urlscan.io logo urlscan.io
SecurityTrails logo

web-uat.itrade.cgs-cimb.co.id Open in urlscan Pro
202.165.39.134  Public Scan

Go To Rescan Add Verdict Report
URL: http://web-uat.itrade.cgs-cimb.co.id/
Submission: On March 17 via manual from MY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 202.165.39.134, located in Jakarta, Indonesia and belongs to CIRCLECOM-AS-ID-AP PT. Circlecom Nusantara Indonesia, ID. The main domain is web-uat.itrade.cgs-cimb.co.id.
This is the only time web-uat.itrade.cgs-cimb.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 202.165.39.134 17538 (CIRCLECOM...)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains		 Transfer
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
95 KB
3 cgs-cimb.co.id
web-uat.itrade.cgs-cimb.co.id
63 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 13052
731 B
6 3
Domain Requested by
3 cdn.jsdelivr.net web-uat.itrade.cgs-cimb.co.id
cdn.jsdelivr.net
3 web-uat.itrade.cgs-cimb.co.id web-uat.itrade.cgs-cimb.co.id
1 cdn.rawgit.com 1 redirects
6 3

This site contains links to these domains. Also see Links.

Domain
webreport.itrade.cgs-cimb.co.id
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 1 frames:

Primary Page: http://web-uat.itrade.cgs-cimb.co.id/
Frame ID: 8623E89CBBA22ED452592E57A35E3A74
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Web Trading - Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"

Page Statistics

6
Requests

33 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

158 kB
Transfer

157 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cdn.rawgit.com/resir014/Clear-Sans-Webfont/v1.1.1/css/clear-sans.css HTTP 301
  • https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
web-uat.itrade.cgs-cimb.co.id/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://web-uat.itrade.cgs-cimb.co.id/
Protocol
HTTP/1.1
Server
202.165.39.134 Jakarta, Indonesia, ASN17538 (CIRCLECOM-AS-ID-AP PT. Circlecom Nusantara Indonesia, ID),
Reverse DNS
ip-134-39.circlecom.net.id
Software
/
Resource Hash
6323887a3714a36a94c96cdae438f1634328a30a080a4d91143dfbe358b37302
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, no-cache="Set-Cookie", max-age=0
Content-Length
8583
Content-Security-Policy
frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Mar 2024 09:43:18 GMT
Expires
Sun, 17 Mar 2024 09:43:18 GMT
Feature-Policy
geolocation 'none'
Last-Modified
Sun, 17 Mar 2024 09:43:18 GMT
Referrer-Policy
no-referrer
Server
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
*
X-ASPNETMVC-VERSION
X-AspNet-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
clear-sans.css
cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/
Redirect Chain
  • https://cdn.rawgit.com/resir014/Clear-Sans-Webfont/v1.1.1/css/clear-sans.css
  • https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
Requested by
Host: web-uat.itrade.cgs-cimb.co.id
URL: http://web-uat.itrade.cgs-cimb.co.id/
Protocol
H2
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da26fc3b00b78c58f64f182b00c5fe13e8ff809dcde235cb29bd821f46b31d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 09:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
316103
x-jsd-version
1.1.1
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220079-FRA, cache-lga21945-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"f53-ZfQwAHUYLf3RDjXrE9PgZVzYY4w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCC%2FYY51VtubT74NETZFSvUu8FgGe%2B5oP6VhdoBiUc6%2Bz9W6KHjAQKa7%2BGU6yXIuZ%2B%2B7YYIM4kKIxaDd2C4bM%2BJ%2BvYDtX64iLw9UBsh8kAZkLhiafWZJ66QRnP%2BfJLKATydrqvORwQN4p3NHbJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
865c11f5b8081e56-FRA

