urlscan.io logo urlscan.io
SecurityTrails logo

5.189.180.149 Open in urlscan Pro
5.189.180.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.snakeyaml.org/
Effective URL: http://5.189.180.149/
Submission Tags: falconsandbox
Submission: On October 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 15 domains to perform 41 HTTP transactions. The main IP is 5.189.180.149, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is 5.189.180.149.
This is the only time 5.189.180.149 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.214.140.37 14618 (AMAZON-AES)
1 1 44.230.85.241 16509 (AMAZON-02)
11 5.189.180.149 51167 (CONTABO)
1 172.217.16.138 15169 (GOOGLE)
5 142.250.186.161 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
2 3 158.69.139.238 16276 (OVH)
2 51.161.15.92 16276 (OVH)
1 13.225.82.4 16509 (AMAZON-02)
1 52.57.227.81 16509 (AMAZON-02)
1 104.18.29.199 13335 (CLOUDFLAR...)
1 13.225.82.5 16509 (AMAZON-02)
7 67.202.105.34 32748 (STEADFAST)
1 13.225.82.57 16509 (AMAZON-02)
1 45.55.96.63 14061 (DIGITALOC...)
2 3 54.194.226.253 16509 (AMAZON-02)
2 104.111.215.191 16625 (AKAMAI-AS)
4 4 51.222.80.231 16276 (OVH)
2 2 13.248.242.197 16509 (AMAZON-02)
1 208.100.17.181 32748 (STEADFAST)
41 19
1    18.214.140.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-140-37.compute-1.amazonaws.com
www.snakeyaml.org
1    44.230.85.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
langkahcurang.link
11    5.189.180.149 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi683598.contaboserver.net
5.189.180.149
1    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
5    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
blogger.googleusercontent.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    198.27.80.143 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
3    158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net
e.dtscout.com
2    51.161.15.92 (France)

ASN16276 (OVH, FR)
PTR: ns570935.ip-51-161-15.net
t.dtscout.com
1    13.225.82.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-4.fra2.r.cloudfront.net
get.s-onetag.com
1    52.57.227.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-227-81.eu-central-1.compute.amazonaws.com
pd.sharethis.com
1    104.18.29.199 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    13.225.82.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-5.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
7    67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
1    13.225.82.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-57.fra2.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
1    45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
3    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    104.111.215.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    51.222.80.231 (France)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    13.248.242.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net
de.tynt.com
Domain Requested by
7 ic.tynt.com 5.189.180.149
5 blogger.googleusercontent.com 5.189.180.149
4 pixel.onaudience.com 4 redirects
3 e.dtscout.com 2 redirects 5.189.180.149
2 match.adsrvr.org 2 redirects
2 tags.bluekai.com 5.189.180.149
2 bcp.crwdcntrl.net 1 redirects 5.189.180.149
2 t.dtscout.com e.dtscout.com
2 s10.histats.com 5.189.180.149
s10.histats.com
1 de.tynt.com cdn.tynt.com
1 sync.crwdcntrl.net 1 redirects
1 t.dtscdn.com e.dtscout.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.tynt.com e.dtscout.com
1 pd.sharethis.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 s4.histats.com s10.histats.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 5.189.180.149
1 langkahcurang.link 1 redirects
1 www.snakeyaml.org 1 redirects
41 22

This site contains links to these domains. Also see Links.

Domain
173.212.213.236
139.177.190.228
103.3.62.153
5.189.188.176
www.histats.com
ronangelo.com
Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-03		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sharethis.com
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-10-18 -
2022-04-26		 6 months crt.sh

This page contains 2 frames:

Primary Page: http://5.189.180.149/
Frame ID: 78834D671DF5292E15BDC583F5448724
Requests: 41 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=1040163491810891192BF4157FABF799
Frame ID: E1F3AC7122AE4B87ADEABF415A26C01C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

langkah curang kumpulan situs judi online bola casino togel slot terpercaya

Page URL History Show full URLs

  1. http://www.snakeyaml.org/ HTTP 302
    https://langkahcurang.link/ HTTP 307
    http://5.189.180.149/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

66 %
HTTPS

0 %
IPv6

15
Domains

22
Subdomains

19
IPs

6
Countries

3849 kB
Transfer

4095 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.snakeyaml.org/ HTTP 302
    https://langkahcurang.link/ HTTP 307
    http://5.189.180.149/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j= HTTP 307
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j= HTTP 301
  • https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Request Chain 31
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=1040163491810891192BF4157FABF799 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=1040163491810891192BF4157FABF799
Request Chain 33
  • https://pixel.onaudience.com/?partner=137085098&mapped=1040163491810891192BF4157FABF799 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=58ab986b-0f4c-49b3-b1ef-d6a0152772ce&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1cebb388ab44bbeedc790989b424c7ae HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=b8aa7f97de529ea7

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
5.189.180.149/
Redirect Chain
  • http://www.snakeyaml.org/
  • https://langkahcurang.link/
  • http://5.189.180.149/
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b2625dbd1997fdb17ac6659e8595252b66117f422e9d69d1814fe15801066dae

Request headers

Host
5.189.180.149
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 22 Oct 2021 15:55:06 GMT
Server
Apache/2.4.41 (Ubuntu)
X-Pingback
http://5.189.180.149/xmlrpc.php
Link
<http://5.189.180.149/wp-json/>; rel="https://api.w.org/" <http://5.189.180.149/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <http://5.189.180.149/>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8942
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

server
openresty
date
Fri, 22 Oct 2021 15:55:06 GMT
content-type
text/html; charset=utf-8
content-length
168
location
http://5.189.180.149/
x-frame-options
sameorigin
style.min.css
5.189.180.149/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Sep 2021 04:05:58 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"13abe-5cae72efad580-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10523
css
fonts.googleapis.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.8.1
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
09a2eb7d3cdb37351bb71e80bf35973cecfa715703491d82e04c81fc9948e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 22 Oct 2021 15:55:07 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
Expires
Fri, 22 Oct 2021 15:55:07 GMT
genericons.css
5.189.180.149/wp-content/themes/frontier/includes/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 11:33:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6e71-5cd34cf22f749-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
16451
style.css
5.189.180.149/wp-content/themes/frontier/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-content/themes/frontier/style.css?ver=1.3.3
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
07fcb347186015e65edbd8fe1d3bba488e383769e063dc16907cfe8cef0c13bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 11:33:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"65db-5cd34cf22f749-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6178
responsive.css
5.189.180.149/wp-content/themes/frontier/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-content/themes/frontier/responsive.css?ver=1.3.3
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 11:33:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d3c-5cd34cf2306e9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
834
jquery.min.js
5.189.180.149/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 15:07:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"15db1-5bd3006388300-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30908
jquery-migrate.min.js
5.189.180.149/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2bd8-5b45debe27b80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4169
langkahcurang.jpg
5.189.180.149/wp-content/uploads/2021/10/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://5.189.180.149/wp-content/uploads/2021/10/langkahcurang.jpg
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
02cbd46fea44018b65ee7dd5fc627186dcf398e4d038f03c098920536b5c091f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Last-Modified
Fri, 01 Oct 2021 13:02:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2e228-5cd4a2be3a15a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
188968
AVvXsEiQuTdMoohR38PNQ1PWrYKDvBYsKwhMyUhxy-NGZNiERvEtEjCvLSDiGC0TYp4_4CcJ7j7I8FiYmzhsKHygLN6b9Kvyc7g_yDZJc_lVYtXJk7JAPQgfyiPbGIbdX_TxNwHaucwGmo2M-BawfUpEbTKWOeRpZJhn35__IJ7M3gcd09tQQoEf4WLcExArEg=s729
blogger.googleusercontent.com/img/a/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiQuTdMoohR38PNQ1PWrYKDvBYsKwhMyUhxy-NGZNiERvEtEjCvLSDiGC0TYp4_4CcJ7j7I8FiYmzhsKHygLN6b9Kvyc7g_yDZJc_lVYtXJk7JAPQgfyiPbGIbdX_TxNwHaucwGmo2M-BawfUpEbTKWOeRpZJhn35__IJ7M3gcd09tQQoEf4WLcExArEg=s729
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
2bfec032ad59ce6b0fad5d30b7dca33cb571eb59d02da78a053f9253d32caf01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v6"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="judiwin 792x180.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1958911
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:55:08 GMT
AVvXsEhAeFmYa_Hd2ou94aV-kXO0DNSLUyT4ARV-rqf4EgkUx3-bosgA0f0HG59B_y8PfCvmVVb1U-cTyHzMMFKp8mRg-DTgToeqX1m7J6v2ERzL93VukcisZh_OOi-yZnFLcdHfleyfjSiP_u9X96B2iZ01PgCA3vyejeG9x162M73nE8hWhWxyaHHyEokHfA=s729
blogger.googleusercontent.com/img/a/ 		481 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhAeFmYa_Hd2ou94aV-kXO0DNSLUyT4ARV-rqf4EgkUx3-bosgA0f0HG59B_y8PfCvmVVb1U-cTyHzMMFKp8mRg-DTgToeqX1m7J6v2ERzL93VukcisZh_OOi-yZnFLcdHfleyfjSiP_u9X96B2iZ01PgCA3vyejeG9x162M73nE8hWhWxyaHHyEokHfA=s729
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
3fce94e0edc105d04a06cbd115090202b9f102904b07fe7f323ae12827f6bf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v5"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="judi7m-rev.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
492578
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:55:08 GMT
AVvXsEgDewnxYOEHZu94zu1Q9PV1m_VF4Zw5EJUuSCXCmXPvwpdGNX_tQO4ppMUV3XOZcIHxPCpEvYKlJjd5X72yNksBYio2wac78ZduxokIZ2CxpZDVyDslFTjt7WC_zFAz7orN6po-2wNmXKrLQySei5bqfchX6qVqmbKh1my7L3YDNwZ-jB2LMruR8pcwVA=s729
blogger.googleusercontent.com/img/a/ 		956 KB
956 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgDewnxYOEHZu94zu1Q9PV1m_VF4Zw5EJUuSCXCmXPvwpdGNX_tQO4ppMUV3XOZcIHxPCpEvYKlJjd5X72yNksBYio2wac78ZduxokIZ2CxpZDVyDslFTjt7WC_zFAz7orN6po-2wNmXKrLQySei5bqfchX6qVqmbKh1my7L3YDNwZ-jB2LMruR8pcwVA=s729
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
e4e2e6ed774c91c0d0ebd8f4599faa1f971159839d9ec41b7349c2c57bb99296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v8"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="BolaLVBanner brama.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
978481
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:55:08 GMT
AVvXsEhn_ncXFfS3ZCi4VUVJZuHfiQgAUekMay_-AyFCKmHKBadDn5rpsMxHwQIlI025KJdM1Kxxb1LxuOTdeyH2uysqfu4Ebv_Nyfr1WTFkr0UMzlofzNPojfXr-BaaRjfwOqW66fbrvawir8CARECrnREC-yh1wgk_BE_GvkqP4B0X0t3V-lEuEJR3nDTf9g=s729
blogger.googleusercontent.com/img/a/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhn_ncXFfS3ZCi4VUVJZuHfiQgAUekMay_-AyFCKmHKBadDn5rpsMxHwQIlI025KJdM1Kxxb1LxuOTdeyH2uysqfu4Ebv_Nyfr1WTFkr0UMzlofzNPojfXr-BaaRjfwOqW66fbrvawir8CARECrnREC-yh1wgk_BE_GvkqP4B0X0t3V-lEuEJR3nDTf9g=s729
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
fff4a7fa917f78c2b64659a3cb1b9bb1e6a0984913068448824141724dd6ecd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v12"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasangiklan-jumbo.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
105580
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:55:08 GMT
AVvXsEgVDll9reSStmAQMDpntGU3s6Ya9ot0xiDt3qZD7beUDW9gu92-Nf7JYgKGNQti77_fGALMAHNeiUA5e1Vpz8Y7bykpdAuPNLXR4bwQrNAiuPwsjD7yZsC6gkHtiXYzq_LH8xB4evYlnJq9x8Su4Wv5mqR5-gNzSKwJQbJinx5dG6cJZ1a2H-1ZxyuS8g=s729
blogger.googleusercontent.com/img/a/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgVDll9reSStmAQMDpntGU3s6Ya9ot0xiDt3qZD7beUDW9gu92-Nf7JYgKGNQti77_fGALMAHNeiUA5e1Vpz8Y7bykpdAuPNLXR4bwQrNAiuPwsjD7yZsC6gkHtiXYzq_LH8xB4evYlnJq9x8Su4Wv5mqR5-gNzSKwJQbJinx5dG6cJZ1a2H-1ZxyuS8g=s729
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
a7a3027462f45d6730032907512a830260552fa56b580b77f0e074115177f6b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v11"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasangiklan.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60377
x-xss-protection
0
expires
Sat, 23 Oct 2021 15:55:08 GMT
wp-embed.min.js
5.189.180.149/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"592-5b83cfce57d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
765
wp-emoji-release.min.js
5.189.180.149/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://5.189.180.149/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 22:15:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4705-5c4487ddedc00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4930
honeycomb.png
5.189.180.149/wp-content/themes/frontier/images/ 		265 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://5.189.180.149/wp-content/themes/frontier/images/honeycomb.png
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
5.189.180.149 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi683598.contaboserver.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://5.189.180.149/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Last-Modified
Thu, 30 Sep 2021 11:33:00 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"109-5cd34cf2306e9"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
265
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.8.1
Protocol
HTTP/1.1
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://5.189.180.149
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:46:01 GMT
X-Content-Type-Options
nosniff
Age
61746
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15720
X-XSS-Protection
0
Last-Modified
Tue, 15 Sep 2020 18:08:56 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Fri, 21 Oct 2022 22:46:01 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:46:44 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
42305
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D8837273:EAD6_2E69C9F0:0050_6172DEDB_48910:17D5B
content-length
4547
x-request-id
289211025
4592251.php
s4.histats.com/stats/ 		418 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4592251.php?4592251&@f16&@g1&@h1&@i1&@j1634918107445&@k0&@l1&@mlangkah%20curang%20kumpulan%20situs%20judi%20online%20bola%20casino%20togel%20slot%20terpercaya&@n0&@o1000&@q0&@r0&@s403&@ten-US&@u1600&@b1:-122080511&@b3:1634918107&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F5.189.180.149%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
060ed24c8cd37dc89ef7745b92b35812767ebb3bba5b6e147ec4e15ae67c3211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:07 GMT
Connection
close
Content-Length
418
Content-Type
text/html;charset=UTF-8
cc_403.js
s10.histats.com/counters/ 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_403.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
caa34157b3d306f1b1e71f2a55223269a813d6f01e4544986b5fe97dfff81a0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:53:10 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"942182747"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
12230
x-request-id
727089764
/
e.dtscout.com/e/
Redirect Chain
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
  • http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
  • https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8feda2e65de7c55fb0ac7340fac2da819a4937cee42383118b86acaa886a2fdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:08 GMT
X-T
0.86
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Fri, 22 Oct 2021 15:55:07 GMT

