sslvpn.tsh.ssbshoes.com Open in urlscan Pro
27.124.84.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sslvpn.tsh.ssbshoes.com/
Effective URL:
https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
Submission: On July 11 via automatic, source certstream-suspicious (July 11th 2023, 4:10:47 am UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 27.124.84.18, located in Indonesia and belongs to GMDP-AS-ID PT.Global Media Data Prima, ID. The main domain is sslvpn.tsh.ssbshoes.com.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.

This is the only time sslvpn.tsh.ssbshoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
15	27.124.84.18 27.124.84.18		138089 (GMDP-AS-I...) (GMDP-AS-ID PT.Global Media Data Prima)
17	2

15 27.124.84.18 (Indonesia)

ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID)
PTR: subnet.27.124.84.18.mlink.net.id

sslvpn.tsh.ssbshoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ssbshoes.com sslvpn.tsh.ssbshoes.com	434 KB
17	1

	Domain	Requested by
15	sslvpn.tsh.ssbshoes.com	sslvpn.tsh.ssbshoes.com
17	1

This site contains no links.

Subject Issuer	Validity	Valid
tsh-fg201e.tsh.ssbshoes.com R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
Frame ID: F7F0C0F78CAD9641C65568DACBDFA386
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sslvpn.tsh.ssbshoes.com/ Page URL
https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F Page URL
https://sslvpn.tsh.ssbshoes.com/login?redir=%2F Page URL

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

434 kB
Transfer

2663 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sslvpn.tsh.ssbshoes.com/ Page URL
https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F Page URL
https://sslvpn.tsh.ssbshoes.com/login?redir=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
sslvpn.tsh.ssbshoes.com/ 3 KB
1 KB 894ms
297ms Document
text/html 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

586b3863cb972d13c3f4f7cb0b5536f3c03064e44155d668bc23100bfbfa59ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 11 Jul 2023 04:10:35 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
strict-transport-security: max-age=15552000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 401 runtime.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 0
0 298ms
297ms Script
text/plain 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/runtime.js

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sslvpn.tsh.ssbshoes.com/
Origin: https://sslvpn.tsh.ssbshoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:36 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 401 polyfills.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 0
0 299ms
299ms Script
text/plain 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/polyfills.js

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sslvpn.tsh.ssbshoes.com/
Origin: https://sslvpn.tsh.ssbshoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:36 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 401 main.js
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 0
0 300ms
299ms Script
text/plain 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/main.js

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sslvpn.tsh.ssbshoes.com/
Origin: https://sslvpn.tsh.ssbshoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:36 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 401 extend-session
sslvpn.tsh.ssbshoes.com/api/v2/monitor/web-ui/ 503 B
564 B 859ms
859ms Fetch
text/html 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/api/v2/monitor/web-ui/extend-session

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 04:10:36 GMT
content-security-policy: frame-ancestors 'self'
content-length: 503
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-type: text/html; charset=iso-8859-1

GET
H2 200 styles.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 90 KB
12 KB 299ms
299ms Stylesheet
text/css 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/styles.css

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:36 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 logout
sslvpn.tsh.ssbshoes.com/ 74 B
509 B 1244ms
1244ms Document
text/html 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sslvpn.tsh.ssbshoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 74
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 11 Jul 2023 04:10:37 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 90 KB
12 KB 676ms
676ms Stylesheet
text/css 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/styles.css

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:37 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request login Show response
sslvpn.tsh.ssbshoes.com/ 4 KB
4 KB 582ms
582ms Document
text/html 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

eab7640b4a83cef4ee930a8495ce2995820aad1d6aaa6f59f62799655a12e1be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sslvpn.tsh.ssbshoes.com/logout?redir=%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 4022
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 11 Jul 2023 04:10:38 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 90 KB
12 KB 284ms
284ms Stylesheet
text/css 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/styles.css

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

4a949b58faee4564bcf84b15aa746e4eb069dbd0f2cae8869eb041cca447702a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:38 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 legacy-main.css
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/css/ 1 MB
80 KB 285ms
284ms Stylesheet
text/css 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/css/legacy-main.css

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

300786225a02d73462c464fc088fba4afc0df3eedced5da9d609b6ca01ff6ef9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:38 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 legacy_theme_setup.js Show response
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/js/ 110 KB
18 KB 285ms
284ms Script
application/javascript 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/js/legacy_theme_setup.js

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

da027491d3ee1f189ff4c49c8ef43847fa32778016851ff04bb9c03065127487

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:38 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 forticloud-alt.svg
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ng/security-fabric/ 2 KB
1018 B 298ms
297ms Image
image/svg+xml 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ng/security-fabric/forticloud-alt.svg

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

3ad14469ca236abe702c79afc2af23bc830a4ac272f7f60c9ce6ec471d38ace1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:43 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 login.js Show response
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/js/ 13 KB
4 KB 298ms
298ms Script
application/javascript 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/js/login.js

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

a8b43becba5f8370149acbb69fce3b00305a0e67d2baf25f5f305870c2de6de4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:43 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/lang/ 1 MB
286 KB 551ms
550ms XHR
application/json 27.124.84.18
GMDP-AS-ID PT.Glo...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/lang/en.json

Requested by

Host: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.124.84.18 , Indonesia, ASN138089 (GMDP-AS-ID PT.Global Media Data Prima, ID),

Reverse DNS

subnet.27.124.84.18.mlink.net.id

Software

Resource Hash

920c86eba0d14801a9dc168d5d6accba1197b60a8c110b1a19d43d5721b272fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslvpn.tsh.ssbshoes.com/login?redir=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
strict-transport-security: max-age=15552000
date: Tue, 11 Jul 2023 04:10:43 GMT
etag: 90982f0a2c643f30fa26d47b5309db3d
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: max-age=31536000, immutable
x-xss-protection: 1; mode=block

GET ftnt-icons.woff
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/fonts/ 0
0

GET lato-regular.woff2
sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/fonts/ftnt-icons.woff

Domain: sslvpn.tsh.ssbshoes.com
URL: https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/lato-regular.woff2

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/runtime.js Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/polyfills.js Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://sslvpn.tsh.ssbshoes.com/90982f0a2c643f30fa26d47b5309db3d/main.js Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://sslvpn.tsh.ssbshoes.com/api/v2/monitor/web-ui/extend-session Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sslvpn.tsh.ssbshoes.com
sslvpn.tsh.ssbshoes.com
27.124.84.18
300786225a02d73462c464fc088fba4afc0df3eedced5da9d609b6ca01ff6ef9
3ad14469ca236abe702c79afc2af23bc830a4ac272f7f60c9ce6ec471d38ace1
4a949b58faee4564bcf84b15aa746e4eb069dbd0f2cae8869eb041cca447702a
586b3863cb972d13c3f4f7cb0b5536f3c03064e44155d668bc23100bfbfa59ad
920c86eba0d14801a9dc168d5d6accba1197b60a8c110b1a19d43d5721b272fd
a8b43becba5f8370149acbb69fce3b00305a0e67d2baf25f5f305870c2de6de4
da027491d3ee1f189ff4c49c8ef43847fa32778016851ff04bb9c03065127487
eab7640b4a83cef4ee930a8495ce2995820aad1d6aaa6f59f62799655a12e1be

sslvpn.tsh.ssbshoes.com Open in urlscan Pro 27.124.84.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

434 kBTransfer

2663 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

4 Console Messages

Security Headers

Indicators

sslvpn.tsh.ssbshoes.com Open in urlscan Pro
27.124.84.18 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

434 kB
Transfer

2663 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions