urlscan.io logo urlscan.io
SecurityTrails logo

kiwi4dbiasa.lat Open in urlscan Pro
172.67.135.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto
Effective URL: https://kiwi4dbiasa.lat/?ref=vipuser
Submission Tags: @phish_report
Submission: On October 26 via api from FI — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 23 HTTP transactions. The main IP is 172.67.135.118, located in United States and belongs to CLOUDFLARENET, US. The main domain is kiwi4dbiasa.lat.
TLS certificate: Issued by WE1 on October 12th 2024. Valid for: 3 months.
This is the only time kiwi4dbiasa.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.143.81.162 47583 (AS-HOSTINGER)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 74.125.200.94 15169 (GOOGLE)
1 194.59.165.76 47583 (AS-HOSTINGER)
4 74.125.200.132 15169 (GOOGLE)
1 172.67.216.92 13335 (CLOUDFLAR...)
1 172.67.215.101 13335 (CLOUDFLAR...)
1 2606:4700:7::eb 13335 (CLOUDFLAR...)
5 172.67.135.118 13335 (CLOUDFLAR...)
23 11
1    45.143.81.162 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv144.niagahoster.com
kasirfarmasi.yanfizs.sch.id
2    2404:6800:4003:c00::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2404:6800:4003:c1a::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
1    194.59.165.76 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
www.koneksistudio.com
4    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
cdn.ampproject.org
1    172.67.216.92 (United States)

ASN13335 (CLOUDFLARENET, US)
www.svgrepo.com
1    172.67.215.101 (United States)

ASN13335 (CLOUDFLARENET, US)
www.zpa77.com
1    2606:4700:7::eb (United States)

ASN13335 (CLOUDFLARENET, US)
pub-1d0e494942a4484aaa172bfbe9598c91.r2.dev
5    172.67.135.118 (United States)

ASN13335 (CLOUDFLARENET, US)
kiwi4dbiasa.lat
Domain Requested by
6 cdn.ampproject.org kasirfarmasi.yanfizs.sch.id
cdn.ampproject.org
www.zpa77.com
5 kiwi4dbiasa.lat kiwi4dbiasa.lat
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com kasirfarmasi.yanfizs.sch.id
www.zpa77.com
1 pub-1d0e494942a4484aaa172bfbe9598c91.r2.dev www.zpa77.com
1 www.zpa77.com
1 www.svgrepo.com
1 www.koneksistudio.com kasirfarmasi.yanfizs.sch.id
1 kasirfarmasi.yanfizs.sch.id
0 itadoriyuji.xyz Failed kasirfarmasi.yanfizs.sch.id
www.zpa77.com
23 10

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
kasirfarmasi.yanfizs.sch.id
R11		 2024-09-06 -
2024-12-05		 3 months crt.sh
misc-sni.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
koneksistudio.com
R11		 2024-10-03 -
2025-01-01		 3 months crt.sh
svgrepo.com
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
zpa77.com
WE1		 2024-10-25 -
2025-01-23		 3 months crt.sh
*.r2.dev
E5		 2024-09-29 -
2024-12-28		 3 months crt.sh
kiwi4dbiasa.lat
WE1		 2024-10-12 -
2025-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kiwi4dbiasa.lat/?ref=vipuser
Frame ID: CE6978280830D928F6A440FFE9FB7270
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

  1. https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto Page URL
  2. https://www.zpa77.com/lompat/ Page URL
  3. https://kiwi4dbiasa.lat/?ref=vipuser Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

23
Requests

87 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

11
IPs

2
Countries

1175 kB
Transfer

1658 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto Page URL
  2. https://www.zpa77.com/lompat/ Page URL
  3. https://kiwi4dbiasa.lat/?ref=vipuser Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kasirfarmasi.yanfizs.sch.id/farmasi/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.143.81.162 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv144.niagahoster.com
Software
LiteSpeed / PHP/5.5.38
Resource Hash
302b0a1adec918e548252ed54a549d3eff734cfcb31b237414b2d9c04c2db2d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
2400
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Sat, 26 Oct 2024 21:12:17 GMT
platform
hostinger
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
PHP/5.5.38
x-xss-protection
1; mode=block
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: kasirfarmasi.yanfizs.sch.id
URL: https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b77daf37fab941ef88997626cfae15fefe296ab10e9d749cf72d5d20dbc844fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kasirfarmasi.yanfizs.sch.id/

Response headers

content-encoding
br
etag
"e817d4662ea197ba"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 21:12:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 21:12:17 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
73137
x-xss-protection
0
server
sffe
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: kasirfarmasi.yanfizs.sch.id
URL: https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da00841df0d93d7f9c5cca23c8311dea6ec98e5296fcc4113c6ebd673d91eebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kasirfarmasi.yanfizs.sch.id/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 21:12:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 21:12:17 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 26 Oct 2024 19:36:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
laku.gif
itadoriyuji.xyz/img/ 		0
0
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kasirfarmasi.yanfizs.sch.id
Referer
https://fonts.googleapis.com/

Response headers

age
266558
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 19:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 19:09:39 GMT
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39412
x-xss-protection
0
server
sffe
grayscale-D.jpg
www.koneksistudio.com/images/studio/ 		635 KB
636 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.koneksistudio.com/images/studio/grayscale-D.jpg
Requested by
Host: kasirfarmasi.yanfizs.sch.id
URL: https://kasirfarmasi.yanfizs.sch.id/farmasi/?obat=minitoto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.59.165.76 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
nginx /
Resource Hash
dfb243e45fe058d3b11a72a04cfc22caa0a075409069155d6b6d6d1d799af94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kasirfarmasi.yanfizs.sch.id/

Response headers

Cache-Control
max-age=315360000
ETag
"661f828b-9ecff"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
650495
Keep-Alive
timeout=60
Date
Sat, 26 Oct 2024 21:12:17 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 17 Apr 2024 08:04:27 GMT
Server
nginx
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012410081535000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410081535000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3fd5ae1e7324cb39a5d35b1658ab93015d275f2e61f1ffb243e64652ed054166
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kasirfarmasi.yanfizs.sch.id
Referer
https://kasirfarmasi.yanfizs.sch.id/

Response headers

content-encoding
br
etag
"2590f85b7fddcea6"
age
267861
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 18:47:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 18:47:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2976
x-xss-protection
0
server
sffe
amp-loader-0.1.js
cdn.ampproject.org/rtv/012410081535000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410081535000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3c66d924b749aa56a0f88866c51723b185df8cf2f65a1f703a7504fa0db32c84
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kasirfarmasi.yanfizs.sch.id
Referer
https://kasirfarmasi.yanfizs.sch.id/

Response headers

content-encoding
br
etag
"bdc0497b6c018b18"
age
266249
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 19:14:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 19:14:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3941
x-xss-protection
0
server
sffe
slots.svg
www.svgrepo.com/show/439322/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.svgrepo.com/show/439322/slots.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.216.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2072ebf0b1a0943c81a7d63777c17a323b13b5b74fdff956c0a970f60db39d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kasirfarmasi.yanfizs.sch.id/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"63bb6786-2319"
age
3147178
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUeU7etWFbwzJTf1MdCSPgwZSVCyjO6KwwZQRmlqk4tEtFaqOIYLvlj277VO6q3l51fA2NrJ9mcDrCsu%2FrPdtn5k7pieCXNMP82g6pRQWmkhici98pyN4hAAkIEDbs9W5BM%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 12 Sep 2024 14:47:59 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=41764&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3920&recv_bytes=2215&delivery_rate=93258&cwnd=252&unsent_bytes=0&cid=d3d149b42ef854f9&ts=58&x=0"
date
Sat, 26 Oct 2024 21:12:17 GMT
content-type
image/svg+xml
last-modified
Mon, 09 Jan 2023 01:01:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d8d7197cffe0506-HKG
server
cloudflare
x-vercel-id
iad1::kcvc6-1723560479146-84dea52b8fd9
/
www.zpa77.com/lompat/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zpa77.com/lompat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60decd2ef31761f76d2c96247407d92c76251f731a4ce951e0998226dfaddfc3

Request headers

Referer
https://kasirfarmasi.yanfizs.sch.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8d8d719da810dd5b-HKG
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 26 Oct 2024 21:12:19 GMT
expires
Sat, 26 Oct 2024 21:21:19 GMT
last-modified
Fri, 25 Oct 2024 18:13:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uA0vrf2DkGC8tx%2B3986RM2HLQLMI7m1jIKH2QMtGYre58JYjbVTtqeF9cqSvfEsdKutH2RDeTXw4Y8aYDaNGV8OJZV%2BnAyCvF1e74tHlneZ4trPmjgdvQJsFluRzTKdi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=42476&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4507&delivery_rate=406&cwnd=12000&unsent_bytes=0&cid=b5166ccf07a02f87&ts=384&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
0dc1c25ecc88f1f1ab0feb48940fbaae5ab706c5
x-github-request-id
6A4C:2E369:C37DA8:CBB8A0:671D5AF5
x-proxy-cache
MISS
x-served-by
cache-nrt-rjtf7700051-NRT
x-timer
S1729977139.909282,VS0,VE221
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.zpa77.com
URL: https://www.zpa77.com/lompat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b77daf37fab941ef88997626cfae15fefe296ab10e9d749cf72d5d20dbc844fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.zpa77.com/

