gzfzrxtaud.htsp.my.id Open in urlscan Pro
172.67.214.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gzfzrxtaud.htsp.my.id/
Submission: On April 30 via automatic, source openphish (April 30th 2024, 1:06:05 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 172.67.214.249, located in United States and belongs to CLOUDFLARENET, US. The main domain is gzfzrxtaud.htsp.my.id.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.

This is the only time gzfzrxtaud.htsp.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	172.67.214.249 172.67.214.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	162.19.88.68 162.19.88.68	16276 (OVH) (OVH)
2	172.67.189.18 172.67.189.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	4

6 172.67.214.249 (United States)

ASN13335 (CLOUDFLARENET, US)

gzfzrxtaud.htsp.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.19.88.68 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.189.18 (United States)

ASN13335 (CLOUDFLARENET, US)

bagasarya.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	postimg.cc 2 redirects i.postimg.cc — Cisco Umbrella Rank: 18584	882 KB
6	htsp.my.id gzfzrxtaud.htsp.my.id	41 KB
2	bagasarya.xyz bagasarya.xyz — Cisco Umbrella Rank: 552182	41 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
16	4

	Domain	Requested by
9	i.postimg.cc	2 redirects gzfzrxtaud.htsp.my.id
6	gzfzrxtaud.htsp.my.id	gzfzrxtaud.htsp.my.id
2	bagasarya.xyz	gzfzrxtaud.htsp.my.id
1	cdnjs.cloudflare.com	gzfzrxtaud.htsp.my.id
16	4

This site contains no links.

Subject Issuer	Validity	Valid
htsp.my.id E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
postimg.cc R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
bagasarya.xyz GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gzfzrxtaud.htsp.my.id/
Frame ID: EE4DCFA933942119F1542189BA9F4C0E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whatsapp

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

968 kB
Transfer

1071 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://i.postimg.cc/cJz4TY0r/IMG-20230417-085435.jpgXzA3OTk1MzQuanBn.jpg HTTP 301
https://i.postimg.cc/cJz4TY0r/IMG-20230417-085435.jpg

Request Chain 5

https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpgXzAyNDkyMjMuanBn.jpg HTTP 301
https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
gzfzrxtaud.htsp.my.id/ 24 KB
4 KB 78ms
52ms Document
text/html 172.67.214.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787e1de80a59190b59c0d96e6a6243d2e750f24390c85bd6c878dfed506fecc4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87c7bf1f4e483631-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 13:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pI%2BU%2FgFWt8QFP4ohZS34Q92lX43kuk04LaXfZjAaoCQAPVnBlmE0%2BJRT9qHh5bJ%2FZoG2FWLEPsHHb2FMRs2EY8UIAaFBX%2FrX5soG8mVWx4ZJ8ic82CWxDSYATXoaiHgyE7BvWJkCjEA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H3 200 style.css
gzfzrxtaud.htsp.my.id/bagas/css/ 2 KB
1 KB 21ms
20ms Stylesheet
text/css 172.67.214.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzfzrxtaud.htsp.my.id/bagas/css/style.css
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63522559221cb1217733189ab984dfaa362299c4d4c81eedc494a0306b65f6f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Apr 2023 17:32:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24356
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FACEKgQKze1mkp0mZ2HojjV%2B26zdoI9xGnExIjJeXZfTNsbIW9ABpS7nfj36w7JhufeCeGyclk19UwpnVoJwbCJEc%2FbUW00ykqdM0ElfwowqnLH9fLML8ku%2FdVtxdsKd2e54wQ4Ns7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c7bf1faead3631-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 06:20:04 GMT

GET
H3 200 asdhwalex.css
gzfzrxtaud.htsp.my.id/bagas/css/ 9 KB
1 KB 29ms
28ms Stylesheet
text/css 172.67.214.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzfzrxtaud.htsp.my.id/bagas/css/asdhwalex.css
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7893d2fb081ec23c9fae1f774745dab58213e6892b09087c37689700d56df6a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Apr 2023 21:07:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24356
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bg%2FgJ4aSC2wJnfbgjKuEhh6TU2YtB3UKnhLlT6PHSsWBeAXFKsE%2FAX3E0ezGz6t%2BZ3nWzJqWSHvcxYjj1E%2BXHhw0u2LEou2aDe%2B%2BJfsHpp%2FD4w3hjC%2FhfllPYU5YPK7pQkYepOEGd24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c7bf1faeaf3631-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 06:20:04 GMT

GET
H3 200 bagas.css
gzfzrxtaud.htsp.my.id/bagas/css/ 5 KB
2 KB 23ms
22ms Stylesheet
text/css 172.67.214.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzfzrxtaud.htsp.my.id/bagas/css/bagas.css
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 08:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24356
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJMbm8jsmtZR5ntzBHkQIhZ%2FiYgBHAT3r%2BicYT1h%2FtGZpt9yqIfDrgtOUdtXIE0kVfaTz%2BMi5gmbQ6xmmoWTjgTi30O3WJYvIzgxMHgbKGuzWlBAPSTmW4dIjEEFeXSZ2DZ0WODysHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c7bf1faeb03631-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 06:20:04 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 33ms
21ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1147849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4364
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65993750-110c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shnnmOyhYHY%2B79BPdooktqmxO2Ylz%2FyVyOJXG0UWkatRfx8pTLFOM1tPMVrfIk33OW3X0B8AFxTGya3OSG%2B2y8rQ9PDQ6c5S9h1S64JHdvq0CGnnUHxwqj7EROP6H47pPBTThEAB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c7bf1fbfcb4db6-FRA
expires: Sun, 20 Apr 2025 13:06:00 GMT

GET
H2

200

IMG-20230417-085435.jpg
i.postimg.cc/cJz4TY0r/
Redirect Chain

https://i.postimg.cc/cJz4TY0r/IMG-20230417-085435.jpgXzA3OTk1MzQuanBn.jpg
https://i.postimg.cc/cJz4TY0r/IMG-20230417-085435.jpg

134 KB
134 KB

64ms
64ms

Image
image/jpeg

162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/cJz4TY0r/IMG-20230417-085435.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 29f538253cc26fa822d5a8aa01b1798e9afb2ad6274a357cc1a143c5cc5c5f9a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gzfzrxtaud.htsp.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 136816
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://i.postimg.cc/cJz4TY0r/IMG-20230417-085435.jpg
date: Tue, 30 Apr 2024 13:06:00 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

IMG-20230417-085458.jpg
i.postimg.cc/YCbSGZPN/
Redirect Chain

https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpgXzAyNDkyMjMuanBn.jpg
https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg

126 KB
127 KB

64ms
64ms

Image
image/jpeg

162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 5d503f8657894fba5129d2e76ef451f8571d89a367776cbbce5f1edf75f29d3f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gzfzrxtaud.htsp.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 129456
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg
date: Tue, 30 Apr 2024 13:06:00 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 IMG-20230417-085410.jpg
i.postimg.cc/HnDW1gJm/ 98 KB
98 KB 76ms
38ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/HnDW1gJm/IMG-20230417-085410.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 4baaf2946fa6508e234d28450b2256785e612701faf8f5820c4a511201fe310c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 100442
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-085337.jpg
i.postimg.cc/vB68KBZX/ 151 KB
152 KB 76ms
38ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vB68KBZX/IMG-20230417-085337.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: e6bc7e10df7477df7993b5c37253898c6cacd85b5b56923930bdd19f75a116ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 154944
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-085259.jpg
i.postimg.cc/R0hZcGrk/ 96 KB
96 KB 76ms
38ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/R0hZcGrk/IMG-20230417-085259.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 0960d08fe3e7d03eef18f689dcee31b38953946fed2185b2b5b7dd4bcb410730

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 98379
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-175404.jpg
i.postimg.cc/bN6XBzPK/ 175 KB
175 KB 76ms
38ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/bN6XBzPK/IMG-20230417-175404.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 8a79d34770afc452de32807c9ca8f19d214eb185dabad0a8ed55b4f4046b7b9f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 10:54:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 178704
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-175333.jpg
i.postimg.cc/zGVmm9X3/ 99 KB
99 KB 65ms
64ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/zGVmm9X3/IMG-20230417-175333.jpg
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 0958e4f7cb09689cdff71042d60f84acd1424cf6b869dc1d1fa7bd8c5bc05370

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
last-modified: Mon, 17 Apr 2023 10:54:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 101241
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navbar.png
bagasarya.xyz/img/info/ 8 KB
9 KB 64ms
27ms Image
image/png 172.67.189.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bagasarya.xyz/img/info/navbar.png
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342762
alt-svc: h3=":443"; ma=86400
content-length: 8459
last-modified: Mon, 06 Mar 2023 02:41:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CRca%2FwIHBjV%2Fuf%2FE478%2BdA55Z%2FsP%2BbCEdRJjJTpZJSxs0DeP8WLTDSeNCjWPUX0Kb9jo55Rq%2BorNTY492ydVPMhf0azZxvJkousdyg3beP6vd1QABI2at2UKfMN4hMj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87c7bf1ffa869235-FRA
expires: Fri, 03 May 2024 13:53:18 GMT

GET
H3 200 modelFb.png
bagasarya.xyz/img/info/ 31 KB
32 KB 71ms
33ms Image
image/png 172.67.189.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bagasarya.xyz/img/info/modelFb.png
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a1d3bb7a7c79edc9a08de2369f4f7f201a0852bfaf5526716382fc7ad902a1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218140
alt-svc: h3=":443"; ma=86400
content-length: 31990
last-modified: Mon, 06 Mar 2023 02:41:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CaNywR3K%2BWFksbumGHW%2FMQN4A9WkNyUqLEKM4iNpNFBXlC8Zdq586v%2BUvvSMfNO8FQUKlQjZyB1RvkiNVnvaxzVDNB5Ojs6eL8Dfmz5JIXEkJICoSK8WLvFXPMJ1%2FmN4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87c7bf1ffa8b9235-FRA
expires: Sun, 05 May 2024 00:30:20 GMT

GET
H3 200 bagas.js Show response
gzfzrxtaud.htsp.my.id/bagas/js/ 87 KB
32 KB 41ms
40ms Script
text/javascript 172.67.214.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzfzrxtaud.htsp.my.id/bagas/js/bagas.js
Requested by: Host: gzfzrxtaud.htsp.my.id
URL: https://gzfzrxtaud.htsp.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:06:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Apr 2023 09:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3T%2FtRahXo9iRxqEfjwoGumGVmy5fdsXkscF%2B4ESZO1iPetaxP0NrRWluiOCBFOcqzH3cpRN3K95lFxRX1DhGJbpGlH5y8y33Mkge7zbvIN%2FDwsQvphu51Kqnlz%2BdgE5PUl7PT9CUTCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 87c7bf1fbec03631-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon.ico
gzfzrxtaud.htsp.my.id/ 1 KB
1 KB 42ms
41ms Other
text/html 172.67.214.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzfzrxtaud.htsp.my.id/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gzfzrxtaud.htsp.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 13:06:00 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KX2Uy7yFuQSj6RA7%2FtWQ5NLx4b3uqM5BJQgpga7bMKbG8Mj7TB7sHWYa8xcO06NDK8ZDKR0aDNpWxaUta2pDYgpsPNgBtXYRKYIxfcLzCsC0QUBNPAcp5f11dZePXQut9VbuXrXNm3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 87c7bf22ea9e3631-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gzfzrxtaud.htsp.my.id/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bagasarya.xyz
cdnjs.cloudflare.com
gzfzrxtaud.htsp.my.id
i.postimg.cc
104.17.24.14
162.19.88.68
172.67.189.18
172.67.214.249
0958e4f7cb09689cdff71042d60f84acd1424cf6b869dc1d1fa7bd8c5bc05370
0960d08fe3e7d03eef18f689dcee31b38953946fed2185b2b5b7dd4bcb410730
29f538253cc26fa822d5a8aa01b1798e9afb2ad6274a357cc1a143c5cc5c5f9a
4baaf2946fa6508e234d28450b2256785e612701faf8f5820c4a511201fe310c
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5d503f8657894fba5129d2e76ef451f8571d89a367776cbbce5f1edf75f29d3f
63522559221cb1217733189ab984dfaa362299c4d4c81eedc494a0306b65f6f0
787e1de80a59190b59c0d96e6a6243d2e750f24390c85bd6c878dfed506fecc4
7893d2fb081ec23c9fae1f774745dab58213e6892b09087c37689700d56df6a4
7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8a79d34770afc452de32807c9ca8f19d214eb185dabad0a8ed55b4f4046b7b9f
a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
d3a1d3bb7a7c79edc9a08de2369f4f7f201a0852bfaf5526716382fc7ad902a1
e6bc7e10df7477df7993b5c37253898c6cacd85b5b56923930bdd19f75a116ff

gzfzrxtaud.htsp.my.id Open in urlscan Pro 172.67.214.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

88 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

968 kBTransfer

1071 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

gzfzrxtaud.htsp.my.id Open in urlscan Pro
172.67.214.249 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

968 kB
Transfer

1071 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions