c455494a6db138a50cb5f88627d64247275cfd2253b7fbb70b1ad8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=17207
status: 200
content-disposition: inline; filename="instant-deploy.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12596
cf-request-id: 037d7e28a70000d6d52c1e7200000001
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: "4337-57636b92c75f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877cfad6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pic01.jpg
files.domainesia.com/repo/instant-deploy/wordpress/main/ 20 KB
21 KB 242ms
210ms Image
image/webp 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/pic01.jpg

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315da193c342438218caa6fa548be52022e72b97ef9bed244fc81847c5433395

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=22046
status: 200
content-disposition: inline; filename="pic01.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20926
cf-request-id: 037d7e28a70000d6d52c1e9200000001
last-modified: Wed, 19 Sep 2018 10:18:09 GMT
server: cloudflare
etag: "561e-57636b921d4b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877cfdd6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 purus.jpg
files.domainesia.com/repo/instant-deploy/wordpress/main/ 29 KB
29 KB 235ms
203ms Image
image/jpeg 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/purus.jpg

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e2bfd2b564f697664d5886db93a03af9ab4e38773893c2a75cbb82b083bfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29521
cf-request-id: 037d7e28a70000d6d52c1e8200000001
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: "7351-57636b92e239d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877cfcd6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 snowbird.jpg
files.domainesia.com/repo/instant-deploy/wordpress/main/ 34 KB
35 KB 224ms
192ms Image
image/jpeg 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/snowbird.jpg

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78930ea60c36ef0885863ddb004685e120ba3cbe3ea91934bab5d4edcfef8da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35308
cf-request-id: 037d7e28a70000d6d52c1eb200000001
last-modified: Wed, 19 Sep 2018 10:18:09 GMT
server: cloudflare
etag: "89ec-57636b91d8efb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877d00d6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 tracks.jpg
files.domainesia.com/repo/instant-deploy/wordpress/main/ 30 KB
30 KB 228ms
197ms Image
image/jpeg 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/tracks.jpg

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b0590d709abc08170d99ff7ba7a68902b6b5458b49f57c188fafe273900559

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30922
cf-request-id: 037d7e28a70000d6d52c1ea200000001
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: "78ca-57636b92f4210"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877cffd6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pic02.jpg
files.domainesia.com/repo/instant-deploy/wordpress/main/ 37 KB
37 KB 184ms
183ms Image
image/webp 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/pic02.jpg

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e08be97677db34057cde0c88bc50104507c607ac9f066f59ed5589ce75ef5bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=40107
status: 200
content-disposition: inline; filename="pic02.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37702
cf-request-id: 037d7e28ad0000d6d52c1ed200000001
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: "9cab-57636b927bb0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877d15d6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 w20.png
files.domainesia.com/repo/instant-deploy/wordpress/main/ 20 KB
21 KB 202ms
201ms Image
image/webp 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/w20.png

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92ded260d494f904098ac6f60429628c049afc796449847a6d1d52e0301dd902

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=57846
status: 200
content-disposition: inline; filename="w20.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20916
cf-request-id: 037d7e28ad0000d6d52c1ee200000001
last-modified: Wed, 29 Jan 2020 10:36:09 GMT
server: cloudflare
etag: "e1f6-59d44e8a0726c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877d17d6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 pic00.jpg
files.domainesia.com/repo/instant-deploy/wordpress/main/ 29 KB
29 KB 192ms
192ms Image
image/webp 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/pic00.jpg

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0450f4458a4526ae95ff3c1508495003265273b5e34f78bc9888de7d83a1d835

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=92253
status: 200
content-disposition: inline; filename="pic00.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29976
cf-request-id: 037d7e28ad0000d6d52c1ef200000001
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: "1685d-57636b924a0cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc877d1ad6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 maskot.png
static.domainesia.com/assets/images/ 48 KB
49 KB 66ms
24ms Image
image/webp 2606:4700:20::681a:fb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.domainesia.com/assets/images/maskot.png

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

711ccd5331858ca0a1816067b71712d551499cb8cb0e3375efd9d4e2f3ccceff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9889
cf-polished: origFmt=png, origSize=70209
status: 200
content-disposition: inline; filename="maskot.webp"
strict-transport-security: max-age=2592000; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49114
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jun 2018 11:47:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "11241-56f9e2eb686a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jul 2020 05:34:30 GMT
cache-control: max-age=31536000
cf-request-id: 037d7e28b30000dfad79131200000001
accept-ranges: bytes
cf-ray: 5a75cc878d3fdfad-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 wlBhpLdBxb-1200x1200.png
cldup.com/ 6 KB
6 KB 36ms
11ms Image
image/png 192.0.77.17
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cldup.com/wlBhpLdBxb-1200x1200.png