Redirect headers

Location
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Date
Fri, 22 Oct 2021 15:55:08 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
194
Content-Type
text/html
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e43ec00c2d568f74f0d3899120fbcd2bfef783272507e1125bef9d5078bcf859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
t.dtscout.com/idg/ Frame E1F3 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=1040163491810891192BF4157FABF799
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 , France, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1de4d0641c95bad7bb5174f527c0d05ae01fca0ca3b6276cb1da60928424b8a2

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://5.189.180.149/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1634918108; l=1040163491810891192BF4157FABF799
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 22 Oct 2021 15:55:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Fri, 22 Oct 2021 15:55:07 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.82.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-82-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
40679
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 22 Oct 2021 04:37:10 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Uh-KnrpSfPP01jFWE7kOSdzrKXa2a39IQRyyUR6bFTs99gJ_ucZeJA==
dtscout
pd.sharethis.com/pd/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.227.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-227-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 22 Oct 2021 15:55:08 GMT
afwu.js
cdn.tynt.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:51 GMT
server
cloudflare
age
125505
etag
W/"6129520b-288b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a23e8828e7d4107-PRG
expires
Mon, 25 Oct 2021 15:55:08 GMT
/
t.dtscout.com/pv/ 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=5.189.180.149&_ss=38o1iuhj5j&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=20r8&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.92 , France, ASN16276 (OVH, FR),
Reverse DNS
ns570935.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f407d6f78a6c223df9be773fe627e8f3723a6d04dbcb515b06b1cfac123904e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:08 GMT
X-T
0.226
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Fri, 22 Oct 2021 15:55:07 GMT
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.82.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-82-5.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront), 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA2-C2
x-amzn-requestid
43d7fcef-f1d6-444f-8a5e-933a466d0938
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
HnfCgEDJiYcF10w=
content-length
555
x-amz-cf-id
AH2txc843e7nQFFeU7fphVv0bJHiZCBO8GGb4TfpqPEoEZzTdjqOPg==
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0&t=langkah%20curang%20kumpulan%20situs%20judi%20online%20bola%20casino%20togel%20slot%20terpercaya&cu=http%3A%2F%2F5.189.180.149%2F
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
828 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.82.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-82-57.fra2.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
content-encoding
gzip
server
restify
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding,origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
http://5.189.180.149
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-id
XVDDRAbJFNyKQr5TvOi7nhQ4rau7SuaE9KDNVfFM_km5SPySn881Mg==
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
/
t.dtscdn.com/widget/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=1040163491810891192BF4157FABF799&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2F5.189.180.149%2F&r=
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F5.189.180.149%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:58:42 GMT
X-T
1.26
x-server
web15.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Fri, 22 Oct 2021 15:58:41 GMT
tpid=1040163491810891192BF4157FABF799
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=1040163491810891192BF4157FABF799
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=1040163491810891192BF4157FABF799
49 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=1040163491810891192BF4157FABF799
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 15:55:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.110
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Oct 2021 15:55:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=1040163491810891192BF4157FABF799
cache-control
no-cache
x-server
10.45.28.159
content-length
0
expires
0
27675
tags.bluekai.com/site/ 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=1040163491810891192BF4157FABF799&ret=html&phint=__bk_t%3Dlangkah%20curang%20kumpulan%20situs%20judi%20online%20bola%20casino%20togel%20slot%20terpercaya&phint=__bk_l%3Dhttp%3A%2F%2F5.189.180.149%2F&r=80335473
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:09 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
633e
Content-Type
image/gif
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=1040163491810891192BF4157FABF799
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=58ab986b-0f4c-49b3-b1ef-d6a0152772ce&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1cebb388ab44bbeedc790989b424c7ae
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=b8aa7f97de529ea7
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=b8aa7f97de529ea7
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 15:55:09 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=b8aa7f97de529ea7
content-length
0
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 23 Oct 2021 15:55:09 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0&t=langkah%20curang%20kumpulan%20situs%20judi%20online%20bola%20casino%20togel%20slot%20terpercaya&cu=http%3A%2F%2F5.189.180.149%2F
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:08 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0&t=langkah%20curang%20kumpulan%20situs%20judi%20online%20bola%20casino%20togel%20slot%20terpercaya
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:09 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:09 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:09 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:09 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1634918108406&dn=AFWU&iso=0
Requested by
Host: 5.189.180.149
URL: http://5.189.180.149/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://5.189.180.149/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 15:55:09 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| _Hasync object| wp object| twemoji function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_403_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_403 function| histats_canvascounters_base.js object| a object| cv object| Tynt object| _dtspv object| __connect object| _33Across function| __uspapi number| char

25 Cookies

Domain/Path Name / Value
5.189.180.149/ Name: HstCfa4592251
Value: 1634918107445
5.189.180.149/ Name: HstCla4592251
Value: 1634918107445
5.189.180.149/ Name: HstCmu4592251
Value: 1634918107445
5.189.180.149/ Name: HstPn4592251
Value: 1
5.189.180.149/ Name: HstPt4592251
Value: 1
5.189.180.149/ Name: HstCnv4592251
Value: 1
5.189.180.149/ Name: HstCns4592251
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1634918108
.dtscout.com/ Name: l
Value: 1040163491810891192BF4157FABF799
5.189.180.149/ Name: __dtsu
Value: 1040163491810891192BF4157FABF799
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 1cebb388ab44bbeedc790989b424c7ae
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMExOTUoytrBITDIxSUpKTU1JNrc0sLSwTDIxMkk2T0xlAILEont3QDQUAAB9wAw0"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBILLp3B0hBAQAfBgKO"
.onaudience.com/ Name: cookie
Value: 792b4854a5dfc4db
.onaudience.com/ Name: done_redirects147
Value: 1
.dtscdn.com/ Name: uid
Value: 1040163491810891192BF4157FABF799
.adsrvr.org/ Name: TDID
Value: 58ab986b-0f4c-49b3-b1ef-d6a0152772ce
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiyicTj4d-KOhAFOAE.
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects109
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
blogger.googleusercontent.com
cdn.tynt.com
de.tynt.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
ic.tynt.com
langkahcurang.link
match.adsrvr.org
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel.onaudience.com
s10.histats.com
s4.histats.com
sync.crwdcntrl.net
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
www.snakeyaml.org
104.111.215.191
104.18.29.199
13.225.82.4
13.225.82.5
13.225.82.57
13.248.242.197
142.250.185.99
142.250.186.161
158.69.139.238
172.217.16.138
18.214.140.37
198.27.80.143
208.100.17.181
44.230.85.241
45.55.96.63
46.105.201.240
5.189.180.149
51.161.15.92
51.222.80.231
52.57.227.81
54.194.226.253
67.202.105.34
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02cbd46fea44018b65ee7dd5fc627186dcf398e4d038f03c098920536b5c091f
060ed24c8cd37dc89ef7745b92b35812767ebb3bba5b6e147ec4e15ae67c3211
07fcb347186015e65edbd8fe1d3bba488e383769e063dc16907cfe8cef0c13bf
09a2eb7d3cdb37351bb71e80bf35973cecfa715703491d82e04c81fc9948e5bd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
1de4d0641c95bad7bb5174f527c0d05ae01fca0ca3b6276cb1da60928424b8a2
2bfec032ad59ce6b0fad5d30b7dca33cb571eb59d02da78a053f9253d32caf01
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3fce94e0edc105d04a06cbd115090202b9f102904b07fe7f323ae12827f6bf20
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
8feda2e65de7c55fb0ac7340fac2da819a4937cee42383118b86acaa886a2fdd
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
a7a3027462f45d6730032907512a830260552fa56b580b77f0e074115177f6b5
b2625dbd1997fdb17ac6659e8595252b66117f422e9d69d1814fe15801066dae
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
caa34157b3d306f1b1e71f2a55223269a813d6f01e4544986b5fe97dfff81a0b
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43ec00c2d568f74f0d3899120fbcd2bfef783272507e1125bef9d5078bcf859
e4e2e6ed774c91c0d0ebd8f4599faa1f971159839d9ec41b7349c2c57bb99296
f407d6f78a6c223df9be773fe627e8f3723a6d04dbcb515b06b1cfac123904e2
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
fff4a7fa917f78c2b64659a3cb1b9bb1e6a0984913068448824141724dd6ecd5