URL: https://app1.balatif.co.id/
Submission Tags: @phishunt_io
Submission: On June 03 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2001:df0:2fc:99::56, located in Indonesia and belongs to QWORDS-AS-ID PT Qwords Company International, ID. The main domain is app1.balatif.co.id.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.
This is the only time app1.balatif.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2001:df0:2fc:... 58404 (QWORDS-AS...)
1 185.177.92.30 39572 (ADVANCEDH...)
7 3
Apex Domain
Subdomains
Transfer
5 balatif.co.id
app1.balatif.co.id
108 KB
1 go6s.biz
go6s.biz
19 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
7 3
Domain Requested by
5 app1.balatif.co.id app1.balatif.co.id
1 go6s.biz app1.balatif.co.id
0 fonts.googleapis.com Failed app1.balatif.co.id
7 3

This site contains no links.

Subject Issuer Validity Valid
www.fitalab.balatif.co.id
R3
2023-06-03 -
2023-09-01
3 months crt.sh
go1s.biz
R3
2023-06-01 -
2023-08-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.balatif.co.id/
Frame ID: B67F85C2587CE1599A637416067F424C
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Balatif || Enriching Life

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

86 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

127 kB
Transfer

200 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app1.balatif.co.id/
5 KB
2 KB
Document
General
Full URL
https://app1.balatif.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:2fc:99::56 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS
Software
Apache /
Resource Hash
7ae2c3cdc97ffe498ee87f13431686f31d02425e168de4b0bc0630775d3d891d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1814
content-type
text/html
date
Sat, 03 Jun 2023 10:17:39 GMT
last-modified
Fri, 10 Dec 2021 13:04:06 GMT
server
Apache
vary
Accept-Encoding,User-Agent
style.css
app1.balatif.co.id/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://app1.balatif.co.id/css/style.css
Requested by
Host: app1.balatif.co.id
URL: https://app1.balatif.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:2fc:99::56 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS
Software
Apache /
Resource Hash
95606c802354ca857d7407fd476caa50552b64cbb120b7b393e3ded0724c1f34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.balatif.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 10:17:39 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2013 07:42:44 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
2613
expires
Sat, 10 Jun 2023 10:17:39 GMT
jquery.min.js
app1.balatif.co.id/js/
93 KB
33 KB
Script
General
Full URL
https://app1.balatif.co.id/js/jquery.min.js
Requested by
Host: app1.balatif.co.id
URL: https://app1.balatif.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:2fc:99::56 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS
Software
Apache /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.balatif.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 10:17:39 GMT
content-encoding
gzip
last-modified
Sat, 08 Jun 2013 05:01:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
33622
expires
Sat, 10 Jun 2023 10:17:39 GMT
/
go6s.biz/
19 KB
19 KB
Script
General
Full URL
https://go6s.biz/?te=g44doobvmy5ha3ddf43dcmzx
Requested by
Host: app1.balatif.co.id
URL: https://app1.balatif.co.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-30.ah-server.com
Software
nginx /
Resource Hash
65d664f0e8eb39494d52e6cafa7365970e2c901e0f89956e0aad7d62d5ed6e57
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.balatif.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 03 Jun 2023 10:17:41 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
banner.png
app1.balatif.co.id/images/
66 KB
66 KB
Image
General
Full URL
https://app1.balatif.co.id/images/banner.png
Requested by
Host: app1.balatif.co.id
URL: https://app1.balatif.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:2fc:99::56 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS
Software
Apache /
Resource Hash
72e20f32fa4ec0555415a3f2e1a902a07645870672c2119c8a092a02a8b11d24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.balatif.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 10:17:40 GMT
last-modified
Thu, 27 Jun 2013 05:33:08 GMT
server
Apache
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
67450
expires
Sat, 10 Jun 2023 10:17:40 GMT
css
fonts.googleapis.com/
0
0

bg.png
app1.balatif.co.id/images/
4 KB
4 KB
Image
General
Full URL
https://app1.balatif.co.id/images/bg.png
Requested by
Host: app1.balatif.co.id
URL: https://app1.balatif.co.id/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:df0:2fc:99::56 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID),
Reverse DNS
Software
Apache /
Resource Hash
3356ad3a19736482cd9f7082b3afafbd4ed177093e0120c9b93e20cbdb890eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.balatif.co.id/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 10:17:40 GMT
last-modified
Sat, 08 Jun 2013 07:23:12 GMT
server
Apache
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
4465
expires
Sat, 10 Jun 2023 10:17:40 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Audiowide

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| jspopunder function| js_popundersetCookie function| js_popundergetCookie number| $js_popunderGlobalClick object| Sk

1 Cookies

Domain/Path Name / Value
.go6s.biz/ Name: uuid
Value: 181dc204-7383-4635-8168-fee04353278c

2 Console Messages

Source Level URL
Text
security error URL: https://app1.balatif.co.id/(Line 13)
Message:
Mixed Content: The page at 'https://app1.balatif.co.id/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Audiowide'. This request has been blocked; the content must be served over HTTPS.
network error
Message:
A bad HTTP response code (500) was received when fetching the script.