urlscan.io logo urlscan.io
SecurityTrails logo

haxor.my.id Open in urlscan Pro
188.114.97.9  Public Scan

Go To Rescan Add Verdict Report
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Submission: On March 29 via manual from ID — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 8 domains to perform 10 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is haxor.my.id.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.
This is the only time haxor.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.114.97.9 13335 (CLOUDFLAR...)
1 142.132.152.158 24940 (HETZNER-AS)
2 172.67.186.48 13335 (CLOUDFLAR...)
1 139.45.197.236 9002 (RETN-AS)
2 202.181.90.248 138341 (SHOPEE-AS...)
10 6
1    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
haxor.my.id
1    142.132.152.158 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.158.152.132.142.clients.your-server.de
gtmtag.xyz
2    172.67.186.48 (United States)

ASN13335 (CLOUDFLARENET, US)
www85.davisonbarker.pro
www28.davisonbarker.pro
1    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
outoctillerytor.com
2    202.181.90.248 (Singapore)

ASN138341 (SHOPEE-AS SHOPEE SINGAPORE PRIVATE LIMITED, SG)
mall.shopee.co.id
shopee.co.id
Apex Domain
Subdomains		 Transfer
2 shopee.co.id
mall.shopee.co.id — Cisco Umbrella Rank: 28003
shopee.co.id — Cisco Umbrella Rank: 8487
2 davisonbarker.pro
www85.davisonbarker.pro
www28.davisonbarker.pro
1 outoctillerytor.com
outoctillerytor.com — Cisco Umbrella Rank: 115458
1 gtmtag.xyz
gtmtag.xyz
1 haxor.my.id
haxor.my.id
4 KB
0 eygenci.com Failed
wrap.eygenci.com Failed
0 nbryb.com Failed
play.nbryb.com Failed
0 Failed
function sub() { [native code] }. Failed
10 8
Domain Requested by
1 shopee.co.id haxor.my.id
1 mall.shopee.co.id haxor.my.id
1 outoctillerytor.com haxor.my.id
1 www28.davisonbarker.pro haxor.my.id
1 www85.davisonbarker.pro haxor.my.id
1 gtmtag.xyz haxor.my.id
1 haxor.my.id
0 wrap.eygenci.com Failed haxor.my.id
0 play.nbryb.com Failed haxor.my.id
0 202.70.53.60 Failed haxor.my.id
10 10

This site contains no links.

Subject Issuer Validity Valid
haxor.my.id
GTS CA 1P5		 2024-02-17 -
2024-05-17		 3 months crt.sh
gtmtag.xyz
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
davisonbarker.pro
GTS CA 1P5		 2024-02-24 -
2024-05-24		 3 months crt.sh
outoctillerytor.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
*.shopee.com
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://haxor.my.id/open/Weapon_Y_V-6.html
Frame ID: E8CA96F5379FB8094658CAED017E9B84
Requests: 1 HTTP requests in this frame

Frame: https://202.70.53.60/API/CGRequest1?serviceNode=PTDOT&msisdn=&keyword=REG+MIND&msgCoding=1&sender=98686&hexMsg=REG+MIND&smscId=SMPP&bearerid=106&Wap_mdata=&serviceName=MIND%2B&subKeyword=6397dc33b95c0&request_locale=en&pushType=1&serviceDesc=A+web+service%2C+contain+a+cognitive+training+program+with+exclusive+content+to+enhance+IQ+and+memory.&transID=5112396674135&cpBgColor=black%22+onload%3D%22document.getElementById%28%27submitButton%27%29.click%28%29%3B&bgcolor=yellow&dRcp=DirectCP
Frame ID: B75FF4BDC6E6000D0EA19F7DEBE4D703
Requests: 1 HTTP requests in this frame

Frame: https://play.nbryb.com/ggl26_lnk17.html?ymid=0F70CBD0-8033-11ED-8079-05338301A02B&zoneid=4605715&sourceid=143704
Frame ID: C575AF08708222379AE4C271749CA0C3
Requests: 1 HTTP requests in this frame

Frame: https://gtmtag.xyz/id_smartfren/r3.php?h=a7665&clickid=85cebgxa5h9a3fnc44&azimuth=e1c443d8aff1219f71496de8c281a3ed9840c0dd5465add0bdcf195e08650ba49b5f7027605b70500d96a1854313c2ccfca02836993bd4bc5d651db379ffd348
Frame ID: 3F6221952B952F35C0793A350C66FF5A
Requests: 1 HTTP requests in this frame

Frame: https://www85.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=-1&pci=7181093845&t=1671845064&dest=https%3A%2F%2Fcrotpedia.net
Frame ID: F59D61B689419E261F38447308EF69BE
Requests: 1 HTTP requests in this frame

Frame: https://www28.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=-1&pci=7181093845&t=1671845064&dest=https%3A%2F%2Fcrotpedia.net
Frame ID: 2E559BA22D0ED3C508191135BE498BEE
Requests: 1 HTTP requests in this frame

Frame: https://outoctillerytor.com/clicks/tGF7dK6zgqU69QFMkB8VYZbwiUIAb49dJ1NqkTmE9TejoRT5g-NsfuqeXMQAyt9YkY6wT_R1NcohnA0n70_0vPwejaCzDsSs4v17NeILC2pig-QG6u2bncsjR6-98gp9TluWVRCcJYma_fo4rYPLOUZUJ7oG6ioi119BLa53nHyYh03sRWPAOCB2ogvH4AP9xL_qYmUM2pl5tPJvL7M_1XRjqGLX_U7Ap4OHN_Iij9CrzFvmXZa4dqKRpcbz9DczLRR9ukjo3Zah3h_n5KNb6wcucJhal6xvmVWeURnW41zeZtbATosyHPa-1NdfMJre9Ck1J9xvuDIhaSpgPl3ULAOOhf7YLqzuhZbUXYpQIyE9cJZI683q3RXcqYmRkWqs9nQAMvGIlq7hrLWnLNxt7rOlQM4CAQ7tDfz2BazZpt_HQ-hHK1O8Sef-gKXtjjHumU0W23rtVAY-cWPO77yQWZRe2mdsuSH1U8bgjZp5WhJWDo2dNT10CUSieKE=?_z=4616384&b=15729508&lse=2083&fs=0&cf=0&sw=360&sh=800&sah=800&wx=0&wy=0&ww=360&wh=690&cw=360&wiw=360&wih=690&wfc=8&pl=https%3A%2F%2Fklikmanga.id%2Fmanga%2Fshin-no-nakama-janai-to-yuusha-no-party-wo-oidasareta-node-henkyou-de-slow-life-suru-koto-ni-shimashita%2Fchapter-5%2Fp%2F24%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=true
Frame ID: A608777D329F346736984962EE5B1890
Requests: 1 HTTP requests in this frame

Frame: https://wrap.eygenci.com/oc/d70e3fd1d9?affclick=63a69720f1e7630001f7f0a9&pubid=692_143704
Frame ID: 6FA7B10119DB70F9C8AB539A344DB9CA
Requests: 1 HTTP requests in this frame

Frame: https://mall.shopee.co.id/web-to-app?__mobile__=1&override_language=id&redir=https%3A%2F%2Fshopee.co.id%3Futm_campaign%3D56efx8vggizj-%26utm_content%3D143704_480%26utm_medium%3Daffiliates%26utm_source%3Dan_11273120000&type=default&utm_campaign=56efx8vggizj-&utm_content=143704_480&utm_medium=affiliates&utm_source=an_11273120000
Frame ID: C0735B10359F60293406B612D75C25F8
Requests: 1 HTTP requests in this frame

Frame: https://shopee.co.id/?utm_source=an_11113050000&utm_medium=affiliates&utm_campaign=-&utm_content=2205103-5e9ac2e22fc543c88503407db7ef90b7-&utm_term=8i4rf5dpnmt3
Frame ID: 81FF6877ADE488F8D0D26DF7DB3F6726
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

6
IPs

5
Countries

4 kB
Transfer

7 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Weapon_Y_V-6.html
haxor.my.id/open/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Prinsh.com
Resource Hash
0f99e49a8935cd836541c0d27d0e3a340d0c9e4e8a4caee27ed3146895530338
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
author
Nathan Prinsley
cache-control
public, max-age=31536000
cf-cache-status
DYNAMIC
cf-ray
86c3b6af9d0b9717-AMS
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 29 Mar 2024 23:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcSepBXlzSPGEUwkYW%2FGWUNxZIxQ%2B60J986klMEwSgEHjdi2oCYk2iIkUo7vAv%2BtvYRhW6DivWjPkuDoJNj8Msu4XtLGOU5ifXY2i1G6nffRJ%2B68XF25jmwjBZpVSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-powered-by
Prinsh.com
x-xss-protection
1; mode=block
CGRequest1
202.70.53.60/API/ Frame B75F 		0
0
ggl26_lnk17.html
play.nbryb.com/ Frame C575 		0
0
r3.php
gtmtag.xyz/id_smartfren/ Frame 3F62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gtmtag.xyz/id_smartfren/r3.php?h=a7665&clickid=85cebgxa5h9a3fnc44&azimuth=e1c443d8aff1219f71496de8c281a3ed9840c0dd5465add0bdcf195e08650ba49b5f7027605b70500d96a1854313c2ccfca02836993bd4bc5d651db379ffd348
Requested by
Host: haxor.my.id
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.152.158 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.152.132.142.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash

Request headers

Referer
https://haxor.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 23:41:58 GMT
server
nginx/1.22.1
/
www85.davisonbarker.pro/pushredirect/ Frame F59D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www85.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=-1&pci=7181093845&t=1671845064&dest=https%3A%2F%2Fcrotpedia.net
Requested by
Host: haxor.my.id
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash

Request headers

Referer
https://haxor.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c3b6b629db9706-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 23:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7rkJkO74c9hFXWHG3hXyv0gE6kUB4GPVPJ1nshN4hXGzZeKSzeXMdVIHELYvVYvnW%2BFoQIohceqAYXE%2F8x6hUe2nwim%2BGI%2FnoDQqbDuFPrrFTwJCWoQfUpyne4vz0NrV8zcTQoWkptHmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
/
www28.davisonbarker.pro/pushredirect/ Frame 2E55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www28.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=-1&pci=7181093845&t=1671845064&dest=https%3A%2F%2Fcrotpedia.net
Requested by
Host: haxor.my.id
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash

Request headers

Referer
https://haxor.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c3b6b68a259706-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 23:41:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhZJIuXCz7c%2FDU8%2FJQxI2QvxvYEWcLW7fU3koJCCXlmLUzKHZstqhu8kn7IdPU4HRHon5G19uPwFurzmiaouwuI5JT5yojBt5Z1oxqaK%2BQ%2FDb8fl5yY6znwWHxF4flUcRPcjXL3H9LbDcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
tGF7dK6zgqU69QFMkB8VYZbwiUIAb49dJ1NqkTmE9TejoRT5g-NsfuqeXMQAyt9YkY6wT_R1NcohnA0n70_0vPwejaCzDsSs4v17NeILC2pig-QG6u2bncsjR6-98gp9TluWVRCcJYma_fo4rYPLOUZUJ7oG6ioi119BLa53nHyYh03sRWPAOCB2ogvH4AP9xL_qY...
outoctillerytor.com/clicks/ Frame A608 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://outoctillerytor.com/clicks/tGF7dK6zgqU69QFMkB8VYZbwiUIAb49dJ1NqkTmE9TejoRT5g-NsfuqeXMQAyt9YkY6wT_R1NcohnA0n70_0vPwejaCzDsSs4v17NeILC2pig-QG6u2bncsjR6-98gp9TluWVRCcJYma_fo4rYPLOUZUJ7oG6ioi119BLa53nHyYh03sRWPAOCB2ogvH4AP9xL_qYmUM2pl5tPJvL7M_1XRjqGLX_U7Ap4OHN_Iij9CrzFvmXZa4dqKRpcbz9DczLRR9ukjo3Zah3h_n5KNb6wcucJhal6xvmVWeURnW41zeZtbATosyHPa-1NdfMJre9Ck1J9xvuDIhaSpgPl3ULAOOhf7YLqzuhZbUXYpQIyE9cJZI683q3RXcqYmRkWqs9nQAMvGIlq7hrLWnLNxt7rOlQM4CAQ7tDfz2BazZpt_HQ-hHK1O8Sef-gKXtjjHumU0W23rtVAY-cWPO77yQWZRe2mdsuSH1U8bgjZp5WhJWDo2dNT10CUSieKE=?_z=4616384&b=15729508&lse=2083&fs=0&cf=0&sw=360&sh=800&sah=800&wx=0&wy=0&ww=360&wh=690&cw=360&wiw=360&wih=690&wfc=8&pl=https%3A%2F%2Fklikmanga.id%2Fmanga%2Fshin-no-nakama-janai-to-yuusha-no-party-wo-oidasareta-node-henkyou-de-slow-life-suru-koto-ni-shimashita%2Fchapter-5%2Fp%2F24%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=true
Requested by
Host: haxor.my.id
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://haxor.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
148
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 23:41:58 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Origin
x-content-type-options
nosniff
x-trace-id
c02f20b8ba788c94727f74af80e837cb
d70e3fd1d9
wrap.eygenci.com/oc/ Frame 6FA7 		0
0
web-to-app
mall.shopee.co.id/ Frame C073 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mall.shopee.co.id/web-to-app?__mobile__=1&override_language=id&redir=https%3A%2F%2Fshopee.co.id%3Futm_campaign%3D56efx8vggizj-%26utm_content%3D143704_480%26utm_medium%3Daffiliates%26utm_source%3Dan_11273120000&type=default&utm_campaign=56efx8vggizj-&utm_content=143704_480&utm_medium=affiliates&utm_source=an_11273120000
Requested by
Host: haxor.my.id
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.181.90.248 , Singapore, ASN138341 (SHOPEE-AS SHOPEE SINGAPORE PRIVATE LIMITED, SG),
Reverse DNS
Software
SGW /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.shopeemobile.com *.shopee.co.id *.shopee.cn *.facebook.com;

Request headers

Referer
https://haxor.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.shopeemobile.com *.shopee.co.id *.shopee.cn *.facebook.com;
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 23:41:58 GMT
server
SGW
shopee-baggage
vary
Accept-Encoding
x-request-id
b765482e14d52f8ba5d60aa3433f1600:0000006147563f81:0000000000000000
/
shopee.co.id/ Frame 81FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shopee.co.id/?utm_source=an_11113050000&utm_medium=affiliates&utm_campaign=-&utm_content=2205103-5e9ac2e22fc543c88503407db7ef90b7-&utm_term=8i4rf5dpnmt3
Requested by
Host: haxor.my.id
URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.181.90.248 , Singapore, ASN138341 (SHOPEE-AS SHOPEE SINGAPORE PRIVATE LIMITED, SG),
Reverse DNS
Software
SGW /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.wallet.airpay.co.id *.shopee.kr *.airpay.co.id *.shopeemobile.com *.shopee.co.id *.shopee.cn *.shopee.io *.facebook.com https://bela-portal.festiware.com https://belapengadaan.lkpp.go.id https://lkpp-portal.festiware.com;

Request headers

Referer
https://haxor.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.wallet.airpay.co.id *.shopee.kr *.airpay.co.id *.shopeemobile.com *.shopee.co.id *.shopee.cn *.shopee.io *.facebook.com https://bela-portal.festiware.com https://belapengadaan.lkpp.go.id https://lkpp-portal.festiware.com;
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 23:41:58 GMT
server
SGW
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
202.70.53.60
URL
https://202.70.53.60/API/CGRequest1?serviceNode=PTDOT&msisdn=&keyword=REG+MIND&msgCoding=1&sender=98686&hexMsg=REG+MIND&smscId=SMPP&bearerid=106&Wap_mdata=&serviceName=MIND%2B&subKeyword=6397dc33b95c0&request_locale=en&pushType=1&serviceDesc=A+web+service%2C+contain+a+cognitive+training+program+with+exclusive+content+to+enhance+IQ+and+memory.&transID=5112396674135&cpBgColor=black%22+onload%3D%22document.getElementById%28%27submitButton%27%29.click%28%29%3B&bgcolor=yellow&dRcp=DirectCP
Domain
play.nbryb.com
URL
https://play.nbryb.com/ggl26_lnk17.html?ymid=0F70CBD0-8033-11ED-8079-05338301A02B&zoneid=4605715&sourceid=143704
Domain
wrap.eygenci.com
URL
https://wrap.eygenci.com/oc/d70e3fd1d9?affclick=63a69720f1e7630001f7f0a9&pubid=692_143704

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onpagereveal

4 Cookies

Domain/Path Name / Value
.haxor.my.id/ Name: NathanPrinsley
Value: %2Fopen%2FWeapon_Y_V-6.html
gloorsie.com/ Name: OAID
Value: 00802e6eea4c4f87fe8cdac02e72f068
gloorsie.com/ Name: oaidts
Value: 1711755718
my.rtmark.net/ Name: ID
Value: 00802e6eea4c4f87fe8cdac02e72f068

7 Console Messages

Source Level URL
Text
other warning URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://haxor.my.id/open/Weapon_Y_V-6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error
Message:
Refused to frame 'https://mall.shopee.co.id/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.shopeemobile.com *.shopee.co.id *.shopee.cn *.facebook.com".
security error
Message:
Refused to frame 'https://shopee.co.id/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.wallet.airpay.co.id *.shopee.kr *.airpay.co.id *.shopeemobile.com *.shopee.co.id *.shopee.cn *.shopee.io *.facebook.com https://bela-portal.festiware.com https://belapengadaan.lkpp.go.id https://lkpp-portal.festiware.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Xss-Protection 1; mode=block