URL: https://nitro.my.id/
Submission Tags: phishingrod
Submission: On December 02 via api from DE — Scanned from NL

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is nitro.my.id.
TLS certificate: Issued by E1 on December 1st 2023. Valid for: 3 months.
This is the only time nitro.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 79.98.26.30 212531 (INTERNETO...)
1 103.41.207.110 58397 (INFINYS-A...)
2 2a00:1450:400... 15169 (GOOGLE)
21 6
Apex Domain
Subdomains
Transfer
10 gtmeps.com
gtmeps.com
184 KB
4 nitro.my.id
nitro.my.id
262 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
425 KB
1 belasting.id
www.belasting.id
74 KB
21 6
Domain Requested by
10 gtmeps.com nitro.my.id
gtmeps.com
4 nitro.my.id nitro.my.id
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com nitro.my.id
gtmeps.com
2 cdn.jsdelivr.net nitro.my.id
cdn.jsdelivr.net
1 www.belasting.id nitro.my.id
21 6

This site contains links to these domains. Also see Links.

Domain
discord.gg
wa.me
Subject Issuer Validity Valid
nitro.my.id
E1
2023-12-01 -
2024-02-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
gtmeps.com
R3
2023-11-10 -
2024-02-08
3 months crt.sh
belasting.id
R3
2023-11-30 -
2024-02-28
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nitro.my.id/
Frame ID: 0D947352FF1C3BB0BA8A1FB9AD8F372F
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Nitro Private Server| Official Website

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

962 kB
Transfer

1407 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nitro.my.id/
13 KB
4 KB
Document
General
Full URL
https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333f74631684372c3ef0c93e6b8230ad54367e4ccfee70a1efde89ece37ef94d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82f2a3245be5b91a-AMS
content-encoding
br
content-type
text/html
date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Fri, 01 Dec 2023 17:47:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=no%2F6rhxFmffYqz8UAMCFvppZIvDQmLLEZI%2BWPGCP0sZuHTUph72DZ1CsqLSin1x0XqRpiCssCS0DYA%2Fac9vL9MZxHWW%2FZE0p2pCu%2Bi3vGeE%2FoJaBMLPLLziLEZFKT%2Fe%2BwVHlvMwp6n5ysw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@6.9.96/css/
317 KB
51 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@6.9.96/css/materialdesignicons.min.css
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e461b3a66dfb905a602e4c0ea68a1e541100deee2cb8f385f15607f162f914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
108423
x-jsd-version
6.9.96
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230049-FRA, cache-ams21050-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"4f282-1D6weazFksruMlqwFpRkFFnIKFM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZxBIbqmJBMEHed6JP8ZbJImo8qhJOibAQOcLqzUf27yZ%2BLSDaly67fViZ0kHIDQpiJNjCVlW9NzGlfz7hyfjbo1GZi%2F6Te815jCxhDPFrdK99VFqK1QYGapqKoL7hYdNPxEpue20D4jUtq2X0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82f2a3281fdb0b73-AMS
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;700;800;900&display=swap
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d18a9934df0b66542e13cc6e7892cb48021e37b4b3505f8bf489785ce944a84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 09:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 09:45:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 09:45:29 GMT
style.min.css
gtmeps.com/css/
157 KB
24 KB
Stylesheet
General
Full URL
https://gtmeps.com/css/style.min.css
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
content-encoding
gzip
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"27588-605a5ad4f95ea-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
24583
expires
Sat, 09 Dec 2023 09:45:29 GMT
style.css
gtmeps.com/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://gtmeps.com/css/style.css?updated=75ada5d8da17b700e4527bcfbaac4cb930853f4d373a570e4841ec8f86ad6374
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
f4929a10f78e4062cfdac1bbb6d6ea7ba517098c94260fb1d74ad33bf1152a48

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
content-encoding
gzip
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"6439-605a5ad4f6af2-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
5260
expires
Sat, 09 Dec 2023 09:45:29 GMT
normal_player.png
nitro.my.id/images/
20 KB
21 KB
Image
General
Full URL
https://nitro.my.id/images/normal_player.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
187b9a5e1f4bb656a16856d77a4d28f63d2fbd2d38e16cf1116846b797f2da8c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:30 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Nov 2023 16:47:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdoQJ5jERGHCEeaiBg2kbuYidmV%2Fqtg2c3TmEtryi%2BoBzfgWX0%2FgNj5yaQoE7VBx0dkS6ewoXNmi83GksyEFlQS9KIePjBVaUMygDY4PVJi%2BIqvczj74%2FJQzqdxQY%2BVzUgramV5A7aRdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82f2a327cf8bb91a-AMS
alt-svc
h3=":443"; ma=86400
content-length
20619
nitrops.png
nitro.my.id/images/
236 KB
237 KB
Image
General
Full URL
https://nitro.my.id/images/nitrops.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
298aa9705da97b885b171dc48680f6cba2311d6e8f5a33314ee574fb29afb718