Response headers

content-encoding
br
etag
"e817d4662ea197ba"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 21:12:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 21:12:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
73137
x-xss-protection
0
server
sffe
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: www.zpa77.com
URL: https://www.zpa77.com/lompat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da00841df0d93d7f9c5cca23c8311dea6ec98e5296fcc4113c6ebd673d91eebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.zpa77.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 21:12:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 21:12:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 26 Oct 2024 21:08:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
laku.gif
itadoriyuji.xyz/img/ 		0
0
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.zpa77.com
Referer
https://fonts.googleapis.com/

Response headers

age
266560
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 19:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 19:09:39 GMT
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39412
x-xss-protection
0
server
sffe
seo-bukan.png
pub-1d0e494942a4484aaa172bfbe9598c91.r2.dev/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-1d0e494942a4484aaa172bfbe9598c91.r2.dev/seo-bukan.png
Requested by
Host: www.zpa77.com
URL: https://www.zpa77.com/lompat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb5ec60d11d2427ab86f050a84ff034e31443b787b74efab647c6dcb433b8ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.zpa77.com/

Response headers

ETag
"406184335768eee0a4753c0ac1dd9c35"
Connection
keep-alive
CF-RAY
8d8d71a0ae9c01f6-SIN
Accept-Ranges
bytes
Content-Length
285579
Date
Sat, 26 Oct 2024 21:12:19 GMT
Content-Type
image/png
Last-Modified
Tue, 22 Oct 2024 22:34:28 GMT
Vary
Accept-Encoding
Server
cloudflare
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012410081535000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410081535000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3fd5ae1e7324cb39a5d35b1658ab93015d275f2e61f1ffb243e64652ed054166
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.zpa77.com
Referer
https://www.zpa77.com/

Response headers

content-encoding
br
etag
"2590f85b7fddcea6"
age
267863
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 18:47:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 18:47:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2976
x-xss-protection
0
server
sffe
amp-loader-0.1.js
cdn.ampproject.org/rtv/012410081535000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410081535000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3c66d924b749aa56a0f88866c51723b185df8cf2f65a1f703a7504fa0db32c84
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.zpa77.com
Referer
https://www.zpa77.com/

Response headers

content-encoding
br
etag
"bdc0497b6c018b18"
age
266251
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 19:14:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 19:14:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3941
x-xss-protection
0
server
sffe
Primary Request /
kiwi4dbiasa.lat/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kiwi4dbiasa.lat/?ref=vipuser
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa066759ce83aa65eea1be6fa7306866e75ecae580022b711436e894bb8559c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.zpa77.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=15
cf-ray
8d8d71a1de1be69a-HKG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 26 Oct 2024 21:12:19 GMT
expires
Sat, 26 Oct 2024 21:12:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSxesZQqeQiEnRR%2By4F%2FCrraM5WjZTCtNPkh62rIombzj81GFD7a%2FVBh0iOCS2TIKGXzIWpkDdW3krISSKy5vXkMjU9Z0JHJIRIWz4%2BppvidiMAyy9i%2Bo4wuQb%2BJzCZplMY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=42822&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4132&recv_bytes=4372&delivery_rate=74290&cwnd=12000&unsent_bytes=0&cid=9c2904c6990c2bb9&ts=57&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
slots.svg
www.svgrepo.com/show/439322/ 		0
0
cf.errors.css
kiwi4dbiasa.lat/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kiwi4dbiasa.lat/cdn-cgi/styles/cf.errors.css
Requested by
Host: kiwi4dbiasa.lat
URL: https://kiwi4dbiasa.lat/?ref=vipuser
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kiwi4dbiasa.lat/?ref=vipuser

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"67180f5f-5df3"
x-content-type-options
nosniff
cf-ray
8d8d71a23e84e69a-HKG
expires
Sat, 26 Oct 2024 23:12:19 GMT
date
Sat, 26 Oct 2024 21:12:19 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
browser-bar.png
kiwi4dbiasa.lat/cdn-cgi/images/ 		715 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kiwi4dbiasa.lat/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: kiwi4dbiasa.lat
URL: https://kiwi4dbiasa.lat/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kiwi4dbiasa.lat/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67180f5f-2cb"
x-content-type-options
nosniff
cf-ray
8d8d71a29ed0e69a-HKG
expires
Sat, 26 Oct 2024 23:12:19 GMT
accept-ranges
bytes
content-length
715
date
Sat, 26 Oct 2024 21:12:19 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
cf-no-screenshot-error.png
kiwi4dbiasa.lat/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kiwi4dbiasa.lat/cdn-cgi/images/cf-no-screenshot-error.png
Requested by
Host: kiwi4dbiasa.lat
URL: https://kiwi4dbiasa.lat/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kiwi4dbiasa.lat/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67180f5f-c8d"
x-content-type-options
nosniff
cf-ray
8d8d71a29ed1e69a-HKG
expires
Sat, 26 Oct 2024 23:12:19 GMT
accept-ranges
bytes
content-length
3213
date
Sat, 26 Oct 2024 21:12:19 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
kiwi4dbiasa.lat/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kiwi4dbiasa.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5884148a45eabdef501a3774d6a34f5db2079e1b3e2a3219acc9dd349503c3e2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kiwi4dbiasa.lat/?ref=vipuser

Response headers

cache-control
max-age=15
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8LvvTzh4bWPuZsoOovLUHzd%2BXfssAGUDtYbwft3rw0wVEijU%2Bha%2F67KOYdMxFROYdIwS9sGfigtacEjKWmX0gecXYpnyrTtOmPm0wrnKy1i%2Ff%2BALtiCRZ2BvRLSCCFEf8U%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8d8d71a2ef08e69a-HKG
expires
Sat, 26 Oct 2024 21:12:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47580&sent=24&recv=18&lost=0&retrans=0&sent_bytes=15744&recv_bytes=6115&delivery_rate=100895&cwnd=12000&unsent_bytes=0&cid=9c2904c6990c2bb9&ts=218&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 21:12:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
itadoriyuji.xyz
URL
https://itadoriyuji.xyz/img/laku.gif
Domain
itadoriyuji.xyz
URL
https://itadoriyuji.xyz/img/laku.gif
Domain
www.svgrepo.com
URL
https://www.svgrepo.com/show/439322/slots.svg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_translation

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://kiwi4dbiasa.lat/?ref=vipuser
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://kiwi4dbiasa.lat/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
itadoriyuji.xyz
kasirfarmasi.yanfizs.sch.id
kiwi4dbiasa.lat
pub-1d0e494942a4484aaa172bfbe9598c91.r2.dev
www.koneksistudio.com
www.svgrepo.com
www.zpa77.com
itadoriyuji.xyz
www.svgrepo.com
172.67.135.118
172.67.215.101
172.67.216.92
194.59.165.76
2404:6800:4003:c00::84
2404:6800:4003:c1a::5f
2606:4700:7::eb
45.143.81.162
74.125.200.132
74.125.200.94
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
302b0a1adec918e548252ed54a549d3eff734cfcb31b237414b2d9c04c2db2d3
3c66d924b749aa56a0f88866c51723b185df8cf2f65a1f703a7504fa0db32c84
3fd5ae1e7324cb39a5d35b1658ab93015d275f2e61f1ffb243e64652ed054166
5884148a45eabdef501a3774d6a34f5db2079e1b3e2a3219acc9dd349503c3e2
60decd2ef31761f76d2c96247407d92c76251f731a4ce951e0998226dfaddfc3
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9bb5ec60d11d2427ab86f050a84ff034e31443b787b74efab647c6dcb433b8ea
b77daf37fab941ef88997626cfae15fefe296ab10e9d749cf72d5d20dbc844fc
da00841df0d93d7f9c5cca23c8311dea6ec98e5296fcc4113c6ebd673d91eebd
dfb243e45fe058d3b11a72a04cfc22caa0a075409069155d6b6d6d1d799af94f
efa066759ce83aa65eea1be6fa7306866e75ecae580022b711436e894bb8559c
f2072ebf0b1a0943c81a7d63777c17a323b13b5b74fdff956c0a970f60db39d5