urlscan.io logo urlscan.io
SecurityTrails logo

www.farhanzip.my.id Open in urlscan Pro
142.250.199.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.farhanzip.my.id/
Effective URL: https://www.farhanzip.my.id/
Submission Tags: @phish_report
Submission: On April 13 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 142.250.199.19, located in United States and belongs to GOOGLE, US. The main domain is www.farhanzip.my.id.
TLS certificate: Issued by GTS CA 1D4 on April 13th 2024. Valid for: 3 months.
This is the only time www.farhanzip.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 142.250.199.19 15169 (GOOGLE)
2 142.250.199.3 15169 (GOOGLE)
1 216.58.199.233 15169 (GOOGLE)
2 216.58.200.1 15169 (GOOGLE)
8 5
Apex Domain
Subdomains		 Transfer
3 farhanzip.my.id
www.farhanzip.my.id
27 KB
2 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 15254
12 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12004
51 KB
8 4
Domain Requested by
3 www.farhanzip.my.id www.farhanzip.my.id
2 1.bp.blogspot.com
2 fonts.gstatic.com www.farhanzip.my.id
1 www.blogger.com www.farhanzip.my.id
8 4
Subject Issuer Validity Valid
www.farhanzip.my.id
GTS CA 1D4		 2024-04-13 -
2024-07-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.farhanzip.my.id/
Frame ID: B873126DE7B61ED651795264F0CEFF50
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

farhanzip

Page URL History Show full URLs

  1. http://www.farhanzip.my.id/ HTTP 307
    https://www.farhanzip.my.id/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

121 kB
Transfer

290 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.farhanzip.my.id/ HTTP 307
    https://www.farhanzip.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.farhanzip.my.id/
Redirect Chain
  • http://www.farhanzip.my.id/
  • https://www.farhanzip.my.id/
103 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.farhanzip.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s14-in-f19.1e100.net
Software
GSE /
Resource Hash
898b6b9cf8c56f12ad5d5299baf92c2c58071bf12aca1161856ab01ca5f32c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
25393
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 15:35:16 GMT
etag
W/"3b5909b1a1bc4dfc69c6f9d4cb8c568c1eb64740824451b06e5cd0bea13f22d1"
expires
Sat, 13 Apr 2024 15:35:16 GMT
last-modified
Thu, 21 Mar 2024 01:44:58 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.farhanzip.my.id/
Non-Authoritative-Reason
HttpsUpgrades
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.farhanzip.my.id
URL: https://www.farhanzip.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s14-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Origin
https://www.farhanzip.my.id
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 09:28:35 GMT
x-content-type-options
nosniff
age
281202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 09:28:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.farhanzip.my.id
URL: https://www.farhanzip.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s14-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Origin
https://www.farhanzip.my.id
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 07:45:27 GMT
x-content-type-options
nosniff
age
287390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 07:45:27 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86f2f42d5ca4458f9c2b3b090e777ecbbbb237999c1cfe71878c4e10a22dd6d5

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		160 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
742c0d393fd734cc411855e644c0d7371520886fea441abce11b08b370c1b7d1

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
2322749050-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2322749050-widgets.js
Requested by
Host: www.farhanzip.my.id
URL: https://www.farhanzip.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.199.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s15-in-f9.1e100.net
Software
sffe /
Resource Hash
8d24bde20b363f28e460e4d80a3ac98536458559b241cbcacbe75cc27bb21d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51587
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 07:59:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 13 Apr 2025 06:39:11 GMT
summary
www.farhanzip.my.id/feeds/posts/ 		1 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.farhanzip.my.id/feeds/posts/summary?alt=json-in-script&max-results=0
Requested by
Host: www.farhanzip.my.id
URL: https://www.farhanzip.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s14-in-f19.1e100.net
Software
blogger-renderd /
Resource Hash
b5c746f2f13800dc96a8f0f89ec1cfc47bb77a67cbe61150a7cd99e4e6f6b547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 15:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 01:44:58 GMT
server
blogger-renderd
etag
W/"f94ed9115f68a927891366290e31fa72b189897d5ec76fdb825a01c1885b0b62"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
711
x-xss-protection
0
expires
Sat, 13 Apr 2024 15:35:18 GMT
fiksioner-no-image.png
1.bp.blogspot.com/-fcqYJ8sOUtw/X0zEQsZWkVI/AAAAAAAAI24/hAq1jqHHAhYIZoRqkSsdlh3QBBfYcYAwgCLcBGAsYHQ/w680-h453-p-k-no-nu/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-fcqYJ8sOUtw/X0zEQsZWkVI/AAAAAAAAI24/hAq1jqHHAhYIZoRqkSsdlh3QBBfYcYAwgCLcBGAsYHQ/w680-h453-p-k-no-nu/fiksioner-no-image.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.200.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s16-in-f1.1e100.net
Software
fife /
Resource Hash
68c67cfdddc1fa10962ce0feaa27ab025ea8e6c8230dab0fe65c4c80c67d68cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 15:35:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v236f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fiksioner-no-image.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7210
x-xss-protection
0
expires
Sun, 14 Apr 2024 15:35:17 GMT
fiksioner-no-image.png
1.bp.blogspot.com/-fcqYJ8sOUtw/X0zEQsZWkVI/AAAAAAAAI24/hAq1jqHHAhYIZoRqkSsdlh3QBBfYcYAwgCLcBGAsYHQ/w250-h200-p-k-no-nu/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-fcqYJ8sOUtw/X0zEQsZWkVI/AAAAAAAAI24/hAq1jqHHAhYIZoRqkSsdlh3QBBfYcYAwgCLcBGAsYHQ/w250-h200-p-k-no-nu/fiksioner-no-image.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.200.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s16-in-f1.1e100.net
Software
fife /
Resource Hash
4f02acae142d605322646f4c546b19685bdd9c04857583e54d09f9b7e223a6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 15:35:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v236f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fiksioner-no-image.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4765
x-xss-protection
0
expires
Sun, 14 Apr 2024 15:35:17 GMT
favicon.ico
www.farhanzip.my.id/ 		1 KB
488 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.farhanzip.my.id/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kul09s14-in-f19.1e100.net
Software
GSE /
Resource Hash
5eab60b6d2ca669a8c4d3c1cabdd8513ab5e13894f97c1b75f2f621f7bc2f227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.farhanzip.my.id/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 15:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 01:44:58 GMT
server
GSE
etag
W/"3b5909b1a1bc4dfc69c6f9d4cb8c568c1eb64740824451b06e5cd0bea13f22d1"
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
content-length
360
x-xss-protection
1; mode=block
expires
Sat, 13 Apr 2024 15:35:17 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| _0xa87b object| a object| b object| c object| d object| e object| f object| g object| head object| body object| footer object| footerInner object| footerInnerRight object| footerInnerLeft string| cr1 string| cr2 number| Width string| url undefined| nopage string| pagetype number| current undefined| labelname string| totalpost number| rel object| reljudul object| relurl object| relgambar object| elem object| relelem object| relmulti object| post string| license function| yum object| kue function| xhr object| drop function| lazy function| fiksionerRelated function| numbering1 function| numbering2 function| numbering3 function| relcontain object| _0x11c4 function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ number| first number| numpage number| last

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block