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:30 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Nov 2023 17:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L42kor2tVeDWlCoTSnlAeRGDSaZg80h292n4TK%2B1sibinTdcHDqgGXIKfNeIhT5N%2FPhlm57rRopNnj181%2FUScWFwexJL707BL6JNPf2JtfdO5kaj1DOekrt4cdt3FM81WklKWWPDlf4IOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82f2a327cf94b91a-AMS
alt-svc
h3=":443"; ma=86400
content-length
241997
golden_player.png
gtmeps.com/images/
26 KB
26 KB
Image
General
Full URL
https://gtmeps.com/images/golden_player.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
f0a6ce50c7bc3210dfdc29f5792dde1def5f88e103000bca9c9b308bc28ad042

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"6644-605a5ad527ffd"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
26180
expires
Sat, 09 Dec 2023 09:45:29 GMT
megaphone.png
gtmeps.com/images/
2 KB
2 KB
Image
General
Full URL
https://gtmeps.com/images/megaphone.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
e865426c28c404783fdb8d1483b5d7bfa159d5a6bde2138a6bd9c91f9b533854

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"97d-605a5ad527ffd"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2429
expires
Sat, 09 Dec 2023 09:45:29 GMT
vending.png
gtmeps.com/images/
3 KB
3 KB
Image
General
Full URL
https://gtmeps.com/images/vending.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
046bd4aaa1075ae3319c277fb508ddb223e87e1caf0ac6c5ecea5cdf2efdab1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:16 GMT
server
Apache
etag
"aea-605a5ad54a2da"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2794
expires
Sat, 09 Dec 2023 09:45:29 GMT
birth.png
gtmeps.com/images/
3 KB
3 KB
Image
General
Full URL
https://gtmeps.com/images/birth.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
2f544a65860adca7fda1e46cc8b82061686e1bf4f82a9dafb3a8ad27d83ac492

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"c2d-605a5ad51b4de"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
3117
expires
Sat, 09 Dec 2023 09:45:29 GMT
tutorial.png
gtmeps.com/images/
2 KB
2 KB
Image
General
Full URL
https://gtmeps.com/images/tutorial.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
ec8cb59d62c03e16fea9161d32f7a8e14b0aeac32ddfbc70460e8a7811497418

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"7d6-605a5ad5429c3"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2006
expires
Sat, 09 Dec 2023 09:45:29 GMT
top_player.png
gtmeps.com/images/
39 KB
39 KB
Image
General
Full URL
https://gtmeps.com/images/top_player.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
be423e9b284b540088ae521635ee99773d83d197b229263fd9a22495df5cc9d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"9a75-605a5ad5421f3"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
39541
expires
Sat, 09 Dec 2023 09:45:29 GMT
time.png
gtmeps.com/images/
3 KB
3 KB
Image
General
Full URL
https://gtmeps.com/images/time.png
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
b9d069f17e6aafbaf8b2155fb20684037fb8b0b8d551e5c5ef7fe7c423296230

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"a2e-605a5ad53bc63"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2606
expires
Sat, 09 Dec 2023 09:45:29 GMT
d2afd298baab9cc9c0bfb33f126c8ff0.jpg
www.belasting.id/images/post/content/1/2022/2022-09-14/
73 KB
74 KB
Image
General
Full URL
https://www.belasting.id/images/post/content/1/2022/2022-09-14/d2afd298baab9cc9c0bfb33f126c8ff0.jpg
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.41.207.110 Karet Kuningan, Indonesia, ASN58397 (INFINYS-AS-ID PT Infinys System Indonesia, ID),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
81d7f46958f78d217e7fb81623a2ae401b1f1f72fc0952c4389f9d1039a65024

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 09:44:38 GMT
Last-Modified
Wed, 14 Sep 2022 14:30:48 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag
"124e1-5e8a3f9934f95"
Vary
User-Agent
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
74977
email-decode.min.js
nitro.my.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://nitro.my.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nitro.my.id
URL: https://nitro.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitro.my.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 16:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65660ffd-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FojrL0vmB%2B9qWO5E8f589pcelnCiFedIxl7otQUrBZR4WuPUhIZfmvncRZ3N664eMRoS%2FAmsCMyam1iczN9DYfIfdoSBdaauuiEFklE%2BE8TUk4SQBKvvHKFL3TQVjYKhu%2Fqait27h6m%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82f2a327cf90b91a-AMS
expires
Mon, 04 Dec 2023 09:45:29 GMT
css
fonts.googleapis.com/
16 KB
1012 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,700,600
Requested by
Host: gtmeps.com
URL: https://gtmeps.com/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02d7cc078e8c3cff7ec972abe528bc397bc3767c058fe7ff202bfcde2f530c03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gtmeps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 09:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 09:42:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 09:45:29 GMT
background.png
gtmeps.com/images/
76 KB
77 KB
Image
General
Full URL
https://gtmeps.com/images/background.png
Requested by
Host: gtmeps.com
URL: https://gtmeps.com/css/style.css?updated=75ada5d8da17b700e4527bcfbaac4cb930853f4d373a570e4841ec8f86ad6374
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.26.30 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
vilkdalgis.serveriai.lt
Software
Apache /
Resource Hash
2b5bc12a44f386f5d5bb5fc0d51ce55d0818324ef8eb070f996e04d333598eb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gtmeps.com/css/style.css?updated=75ada5d8da17b700e4527bcfbaac4cb930853f4d373a570e4841ec8f86ad6374
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:29 GMT
last-modified
Mon, 18 Sep 2023 17:43:15 GMT
server
Apache
etag
"1307e-605a5ad51dbee"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
77950
expires
Sat, 09 Dec 2023 09:45:29 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nitro.my.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 00:19:52 GMT
x-content-type-options
nosniff
age
33938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 00:19:52 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@6.9.96/fonts/
373 KB
374 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@6.9.96/fonts/materialdesignicons-webfont.woff2?v=6.9.96
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@6.9.96/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633d596f7288835ff04eba1105f41cf6fe5c9ffed41f2cb20a3f00fb035c0c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@6.9.96/css/materialdesignicons.min.css
Origin
https://nitro.my.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:45:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
113834
x-jsd-version
6.9.96
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
381688
x-served-by
cache-fra-eddf8230103-FRA, cache-ams21071-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"5d2f8-wtunkFhOlGmtjUyXdeCH4ix7aaA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvN6LT65iCx3yrzxnqSbVgM21STQ72yi6pPaXlP0WjRUD2BlGO4%2BbGq826E3yKnKME4DthKH5N974R5co6omuoaeub2XZz8WbUBAZd9u%2BWnrVSGtbU%2Fz3zT%2FqpVoXbMKV5Lc0A1nu27NHJ0Rr0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82f2a32a8e746679-AMS
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nitro.my.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:33:17 GMT
x-content-type-options
nosniff
age
51133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 19:33:17 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
gtmeps.com
nitro.my.id
www.belasting.id
103.41.207.110
2606:4700::6810:5814
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a06:98c1:3120::9
79.98.26.30
02d7cc078e8c3cff7ec972abe528bc397bc3767c058fe7ff202bfcde2f530c03
046bd4aaa1075ae3319c277fb508ddb223e87e1caf0ac6c5ecea5cdf2efdab1b
187b9a5e1f4bb656a16856d77a4d28f63d2fbd2d38e16cf1116846b797f2da8c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
298aa9705da97b885b171dc48680f6cba2311d6e8f5a33314ee574fb29afb718
29e461b3a66dfb905a602e4c0ea68a1e541100deee2cb8f385f15607f162f914
2b5bc12a44f386f5d5bb5fc0d51ce55d0818324ef8eb070f996e04d333598eb3
2f544a65860adca7fda1e46cc8b82061686e1bf4f82a9dafb3a8ad27d83ac492
333f74631684372c3ef0c93e6b8230ad54367e4ccfee70a1efde89ece37ef94d
633d596f7288835ff04eba1105f41cf6fe5c9ffed41f2cb20a3f00fb035c0c8b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81d7f46958f78d217e7fb81623a2ae401b1f1f72fc0952c4389f9d1039a65024
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
b9d069f17e6aafbaf8b2155fb20684037fb8b0b8d551e5c5ef7fe7c423296230
be423e9b284b540088ae521635ee99773d83d197b229263fd9a22495df5cc9d7
c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277
d18a9934df0b66542e13cc6e7892cb48021e37b4b3505f8bf489785ce944a84d
e865426c28c404783fdb8d1483b5d7bfa159d5a6bde2138a6bd9c91f9b533854
ec8cb59d62c03e16fea9161d32f7a8e14b0aeac32ddfbc70460e8a7811497418
f0a6ce50c7bc3210dfdc29f5792dde1def5f88e103000bca9c9b308bc28ad042
f4929a10f78e4062cfdac1bbb6d6ea7ba517098c94260fb1d74ad33bf1152a48