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.17 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

cldup.com

Software

nginx /

Resource Hash

877cac8ad5337d2af2766a6d18521289d39273a32fa83d3ff7f9a9d6c6ee3fe6

Security Headers

Name	Value
Content-Security-Policy	worker-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 1
date: Mon, 22 Jun 2020 11:58:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2015 11:59:04 GMT
server: nginx
etag: "15b7f5287d527c2fcc66efee87037c34"
content-type: image/png
status: 200
cache-control: max-age=31536000
content-security-policy: worker-src 'none'
accept-ranges: bytes
content-length: 5918
expires: Tue, 22 Jun 2021 11:58:41 GMT

GET
H2 200 jquery.js Show response
static.domainesia.com/assets/js/ 94 KB
32 KB 73ms
29ms Script
application/javascript 2606:4700:20::681a:fb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.domainesia.com/assets/js/jquery.js

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.citizenship.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 9889
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 037d7e28b30000dfad79130200000001
last-modified: Wed, 27 Jun 2018 11:47:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1762a-56f9e2eb938bd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 5a75cc878d3cdfad-FRA
expires: Sun, 19 Jul 2020 03:42:30 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 bg01.png
files.domainesia.com/repo/instant-deploy/wordpress/main/ 3 KB
4 KB 184ms
182ms Image
image/webp 2606:4700:20::681a:eb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.domainesia.com/repo/instant-deploy/wordpress/main/bg01.png

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9edfaf93e02db94bdbbae089a9cc150dd5230ac821d8db25204350175575663

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload

Request headers

Referer: https://files.domainesia.com/repo/instant-deploy/wordpress/main/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=3535
status: 200
content-disposition: inline; filename="bg01.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3382
cf-request-id: 037d7e29790000d6d52c1fa200000001
last-modified: Wed, 19 Sep 2018 10:18:10 GMT
server: cloudflare
etag: "dcf-57636b92bbfa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; preload
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a75cc88cff7d6d5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 65 KB
66 KB 32ms
17ms Font
application/octet-stream 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.citizenship.my.id
URL: https://www.citizenship.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://www.citizenship.my.id

Response headers

date: Mon, 22 Jun 2020 11:58:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20493050
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
cf-request-id: 037d7e298800000746f0bc5200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: "5afd4910-10440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5a75cc88deb30746-FRA
expires: Sat, 12 Jun 2021 11:58:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic,800

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cldup.com
files.domainesia.com
fonts.googleapis.com
static.domainesia.com
www.citizenship.my.id
fonts.googleapis.com
103.147.154.49
192.0.77.17
2606:4700:20::681a:eb7
2606:4700:20::681a:fb7
2606:4700::6810:85e5
0450f4458a4526ae95ff3c1508495003265273b5e34f78bc9888de7d83a1d835
315da193c342438218caa6fa548be52022e72b97ef9bed244fc81847c5433395
50b0590d709abc08170d99ff7ba7a68902b6b5458b49f57c188fafe273900559
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
607d4566e5d41191e56ecab2dd17b2e7e227e91e84e4a239be61028c4345c4b1
6ce7ebd44c455494a6db138a50cb5f88627d64247275cfd2253b7fbb70b1ad8a
711ccd5331858ca0a1816067b71712d551499cb8cb0e3375efd9d4e2f3ccceff
78930ea60c36ef0885863ddb004685e120ba3cbe3ea91934bab5d4edcfef8da1
877cac8ad5337d2af2766a6d18521289d39273a32fa83d3ff7f9a9d6c6ee3fe6
92ded260d494f904098ac6f60429628c049afc796449847a6d1d52e0301dd902
c9edfaf93e02db94bdbbae089a9cc150dd5230ac821d8db25204350175575663
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e08be97677db34057cde0c88bc50104507c607ac9f066f59ed5589ce75ef5bdd
f1e2bfd2b564f697664d5886db93a03af9ab4e38773893c2a75cbb82b083bfbe
f300d7eaa474c11f823a63437c869c293efa7dc85de56b334f182455fa03b614
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.citizenship.my.id Open in urlscan Pro 103.147.154.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

386 kBTransfer

513 kBSize

0 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

www.citizenship.my.id Open in urlscan Pro
103.147.154.49 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

386 kB
Transfer

513 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions