49dhv.ktt55.my.id Open in urlscan Pro
172.67.175.76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://49dhv.ktt55.my.id/
Submission: On March 11 via api (March 11th 2024, 11:39:42 pm UTC) from US — Scanned from US

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 32 HTTP transactions. The main IP is 172.67.175.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is 49dhv.ktt55.my.id.
TLS certificate: Issued by GTS CA 1P5 on January 17th 2024. Valid for: 3 months.

This is the only time 49dhv.ktt55.my.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
3	172.67.175.76 172.67.175.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
1	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
15	169.197.85.95 169.197.85.95	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
2 2	104.21.234.230 104.21.234.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.199.109.133 185.199.109.133	54113 (FASTLY) (FASTLY)
1	104.21.81.99 104.21.81.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.249.168.129 162.249.168.129	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.167.94 142.251.167.94	15169 (GOOGLE) (GOOGLE)
32	10

3 172.67.175.76 (United States)

ASN13335 (CLOUDFLARENET, US)

49dhv.ktt55.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

site-assets.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.91 (United States)

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 169.197.85.95 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.230 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.109.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-133.github.com

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.81.99 (None, )

ASN13335 (CLOUDFLARENET, US)

bagasarya.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.249.168.129 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ibb.co i.ibb.co — Cisco Umbrella Rank: 11855	5 MB
4	fontawesome.com site-assets.fontawesome.com — Cisco Umbrella Rank: 53984	1 MB
3	gstatic.com fonts.gstatic.com	47 KB
3	ktt55.my.id 49dhv.ktt55.my.id	8 KB
2	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4374
2	githack.com 2 redirects rawcdn.githack.com — Cisco Umbrella Rank: 62261	853 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	28 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19317	48 KB
1	bagasarya.xyz bagasarya.xyz — Cisco Umbrella Rank: 938443	9 KB
1	statically.io cdn.statically.io — Cisco Umbrella Rank: 5972
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
32	11

	Domain	Requested by
15	i.ibb.co	49dhv.ktt55.my.id
4	site-assets.fontawesome.com	49dhv.ktt55.my.id site-assets.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
3	49dhv.ktt55.my.id	49dhv.ktt55.my.id
2	raw.githubusercontent.com	49dhv.ktt55.my.id
2	rawcdn.githack.com	2 redirects
1	cdnjs.cloudflare.com	49dhv.ktt55.my.id
1	i.postimg.cc	49dhv.ktt55.my.id
1	bagasarya.xyz	49dhv.ktt55.my.id
1	cdn.statically.io	49dhv.ktt55.my.id
1	fonts.googleapis.com	49dhv.ktt55.my.id
32	11

This site contains no links.

Subject Issuer	Validity	Valid
ktt55.my.id GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
statically.io GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-26` - `2024-09-26`	a year	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
bagasarya.xyz GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
postimg.cc R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://49dhv.ktt55.my.id/
Frame ID: C9CB20479B57014B7ADC8F1FB3AA7DEB
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

𝗚𝗥𝗨𝗣 𝗖𝗔𝗥𝗜 𝗣𝗔𝗖𝗔𝗥

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Statically (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-z]*?:?//cdn\.statically\.io/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

2
Countries

6322 kB
Transfer

6803 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://rawcdn.githack.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png HTTP 301
https://raw.githubusercontent.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png

Request Chain 24

https://rawcdn.githack.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png HTTP 301
https://raw.githubusercontent.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
49dhv.ktt55.my.id/ 19 KB
4 KB 1362ms
906ms Document
text/html 172.67.175.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae240b89f592d3dd0b165989fbbaa9771651c8f5094c5151e66ac4f1d997c048

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 862f6275aaa65e72-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 23:39:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oh%2BFFDNWdJowJCo4PGiUsfQ8oT1DEOjm7WoY0i7%2F2O0UFdNhW%2FK2qnpglEqYlRAmnuTj8WMNIuulj6NInDz%2BHHn5sLrBVaZ5CqYobYAqxl3wK2aGHdz4nIeUxTzDu2SPALHNRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 all.css
site-assets.fontawesome.com/releases/v6.2.0/css/ 489 KB
92 KB 788ms
75ms Stylesheet
text/css 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a02638af64044a18e7e8489e13fd4ce0cc537e09a97ea71c416b6cd4a0f458b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 16:39:54 GMT
server: cloudflare
x-amz-request-id: QN55DZZ7632WYKDK
age: 10337884
etag: W/"8778597c9649abf1e2a16417de22d486"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 862f627fbb6943b1-EWR
x-amz-id-2: 2o9adAqCskS2/5xRqWvCp9yiDKhk+JDHgmhyIfaG1HZqgRM13oe3ukOFJa9gC8rkdt/pPrKRG0s=

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 782ms
70ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 23:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 22:31:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 23:39:36 GMT

GET
H2 404 alex-facebook.css
cdn.statically.io/gh/AlexHostX/all.asset/main/ 0
0 833ms
124ms Stylesheet
text/html 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.statically.io/gh/AlexHostX/all.asset/main/alex-facebook.css
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 asaykjwdawldkha.css
49dhv.ktt55.my.id/coreAlex/ 8 KB
2 KB 86ms
82ms Stylesheet
text/css 172.67.175.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://49dhv.ktt55.my.id/coreAlex/asaykjwdawldkha.css
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfed8e37df29437d8007a8fc7aaf5b29159b9844aa4233e4ca5d83c53bb7565e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 20:25:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32230
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSqpgwqzijOYJ5N6sddxkRwju6DJYIQoKPtqUzfxz0Ag8YFwX0FnIHdrsMywVTImoTxA29lag4pSem96ZXp8Rp2t3GZhn7pXnfYo4TdO2W5De3U4rbUEidUgBPGh0dk2jKgWSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 862f627b6a825e72-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 14:42:25 GMT

GET
H2 200 bagas.css
49dhv.ktt55.my.id/bagas/ 5 KB
1 KB 82ms
78ms Stylesheet
text/css 172.67.175.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://49dhv.ktt55.my.id/bagas/bagas.css
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.175.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 10:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32230
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VT6lrEyawwvUV6XomVY0DC6m2fxyKVkidbxwdHeysDRvhSXf3hf7kvvY7%2FhntMrDwfplfqluOoupXIqlcMkA3OxQdPMGaKotxD4aGQ7qT0gcPWSJoKTJHBYpvejx9JmdiWEWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 862f627b6a855e72-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Mar 2024 14:42:25 GMT

GET
H2 200 IMG-20230823-WA0132.jpg
i.ibb.co/9cYZdYr/ 103 KB
103 KB 210ms
65ms Image
image/jpeg 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/9cYZdYr/IMG-20230823-WA0132.jpg
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: d634cdd55fcd24bd9623de25178dbaa94dae5c8d12ef0e783fb5e12020e83731

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Wed, 23 Aug 2023 11:48:17 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 105416
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

404

vcralx.png
raw.githubusercontent.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/
Redirect Chain

https://rawcdn.githack.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png
https://raw.githubusercontent.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png

0
0

1038ms
79ms

Image
text/plain

185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://raw.githubusercontent.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Server: 185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-133.github.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Redirect headers

date: Mon, 11 Mar 2024 23:39:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2106
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYnNiDJi%2BvHz8PWRwEzjUUtksSA0w2Aon%2FN86MtB2Rh9e7005YLBmzr89UiABxmCNU4bpg8rKtqbD5U19pMUznPq0xEgmNSLRNvQlfnFyr5pueR%2BkTgjenE9NfLqv6DuhmG%2Bu1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://raw.githubusercontent.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png
access-control-allow-origin: *
cache-control: max-age=86400, public
cf-ray: 862f627fbc5f8c35-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 2.png
i.ibb.co/sWBtSx6/ 305 KB
305 KB 209ms
65ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/sWBtSx6/2.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 415274d87df0f7ae27a298df4710165ff4355e955c39bbe13329df5f114d8133

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:48:50 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 311908
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230823-WA0141.jpg
i.ibb.co/5F1FzDm/ 36 KB
36 KB 208ms
65ms Image
image/jpeg 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/5F1FzDm/IMG-20230823-WA0141.jpg
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 02f0758a2f1a1598965abd7a0c18c2ff9ed4c22bcd7eb1f2c85b62cb3c70e566

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Wed, 23 Aug 2023 11:58:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 37006
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.png
i.ibb.co/jJrwz1G/ 253 KB
253 KB 209ms
65ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/jJrwz1G/3.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67c247d6ec0a56b23c81d85dec702f04e562eb549a83c1ef0b2b9798bcd92936

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:49:26 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 259039
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4.png
i.ibb.co/yFSbcgK/ 614 KB
615 KB 209ms
66ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/yFSbcgK/4.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f2393b8888df2c0070fb8de553f805db13cc56a0c4c72cb947721b3237a56a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:49:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 628832
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14.png
i.ibb.co/5htr7B9/ 276 KB
277 KB 209ms
66ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/5htr7B9/14.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e1a43080d535257223924f8318cd50e895c7644061ee12dbaba8c922b94bd25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:50:11 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 282866
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5.png
i.ibb.co/M8T1CF3/ 366 KB
367 KB 176ms
175ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/M8T1CF3/5.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5119f47a93b098f04fb55d3eaf09338a83306d4fd57e21bf24143ae1ab6ebb5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:50:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 375161
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6.png
i.ibb.co/ykC96tW/ 329 KB
330 KB 176ms
175ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/ykC96tW/6.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: dfd8e09d8d51758183028386ae9d9d9fcf051a318cba2b9c91215ea4c4de8f28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:50:57 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 337138
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 13.png
i.ibb.co/yp6hKy5/ 355 KB
356 KB 176ms
175ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/yp6hKy5/13.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: f6dd35e7e3b3dc5031bdf3ca9944d893ac5bb505abbbc71228fd0e36b0fa748c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:51:52 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 363505
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7.png
i.ibb.co/JqkfLPL/ 652 KB
653 KB 177ms
176ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/JqkfLPL/7.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 24f14cfbe48d6f2f585c4513970593d13e831fad156733ed457c755f6cb4cd6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:52:23 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 667536
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8.png
i.ibb.co/X3D47TD/ 527 KB
528 KB 177ms
176ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/X3D47TD/8.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 44fbcf82b8427f7faef1fc28128997163e35226615a13dc9cc907437519d045e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:52:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 540020
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9.png
i.ibb.co/9vt21sJ/ 306 KB
307 KB 177ms
176ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/9vt21sJ/9.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: fd637518329c8cf48c112b9a5f38d58ce11f17cc73f8f6b895b0b09fbf06025f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:53:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 313523
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10.png
i.ibb.co/vkK42QT/ 217 KB
217 KB 177ms
176ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vkK42QT/10.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9bc8086e1fc722865d1dee5a443af63cbf1662923d4660b05b15c2680be4b69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:53:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 222012
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 11.png
i.ibb.co/py8bKhJ/ 290 KB
291 KB 177ms
177ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/py8bKhJ/11.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a7fe9cd8795cfba21f5ad9e20813d34444d8e15b715e9bae423840f0c31ca12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:53:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 297415
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 12.png
i.ibb.co/xzG24XV/ 334 KB
334 KB 177ms
177ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/xzG24XV/12.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 45132e2ca2c583b79b6b91621a3f387446adbbf5c92712e84751af6b651c5887

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Mon, 19 Sep 2022 19:54:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 341894
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 navbar.png
bagasarya.xyz/img/info/ 8 KB
9 KB 780ms
72ms Image
image/png 104.21.81.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bagasarya.xyz/img/info/navbar.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.81.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457882
alt-svc: h3=":443"; ma=86400
content-length: 8459
last-modified: Mon, 06 Mar 2023 02:41:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be8%2Fv21IF9Few5XIEDkZctImuVlnJvvVtsmWyuI5sQRQbUnHEK2rkYUYCTvQ1Gwm3qE3cZt4zuig7Iz2Zk30jxLmecNzRMHB4rw%2BQBsQFoYiHk6x9gjnee2rYISvuXaM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 862f627fbd960f6b-EWR
expires: Wed, 13 Mar 2024 16:28:14 GMT

GET
H2 200 logo-wa-whatsapp-300x300.png
i.postimg.cc/1zy57d8w/ 48 KB
48 KB 205ms
64ms Image
image/png 162.249.168.129
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/1zy57d8w/logo-wa-whatsapp-300x300.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: b4147576d07540aabe0913f67dcf9f1dbe2db0898ac54a57a4d178ea232c8b2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:35 GMT
last-modified: Tue, 25 Oct 2022 11:18:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 48731
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 88 KB
28 KB 772ms
62ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 979719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZq%2B959NZSmJPzMyD0LnnHytcC3CrOmFpnAokalJ3vhZvrGDBJhWM3sK16sSZ0ZiS7%2BGzeBwrZOOHx8dQkjS2HvJJHsNTCmve3e33YYzImI7Xpd155o%2F4wOPw3i4iP03ccZzHMzr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862f627fbf421891-EWR
expires: Sat, 01 Mar 2025 23:39:36 GMT

GET
H2

404

alxgrp.png
raw.githubusercontent.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/
Redirect Chain

https://rawcdn.githack.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png
https://raw.githubusercontent.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png

0
0

856ms
80ms

Image
text/plain

185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://raw.githubusercontent.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png
Requested by: Host: 49dhv.ktt55.my.id
URL: https://49dhv.ktt55.my.id/coreAlex/asaykjwdawldkha.css
Protocol: H2
Server: 185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-133.github.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://49dhv.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Redirect headers

date: Mon, 11 Mar 2024 23:39:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2104
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHKDhDIPoRxU3W3PWFlQzs4blhn05Qejn69mTiBV2nC8EMOSWfpGmsMLzxZDh%2FXedx7LGSWCMdb%2BE9e2M%2B5DwTuSvRA%2Bw9AO59HFNXF6ZzCVYqKv9D3EMKu1RXl5udpvrDZ5DlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://raw.githubusercontent.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png
access-control-allow-origin: *
cache-control: max-age=86400, public
cf-ray: 862f6280ed988c35-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 fa-regular-400.woff2
site-assets.fontawesome.com/releases/v6.2.0/webfonts/ 383 KB
383 KB 556ms
131ms Font
font/woff2 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.2.0/webfonts/fa-regular-400.woff2
Requested by: Host: site-assets.fontawesome.com
URL: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a382650b21de3c73d99257b3c58e36f916f2dbbe2a1c6c29d62cb40005821

Request headers

Referer: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://49dhv.ktt55.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:36 GMT
cf-cache-status: MISS
x-amz-request-id: 6SQGZCTBY1XP6CN3
content-length: 391720
x-amz-id-2: IG4PkhIjiWj0uUUOvHjgBUyAOtS8yDSP83MW3d2+ecdMLXDDVMppttNi5thleMa8bANyPOtMHDo=
last-modified: Tue, 30 Aug 2022 16:43:41 GMT
server: cloudflare
etag: "4a93626e358a95938a949352bb2a59f9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 862f6283ab4d0f36-EWR

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 923ms
84ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://49dhv.ktt55.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:38:04 GMT
x-content-type-options: nosniff
age: 262893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:38:04 GMT

GET
H2 200 fa-solid-900.woff2
site-assets.fontawesome.com/releases/v6.2.0/webfonts/ 311 KB
311 KB 633ms
209ms Font
font/woff2 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: site-assets.fontawesome.com
URL: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d9c49183cdd250b5282ddf8e8e9272b26fb15348ac8aea037ec45dfbdc53aa

Request headers

Referer: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://49dhv.ktt55.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:36 GMT
cf-cache-status: MISS
x-amz-request-id: 6SQZY6CXHEQ8MJF6
content-length: 318036
x-amz-id-2: fHqn6xZohyahbr1iAXanBsuf4OKrjyzuxKXKbnMaqE4YKEC4toyPefT0ymsFwhgCPbNZE2wko5s=
last-modified: Tue, 30 Aug 2022 16:43:41 GMT
server: cloudflare
etag: "750e40b51d2b5c96c9a1901d9a0f7a45"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 862f6283ab510f36-EWR

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 939ms
101ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://49dhv.ktt55.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 06:53:24 GMT
x-content-type-options: nosniff
age: 492373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 06:53:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 71ms
71ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://49dhv.ktt55.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:23:48 GMT
x-content-type-options: nosniff
age: 8149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 21:23:48 GMT

GET
H2 200 fa-duotone-900.woff2
site-assets.fontawesome.com/releases/v6.2.0/webfonts/ 422 KB
422 KB 152ms
152ms Font
font/woff2 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.2.0/webfonts/fa-duotone-900.woff2
Requested by: Host: site-assets.fontawesome.com
URL: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06323e048f41aef56c7753ecbb5a7a3c91113ea1a2514905c30e049cfcf06be3

Request headers

Referer: https://site-assets.fontawesome.com/releases/v6.2.0/css/all.css
Origin: https://49dhv.ktt55.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 23:39:41 GMT
cf-cache-status: MISS
x-amz-request-id: X1VVFE6M0JYH6R8Y
content-length: 431852
x-amz-id-2: ZDboBlxjt/zLXrADJ970Asz+GJLaORvE1e/kn+/LtJsXKnKbrnlK2rBRw/6H+YmoAq1CiT6rARQ=
last-modified: Tue, 30 Aug 2022 16:43:41 GMT
server: cloudflare
etag: "a5068b6a6f59e121a6029520952c1166"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 862f629ddc010f36-EWR

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.statically.io/gh/AlexHostX/all.asset/main/alex-facebook.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://raw.githubusercontent.com/AlexHostX/graph/a8dab531448aefaf0486e16bed4aa03c2f6d9963/grp/vcralx.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://raw.githubusercontent.com/AlexHostX/graph/94dc14483893505ac45fb857a468943b53b7810e/grp/alxgrp.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49dhv.ktt55.my.id
bagasarya.xyz
cdn.statically.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.postimg.cc
raw.githubusercontent.com
rawcdn.githack.com
site-assets.fontawesome.com
104.17.24.14
104.21.234.230
104.21.81.99
142.251.167.94
151.101.65.91
162.249.168.129
169.197.85.95
172.253.122.95
172.64.147.188
172.67.175.76
185.199.109.133
02f0758a2f1a1598965abd7a0c18c2ff9ed4c22bcd7eb1f2c85b62cb3c70e566
06323e048f41aef56c7753ecbb5a7a3c91113ea1a2514905c30e049cfcf06be3
096a382650b21de3c73d99257b3c58e36f916f2dbbe2a1c6c29d62cb40005821
1a02638af64044a18e7e8489e13fd4ce0cc537e09a97ea71c416b6cd4a0f458b
1a7fe9cd8795cfba21f5ad9e20813d34444d8e15b715e9bae423840f0c31ca12
24f14cfbe48d6f2f585c4513970593d13e831fad156733ed457c755f6cb4cd6c
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
415274d87df0f7ae27a298df4710165ff4355e955c39bbe13329df5f114d8133
44fbcf82b8427f7faef1fc28128997163e35226615a13dc9cc907437519d045e
45132e2ca2c583b79b6b91621a3f387446adbbf5c92712e84751af6b651c5887
4e1a43080d535257223924f8318cd50e895c7644061ee12dbaba8c922b94bd25
5119f47a93b098f04fb55d3eaf09338a83306d4fd57e21bf24143ae1ab6ebb5c
67c247d6ec0a56b23c81d85dec702f04e562eb549a83c1ef0b2b9798bcd92936
6f2393b8888df2c0070fb8de553f805db13cc56a0c4c72cb947721b3237a56a2
7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
ae240b89f592d3dd0b165989fbbaa9771651c8f5094c5151e66ac4f1d997c048
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4147576d07540aabe0913f67dcf9f1dbe2db0898ac54a57a4d178ea232c8b2f
bfed8e37df29437d8007a8fc7aaf5b29159b9844aa4233e4ca5d83c53bb7565e
c5d9c49183cdd250b5282ddf8e8e9272b26fb15348ac8aea037ec45dfbdc53aa
d634cdd55fcd24bd9623de25178dbaa94dae5c8d12ef0e783fb5e12020e83731
dfd8e09d8d51758183028386ae9d9d9fcf051a318cba2b9c91215ea4c4de8f28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bc8086e1fc722865d1dee5a443af63cbf1662923d4660b05b15c2680be4b69
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6dd35e7e3b3dc5031bdf3ca9944d893ac5bb505abbbc71228fd0e36b0fa748c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd637518329c8cf48c112b9a5f38d58ce11f17cc73f8f6b895b0b09fbf06025f

49dhv.ktt55.my.id Open in urlscan Pro 172.67.175.76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

94 %HTTPS

0 %IPv6

11 Domains

11 Subdomains

10 IPs

2 Countries

6322 kBTransfer

6803 kBSize

0 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

49dhv.ktt55.my.id Open in urlscan Pro
172.67.175.76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

94 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

2
Countries

6322 kB
Transfer

6803 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!