Redirect headers

date
Sun, 17 Mar 2024 09:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1081
age
65328
x-cache
MISS, HIT
cdn-cachedat
03/17/2024 09:48:56
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
115
x-served-by
cache-fra-eddf8230075-FRA, cache-chi-kigq8000048-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
fd3d103da8d93a4356d8b97f9c35eb59
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
301
cdn-requestpullsuccess
True
Login.Custom.css
web-uat.itrade.cgs-cimb.co.id/WebTrading.Custom/ 		580 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://web-uat.itrade.cgs-cimb.co.id/WebTrading.Custom/Login.Custom.css?v=121
Requested by
Host: web-uat.itrade.cgs-cimb.co.id
URL: http://web-uat.itrade.cgs-cimb.co.id/
Protocol
HTTP/1.1
Server
202.165.39.134 Jakarta, Indonesia, ASN17538 (CIRCLECOM-AS-ID-AP PT. Circlecom Nusantara Indonesia, ID),
Reverse DNS
ip-134-39.circlecom.net.id
Software
/
Resource Hash
d6845cde56989682bc8af0f3b22da6e2f6408ffc4fcea41a0ec9db603282e7c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Fri, 23 Feb 2024 10:10:24 GMT
Server
X-ASPNET-VERSION
ETag
"e6e332844066da1:0"
Date
Sun, 17 Mar 2024 09:43:18 GMT
Content-Type
text/css
Feature-Policy
geolocation 'none'
Accept-Ranges
bytes
X-ASPNETMVC-VERSION
Content-Length
580
X-Xss-Protection
1; mode=block
itrade.png
web-uat.itrade.cgs-cimb.co.id/assets/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://web-uat.itrade.cgs-cimb.co.id/assets/itrade.png
Requested by
Host: web-uat.itrade.cgs-cimb.co.id
URL: http://web-uat.itrade.cgs-cimb.co.id/
Protocol
HTTP/1.1
Server
202.165.39.134 Jakarta, Indonesia, ASN17538 (CIRCLECOM-AS-ID-AP PT. Circlecom Nusantara Indonesia, ID),
Reverse DNS
ip-134-39.circlecom.net.id
Software
/
Resource Hash
a9c11f0ea7dd7a0029241cf0f9caedb69323f454c02c3efa5d7652eba8c1a1de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Fri, 23 Feb 2024 09:19:43 GMT
Server
X-ASPNET-VERSION
ETag
"96647d6f3966da1:0"
Date
Sun, 17 Mar 2024 09:43:18 GMT
Content-Type
image/png
Feature-Policy
geolocation 'none'
Accept-Ranges
bytes
X-ASPNETMVC-VERSION
Content-Length
53180
X-Xss-Protection
1; mode=block
ClearSans-Regular.woff2
cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/fonts/woff2-convert/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/fonts/woff2-convert/ClearSans-Regular.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
Origin
http://web-uat.itrade.cgs-cimb.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 09:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
309713
x-jsd-version
1.1.1
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44664
x-served-by
cache-fra-eddf8230079-FRA, cache-lga21982-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"ae78-dQ4lN/o/zOn+gHju8wRHNMHS6gw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVx1QF9Xlw%2FAuERmbc4rcDm5YYanqBBpSqlKSaWqBnH0dWO4QYV0%2FV3ieMSjFlwXvd4VaiOlv9PmgPj7wcya03nmKI9oFYVLBQgT2ZFyG4Fe8sxeqKDPjk5oXJVzBPwqlc9ZcMNxqZKtStTS8Jo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
865c11f6285e975f-FRA
ClearSans-Medium.woff2
cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/fonts/woff2-convert/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/fonts/woff2-convert/ClearSans-Medium.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a44d65de0fa865598d717bd575fb2eda490ed79d908a45e0677c2401c05f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/resir014/Clear-Sans-Webfont@v1.1.1/css/clear-sans.css
Origin
http://web-uat.itrade.cgs-cimb.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 09:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
309713
x-jsd-version
1.1.1
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
49708
x-served-by
cache-fra-eddf8230076-FRA, cache-lga21961-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"c22c-0DywoECkmi9DXKoNsLoRBfN/+xs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GavckRw4tSv48Gn%2B8f4bdVE9gpisR31c6F0qpzqi0%2FMCi8TQ3iEuBHZyp3QOF60%2FYEBuExdqZq%2BHL%2BG5a9S4%2B6BnwHD9WX%2Fvh017SrNQblXIr7wdNKpT3etDDJ3OlfnF%2FRl7jnmIdWsovBrM3cY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
865c11f62863975f-FRA

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| isInvisible function| onUserFormKeyDown function| onPasswordFormKeyDown string| tsCodePublic

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' default-src: https: data: unsafe-inline unsafe-eval
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block