urlscan.io logo urlscan.io
SecurityTrails logo

keziaschool.com Open in urlscan Pro
103.131.51.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Submission: On December 14 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 103.131.51.10, located in Indonesia and belongs to IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID. The main domain is keziaschool.com.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.
This is the only time keziaschool.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.131.51.10 131775 (IDNIC-JAL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.3 2635 (AUTOMATTIC)
1 15.197.192.55 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 6
2    103.131.51.10 (Indonesia)

ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID)
PTR: starscreamserver.hosterserver.com
keziaschool.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
64.media.tumblr.com
1    15.197.192.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: a2ce49dcbfb515232.awsglobalaccelerator.com
roseberrystore.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
2 keziaschool.com
keziaschool.com
3 KB
1 gstatic.com
fonts.gstatic.com
8 KB
1 roseberrystore.com
roseberrystore.com
1 tumblr.com
64.media.tumblr.com — Cisco Umbrella Rank: 13676
505 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
850 B
6 5
Domain Requested by
2 keziaschool.com keziaschool.com
1 fonts.gstatic.com fonts.googleapis.com
1 roseberrystore.com keziaschool.com
1 64.media.tumblr.com keziaschool.com
1 fonts.googleapis.com keziaschool.com
6 5

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
keziaschool.com
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.media.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-29 -
2024-01-29		 a year crt.sh
roseberrystore.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2024-12-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Frame ID: 7864263AC8FF44F248A0F4F386E288F6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ҳ̸Ҳ̸ҳ GARUDA SUSPEND COMMISION ҳ̸Ҳ̸ҳ

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

6
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

516 kB
Transfer

517 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bossupdate
keziaschool.com/wp/wp-content/uploads/2023/files/ 		2 KB
1015 B 		Document
General
Check archive.org
Download Go to
Full URL
https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.51.10 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
starscreamserver.hosterserver.com
Software
LiteSpeed /
Resource Hash
e24d778e68d14552f8500546cf3bf9caf9b0c7b6c0c84c7c81052d8bcb2c17e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
771
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 14:27:38 GMT
server
LiteSpeed
vary
Accept-Encoding
css
fonts.googleapis.com/ 		1 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Teko
Requested by
Host: keziaschool.com
URL: https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0945ca1b149f2236f3274672b458899b8a537b0522edb662e30c721ed0294335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keziaschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 14:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 14:11:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 14:27:40 GMT
tumblr_m5lrfdahZA1qi0remo1_500.gif
64.media.tumblr.com/ 		504 KB
505 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/tumblr_m5lrfdahZA1qi0remo1_500.gif
Requested by
Host: keziaschool.com
URL: https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1b053a1ebfa4880687383b9111a8c4e02dbecccd14968cd9d53dfd3f77560ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keziaschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 14:27:40 GMT
strict-transport-security
max-age=31536000; preload
content-disposition
inline; filename="tumblr_m5lrfdahZA1qi0remo1_500.gif"
server-timing
dc;desc=hhn, cache;desc=HIT;dur=0.0
alt-svc
h3=":443"; ma=86400
content-length
515776
x-nc
HIT hhn 3
last-modified
Tue, 17 Apr 2018 04:00:00 GMT
server
nginx
etag
"0c7d2fcef6df1037ee5b8fefdd75f8d6-1523937600-d1d4451"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
email-decode.min.js
roseberrystore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roseberrystore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: keziaschool.com
URL: https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
15.197.192.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2ce49dcbfb515232.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keziaschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2
fonts.gstatic.com/s/teko/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/teko/v20/LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Teko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
064e4592bfa4dfda87fd9808ee81f704c1f7bab179ba6558de6853d8854e4f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://keziaschool.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:28:37 GMT
x-content-type-options
nosniff
age
237543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7780
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:55:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 20:28:37 GMT
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
depes.mp3
keziaschool.com/ 		2 KB
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://keziaschool.com/depes.mp3
Requested by
Host: keziaschool.com
URL: https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.51.10 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
starscreamserver.hosterserver.com
Software
LiteSpeed /
Resource Hash
e24d778e68d14552f8500546cf3bf9caf9b0c7b6c0c84c7c81052d8bcb2c17e2

Request headers

Referer
https://keziaschool.com/wp/wp-content/uploads/2023/files/bossupdate
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 14:27:39 GMT
server
LiteSpeed
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies