rt16.omahide.com Open in urlscan Pro
103.97.141.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rt16.omahide.com/
Submission: On December 06 via api (December 6th 2023, 2:03:52 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 103.97.141.217, located in Indonesia and belongs to IDNIC-PTAMI-AS-ID PT Apik Media Inovasi, ID. The main domain is rt16.omahide.com.
TLS certificate: Issued by R3 on December 6th 2023. Valid for: 3 months.

This is the only time rt16.omahide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	103.97.141.217 103.97.141.217		136845 (IDNIC-PTA...) (IDNIC-PTAMI-AS-ID PT Apik Media Inovasi)
2	2a04:4e42:200... 2a04:4e42:200::485		54113 (FASTLY) (FASTLY)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f		15169 (GOOGLE) (GOOGLE)
8	4

3 103.97.141.217 (Indonesia)

ASN136845 (IDNIC-PTAMI-AS-ID PT Apik Media Inovasi, ID)
PTR: mencadin.in-hell.com

rt16.omahide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	omahide.com rt16.omahide.com	25 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	85 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	43 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	33 KB
8	4

	Domain	Requested by
3	rt16.omahide.com	rt16.omahide.com
2	use.fontawesome.com	rt16.omahide.com use.fontawesome.com
2	cdn.jsdelivr.net	rt16.omahide.com
1	ajax.googleapis.com	rt16.omahide.com
8	4

This site contains no links.

Subject Issuer	Validity	Valid
www.rt16.omahide.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rt16.omahide.com/
Frame ID: 278E38AC49DF4CBE761D1C8A7CC6D200
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Boteng RT16

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

186 kB
Transfer

628 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rt16.omahide.com/ 3 KB
1 KB 1239ms
315ms Document
text/html 103.97.141.217
IDNIC-PTAMI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt16.omahide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.97.141.217 , Indonesia, ASN136845 (IDNIC-PTAMI-AS-ID PT Apik Media Inovasi, ID),
Reverse DNS: mencadin.in-hell.com
Software: LiteSpeed /
Resource Hash: 7c0c52835489634d91f8a8b5f1bd4f65a2f9e3ee720a7fbe47881f495091b351

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 1155
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 14:03:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 styles.css
rt16.omahide.com/css/ 183 KB
23 KB 306ms
304ms Stylesheet
text/css 103.97.141.217
IDNIC-PTAMI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt16.omahide.com/css/styles.css
Requested by: Host: rt16.omahide.com
URL: https://rt16.omahide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.97.141.217 , Indonesia, ASN136845 (IDNIC-PTAMI-AS-ID PT Apik Media Inovasi, ID),
Reverse DNS: mencadin.in-hell.com
Software: LiteSpeed /
Resource Hash: d916f59cc1bf2c97c260262a1ffce201836b89a28ee0ea1cea2881c51370aa4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rt16.omahide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:03:45 GMT
content-encoding: br
last-modified: Wed, 06 Dec 2023 09:14:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23658
expires: Wed, 13 Dec 2023 14:03:45 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 158 KB
26 KB 105ms
30ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: rt16.omahide.com
URL: https://rt16.omahide.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rt16.omahide.com/
Origin: https://rt16.omahide.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 14:03:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 22846049
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26373
x-served-by: cache-fra-eddf8230063-FRA, cache-ewr18137-EWR
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
12 KB 207ms
135ms Stylesheet
text/css 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: rt16.omahide.com
URL: https://rt16.omahide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://rt16.omahide.com/
Origin: https://rt16.omahide.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:03:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmiTCA9Agz9uQuCK%2B4oKMPOPCXCAACZGUuT5F3T1dw4PZPhQMBi1NN9JGrv%2B3JvqM5JkIv5N9PzRhnqoWv1L9Q73FWnuk29XeOulCCGg8nmv5VAUt2ybIAOSoqT94mz3gAS8gluqKhdHTzlo6eoiibC2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831512fd3c111791-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 61 KB
16 KB 114ms
40ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.min.js

Requested by

Host: rt16.omahide.com
URL: https://rt16.omahide.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rt16.omahide.com/
Origin: https://rt16.omahide.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 14:03:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 22405729
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16588
x-served-by: cache-fra-eddf8230119-FRA, cache-ewr18137-EWR
x-jsd-version-type: version
etag: W/"f463-4yQGPI9GxrKUJ98VQvECatIw9gQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 107ms
33ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: rt16.omahide.com
URL: https://rt16.omahide.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rt16.omahide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 08:55:55 GMT

GET
H2 200 indemin.js Show response
rt16.omahide.com/js/ 3 KB
688 B 881ms
881ms Script
application/javascript 103.97.141.217
IDNIC-PTAMI-AS-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt16.omahide.com/js/indemin.js
Requested by: Host: rt16.omahide.com
URL: https://rt16.omahide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.97.141.217 , Indonesia, ASN136845 (IDNIC-PTAMI-AS-ID PT Apik Media Inovasi, ID),
Reverse DNS: mencadin.in-hell.com
Software: LiteSpeed /
Resource Hash: 7b5f0c34b7600c5f146a87604b4222ddb9dd11615dce683aea26769f2c710941

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rt16.omahide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:03:45 GMT
content-encoding: br
last-modified: Wed, 06 Dec 2023 09:14:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 615
expires: Wed, 13 Dec 2023 14:03:45 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 73 KB
73 KB 152ms
151ms Font
font/woff2 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://rt16.omahide.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:03:48 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "462806316fea535a6a57651bc2b000b0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4H5tBIqRTLm7fh7aGjWpsyZsIYOgGbaUxWQZpq%2FxaqLOtyG6J72yW92BmV5NU7jz%2FMI2r1Fr6J4UMgHXqMPQRFjG9OglXwAllQCQZ%2FybuBKvlpP8kquEhUtYr9%2FKlFlozHaVUytkcAbkbDEPr2kYEw6h"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8315130b88491791-EWR
alt-svc: h3=":443"; ma=86400
content-length: 74348

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| bootstrap function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rt16.omahide.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 09799b70f729a21618cb398b59b9bf69

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
rt16.omahide.com
use.fontawesome.com
103.97.141.217
2606:4700:e2::ac40:8d0d
2607:f8b0:4004:c07::5f
2a04:4e42:200::485
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
7b5f0c34b7600c5f146a87604b4222ddb9dd11615dce683aea26769f2c710941
7c0c52835489634d91f8a8b5f1bd4f65a2f9e3ee720a7fbe47881f495091b351
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
d916f59cc1bf2c97c260262a1ffce201836b89a28ee0ea1cea2881c51370aa4b
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72