va7sw1xodm637f6a9351437.rihann.ru Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Effective URL:
https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a...
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2023, 7:44:55 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 6 domains to perform 30 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is va7sw1xodm637f6a9351437.rihann.ru.
TLS certificate: Issued by E1 on January 26th 2023. Valid for: 3 months.

This is the only time va7sw1xodm637f6a9351437.rihann.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 26	52.231.37.35 52.231.37.35	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	103.216.188.226 103.216.188.226	141107 (IDNIC-LIN...) (IDNIC-LINKGO-AS-ID PT Linkgo Metro Teknologi)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	5

26 52.231.37.35 (Seoul, Korea, Republic Of) 5 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gw.sbckcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.216.188.226 (Indonesia) 1 redirects

ASN141107 (IDNIC-LINKGO-AS-ID PT Linkgo Metro Teknologi, ID)
PTR: morgan.idserverhost.com

96784.pn-bobong.go.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

va7sw1xodm637f6a9351437.rihann.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	sbckcloud.com 5 redirects gw.sbckcloud.com	715 KB
5	rihann.ru va7sw1xodm637f6a9351437.rihann.ru	18 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
1	pn-bobong.go.id 1 redirects 96784.pn-bobong.go.id	460 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	44 KB
30	6

	Domain	Requested by
26	gw.sbckcloud.com	5 redirects gw.sbckcloud.com
5	va7sw1xodm637f6a9351437.rihann.ru	gw.sbckcloud.com va7sw1xodm637f6a9351437.rihann.ru
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	96784.pn-bobong.go.id	1 redirects
1	fonts.googleapis.com	gw.sbckcloud.com
1	www.googletagmanager.com	gw.sbckcloud.com
30	6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
*.sbckcloud.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-21` - `2023-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.rihann.ru E1	`2023-01-26` - `2023-04-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1
Frame ID: 23D0A15E73BF01E718B68EFB5327C78A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcW... Page URL
http://96784.pn-bobong.go.id/ZXphenJAbWFzaHJlcWJhbmsuY29t HTTP 302
https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b6... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

83 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

5
Countries

798 kB
Transfer

1265 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t Page URL
http://96784.pn-bobong.go.id/ZXphenJAbWFzaHJlcWJhbmsuY29t HTTP 302
https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://gw.sbckcloud.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZNDrBqDqy4u5op22g0gGjGC3ZP5ptFhC_Q4DApJnLi_WyHlBZWSzfR6fdzv9hNRZFg2&t=637814977746327080 HTTP 302
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FWebResource.axd%3Fd%3DpynGkmcFUV13He1Qd6_TZNDrBqDqy4u5op22g0gGjGC3ZP5ptFhC_Q4DApJnLi_WyHlBZWSzfR6fdzv9hNRZFg2%26t%3D637814977746327080

Request Chain 16

https://gw.sbckcloud.com/ableinfoAjax/EmbeddedResource/ajaxMethod.min.ashx HTTP 302
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FEmbeddedResource%2FajaxMethod.min.ashx

Request Chain 17

https://gw.sbckcloud.com/ableinfoAjax/LCID/1042.ashx HTTP 302
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FLCID%2F1042.ashx

Request Chain 18

https://gw.sbckcloud.com/ableinfoAjax/AjaxHandler/BC.Ajax.Approval,%20ZWF.Communication,%20Version=1.0.0.0,%20Culture=neutral,%20PublicKeyToken=null.ashx HTTP 302
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.Approval%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKeyToken%3Dnull.ashx

Request Chain 19

https://gw.sbckcloud.com/ableinfoAjax/AjaxHandler/BC.Ajax.User,%20ZWF.Communication,%20Version=1.0.0.0,%20Culture=neutral,%20PublicKeyToken=null.ashx HTTP 302
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.User%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKeyToken%3Dnull.ashx

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 AppSelector.aspx Show response
gw.sbckcloud.com/ 8 KB
9 KB 840ms
263ms Document
text/html 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6bc3fbf48548c53b54d70d5f9e416c2fdb546eea54baad15b979e11a55a29ed3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 8621
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 19:44:39 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319

GET
H2 200 jquery-3.1.1.min.js Show response
gw.sbckcloud.com/Scripts/ 85 KB
85 KB 262ms
262ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Scripts/jquery-3.1.1.min.js
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Tue, 26 Sep 2017 08:17:56 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "a49944f59f36d31:0"
content-length: 86709
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
gw.sbckcloud.com/Scripts/ 36 KB
36 KB 778ms
778ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Scripts/bootstrap.min.js
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Tue, 26 Sep 2017 08:17:55 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "24157ff49f36d31:0"
content-length: 37045
content-type: application/javascript

GET
H2 200 respond.min.js Show response
gw.sbckcloud.com/Scripts/ 4 KB
4 KB 1036ms
1036ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Scripts/respond.min.js
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Tue, 26 Sep 2017 08:17:57 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "793d93f59f36d31:0"
content-length: 4377
content-type: application/javascript

GET
H2 200 MicrosoftTeams.min.js Show response
gw.sbckcloud.com/Scripts/ 31 KB
31 KB 1036ms
1036ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Scripts/MicrosoftTeams.min.js
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 29b4b086d9a290e2358b52af7d2198122eb9b4660f6114bd076348cc35c5af5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Wed, 09 Sep 2020 08:02:39 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "f2be79967f86d61:0"
content-length: 31840
content-type: application/javascript

GET
H2 200 bootstrap.min.css
gw.sbckcloud.com/Content/ 118 KB
119 KB 1036ms
1036ms Stylesheet
text/css 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Content/bootstrap.min.css
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Tue, 26 Sep 2017 08:17:51 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "60e93cf29f36d31:0"
content-length: 121200
content-type: text/css

GET
H2 200 font-awesome.min.css
gw.sbckcloud.com/css/ 30 KB
30 KB 1291ms
1290ms Stylesheet
text/css 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/css/font-awesome.min.css
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Fri, 21 Jun 2019 05:01:43 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "e21b246bee27d51:0"
content-length: 31000
content-type: text/css

GET
H2 200 AdminLTE.min.css
gw.sbckcloud.com/admin-lte/css/ 88 KB
88 KB 1293ms
1293ms Stylesheet
text/css 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/admin-lte/css/AdminLTE.min.css
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e5a350616711e5a31886f9655335844ccba367dd5f82c95d632c76760e85316

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Tue, 26 Sep 2017 08:17:57 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "da48b6f59f36d31:0"
content-length: 90255
content-type: text/css

GET
H2 200 skin-black-light.css
gw.sbckcloud.com/admin-lte/css/skins/ 5 KB
5 KB 1293ms
1293ms Stylesheet
text/css 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/admin-lte/css/skins/skin-black-light.css
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2649413e41293a02f93f5695895ed2464f2ee3e972cfe1f424a87de2247e9f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Wed, 11 Oct 2017 04:45:29 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "937d9ec34b42d31:0"
content-length: 5226
content-type: text/css

GET
H2 200 app.js Show response
gw.sbckcloud.com/admin-lte/js/ 25 KB
25 KB 1293ms
1293ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/admin-lte/js/app.js?v=62
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e68b84af8e851099600e225adda5865492d75612e3e9acee5d3916d4aa0567f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Fri, 26 Apr 2019 07:42:56 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "5ffec3a93fcd41:0"
content-length: 25753
content-type: application/javascript

GET
H2 200 Groupware.js Show response
gw.sbckcloud.com/Scripts/ 21 KB
21 KB 1293ms
1293ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Scripts/Groupware.js?v=62
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c5bd784ca1658b85647965b9d6166fd3d102e145a3f96ea86b2b63db51dadbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Thu, 08 Aug 2019 01:51:57 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "761d9bdc8b4dd51:0"
content-length: 21335
content-type: application/javascript

GET
H2 200 BC.js Show response
gw.sbckcloud.com/Ableinfo/Layouts/Js/ 67 KB
67 KB 1546ms
1546ms Script
application/javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Ableinfo/Layouts/Js/BC.js?v=62
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d35022b73e3b3a1d6690d086e895d77ee7ea5447a9588976d362bf59786a60e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Fri, 17 Feb 2023 03:22:09 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "fe89d747f42d91:0"
content-length: 68886
content-type: application/javascript

GET
H2 200 CustomAdminLTE.css
gw.sbckcloud.com/Ableinfo/Layouts/Css/ 96 KB
96 KB 1547ms
1547ms Stylesheet
text/css 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Ableinfo/Layouts/Css/CustomAdminLTE.css?v=62
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6181bc3749b55f042db574e465d6208f804bf3f02d04d2dc04c0ab1a398b8281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Fri, 17 Feb 2023 07:01:31 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "bf953eaa9d42d91:0"
content-length: 98489
content-type: text/css

GET
H2 200 BizPlayTemplate.css
gw.sbckcloud.com/Ableinfo/Layouts/Css/ 2 KB
2 KB 1547ms
1546ms Stylesheet
text/css 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Ableinfo/Layouts/Css/BizPlayTemplate.css?v=62
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5acf6655734cc2c87fd06328e2d0c58f5cc72076c1f14bab96a5fc71b9d7242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
last-modified: Thu, 05 Aug 2021 09:44:41 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "c8636483de89d71:0"
content-length: 1829
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72064064-7

Requested by

Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6dc75f3812c5972aaaa485d02b43c61dc562af38fd9872e693d0438a23f1b408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44525
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 19:44:41 GMT

GET
H2

200

LoginSelector.aspx Show response
gw.sbckcloud.com/Account/
Redirect Chain

https://gw.sbckcloud.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZNDrBqDqy4u5op22g0gGjGC3ZP5ptFhC_Q4DApJnLi_WyHlBZWSzfR6fdzv9hNRZFg2&t=637814977746327080
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FWebResource.axd%3Fd%3DpynGkmcFUV13He1Qd6_TZNDrBqDqy4u5op22g0gGjGC3ZP5ptFhC_Q4DApJnLi_WyHlBZWSzfR6fdzv9hNRZFg2%26t%3D637814977746327080

7 KB
7 KB

265ms
260ms

Script
text/html

52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FWebResource.axd%3Fd%3DpynGkmcFUV13He1Qd6_TZNDrBqDqy4u5op22g0gGjGC3ZP5ptFhC_Q4DApJnLi_WyHlBZWSzfR6fdzv9hNRZFg2%26t%3D637814977746327080
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 13a2d36953bf2a7b8b113cca7e4a717da41533f5b308ec26cce56fcd3925247a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:41 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 6883
content-type: text/html; charset=utf-8

Redirect headers

location: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FWebResource.axd%3Fd%3DpynGkmcFUV13He1Qd6_TZNDrBqDqy4u5op22g0gGjGC3ZP5ptFhC_Q4DApJnLi_WyHlBZWSzfR6fdzv9hNRZFg2%26t%3D637814977746327080
date: Fri, 24 Feb 2023 19:44:39 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 2269
content-type: text/html; charset=utf-8

GET
H2

200

LoginSelector.aspx Show response
gw.sbckcloud.com/Account/
Redirect Chain

https://gw.sbckcloud.com/ableinfoAjax/EmbeddedResource/ajaxMethod.min.ashx
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FEmbeddedResource%2FajaxMethod.min.ashx

7 KB
7 KB

268ms
263ms

Script
text/html

52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FEmbeddedResource%2FajaxMethod.min.ashx
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d0311c21072a7ace2fbbad6fa48caa53c7e928ae1359e65c2e0ba5d3af723320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:41 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 6721
content-type: text/html; charset=utf-8

Redirect headers

location: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FEmbeddedResource%2FajaxMethod.min.ashx
date: Fri, 24 Feb 2023 19:44:39 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 2269
content-type: text/html; charset=utf-8

GET
H2

200

LoginSelector.aspx Show response
gw.sbckcloud.com/Account/
Redirect Chain

https://gw.sbckcloud.com/ableinfoAjax/LCID/1042.ashx
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FLCID%2F1042.ashx

7 KB
7 KB

266ms
262ms

Script
text/html

52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FLCID%2F1042.ashx
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2c9b741c9dada71b7d04bc6310c63c04087cc491205cd3da0e81aa0572365db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:41 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 6677
content-type: text/html; charset=utf-8

Redirect headers

location: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FLCID%2F1042.ashx
date: Fri, 24 Feb 2023 19:44:39 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 2269
content-type: text/html; charset=utf-8

GET
H2

200

LoginSelector.aspx Show response
gw.sbckcloud.com/Account/
Redirect Chain

https://gw.sbckcloud.com/ableinfoAjax/AjaxHandler/BC.Ajax.Approval,%20ZWF.Communication,%20Version=1.0.0.0,%20Culture=neutral,%20PublicKeyToken=null.ashx
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.Approval%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520Publ...

7 KB
7 KB

266ms
261ms

Script
text/html

52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.Approval%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKeyToken%3Dnull.ashx
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5f96088f63798fe2d443704cebbfd9031296307c54906070eef9cd7daefa2dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:41 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 6923
content-type: text/html; charset=utf-8

Redirect headers

location: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.Approval%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKeyToken%3Dnull.ashx
date: Fri, 24 Feb 2023 19:44:39 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 2269
content-type: text/html; charset=utf-8

GET
H2

200

LoginSelector.aspx Show response
gw.sbckcloud.com/Account/
Redirect Chain

https://gw.sbckcloud.com/ableinfoAjax/AjaxHandler/BC.Ajax.User,%20ZWF.Communication,%20Version=1.0.0.0,%20Culture=neutral,%20PublicKeyToken=null.ashx
https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.User%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKe...

7 KB
7 KB

268ms
264ms

Script
text/html

52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.User%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKeyToken%3Dnull.ashx
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 078e5fe3f224404192036746969988466566007143ba876a48b114df6ea602ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:41 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 6915
content-type: text/html; charset=utf-8

Redirect headers

location: https://gw.sbckcloud.com/Account/LoginSelector.aspx?ReturnUrl=%2FableinfoAjax%2FAjaxHandler%2FBC.Ajax.User%2C%2520ZWF.Communication%2C%2520Version%3D1.0.0.0%2C%2520Culture%3Dneutral%2C%2520PublicKeyToken%3Dnull.ashx
date: Fri, 24 Feb 2023 19:44:39 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 2269
content-type: text/html; charset=utf-8

GET
H2 200 ScriptResource.axd Show response
gw.sbckcloud.com/ 312 KB
47 KB 1544ms
1544ms Script
application/x-javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQgXZNKNGbvFRyHwogldHMX0lUG13Avwz5-N3rYaItUhuEz6iUzRhROblWuQFr5J6smyqMl7BWQsFX3PUfVM5wS5vtQ0Q0pikBlJnTEqUrbiw4uiNq1sO8drQkexGDSgw8znM4pHdbE7EGJMXTOLSwyE1&t=49337fe8
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2a45bedfe38e564d998ad7e3a8b57edec612b199bfc15d945c16c9bc55c5285e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:20:52 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: application/x-javascript
cache-control: public
content-length: 47752
expires: Sat, 24 Feb 2024 19:20:52 GMT

GET
H2 200 ScriptResource.axd Show response
gw.sbckcloud.com/ 99 KB
15 KB 1546ms
1546ms Script
application/x-javascript 52.231.37.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.sbckcloud.com/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tU3kiNZ8v2Qefi0nB7YvtgwQdmZrElFwla2ZWYczuNvsv2UfOE4grV8zV49uSBv4uILJvXLJpGVCAwzOiSUtmWUP19v8iFDG3TbTdhgh9UzOmd3t2NvPxZC1iEba17RIRIRvOf2I8Dp8gm4CBTw1_AYYM00qv8IIp14aahJdQ4Wf0&t=49337fe8
Requested by: Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.231.37.35 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 071a86f3d83ec0bcdb644b921908674c054b40bc63ac0fd4e9877bea89e08d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:39 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:20:52 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: application/x-javascript
cache-control: public
content-length: 15431
expires: Sat, 24 Feb 2024 19:20:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 201ms
75ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

Requested by

Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/admin-lte/css/AdminLTE.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b178280c0ae3bcd7e86e70ca283f1abfea6206506347cfe0c4f6c95540633d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 19:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:45:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 19:44:40 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72064064-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gw.sbckcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 18:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 20:14:50 GMT

GET
H2

403

Primary Request MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1 Show response
va7sw1xodm637f6a9351437.rihann.ru/
Redirect Chain

http://96784.pn-bobong.go.id/ZXphenJAbWFzaHJlcWJhbmsuY29t
https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1

9 KB
6 KB

194ms
57ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1

Requested by

Host: gw.sbckcloud.com
URL: https://gw.sbckcloud.com/Ableinfo/Layouts/Js/BC.js?v=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c87b043e1934a01b389f0dfb25f85a6343c860566ff918eef25ff0056a5cf71d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gw.sbckcloud.com/AppSelector.aspx?url=http%3A%2F%2F96784.pn-bobong.go.id%2FZXphenJAbWFzaHJlcWJhbmsuY29t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 79eab2a1fb4991f0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 19:44:46 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hd%2FeB2nkficq1pkC55nNfOPIoItfweRMP1nmyjQsWghD2q6Gr%2F5zm%2BDiTdKMzrCh2HDIOofUCjnXrM%2FNg08U87MuOKGGMuFXLufvqISqyJihYKhT0RwyRevhghxma5ZwgY0gjSEPw1VjFtJdJ65xLCc2BJknKLdGJtrD3gdQcnM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 19:44:45 GMT
location: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1
server: LiteSpeed
vary: Accept-Encoding

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
207 B 47ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1937646868&t=pageview&_s=1&dl=https%3A%2F%2Fgw.sbckcloud.com%2FAppSelector.aspx%3Furl%3Dhttp%253A%252F%252F96784.pn-bobong.go.id%252FZXphenJAbWFzaHJlcWJhbmsuY29t&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=832923610&gjid=79692428&cid=1519987617.1677267881&tid=UA-72064064-7&_gid=597842293.1677267881&_r=1&gtm=457e32m0&z=102245315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gw.sbckcloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:44:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gw.sbckcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 challenges.css
va7sw1xodm637f6a9351437.rihann.ru/cdn-cgi/styles/ 6 KB
3 KB 44ms
43ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va7sw1xodm637f6a9351437.rihann.ru/cdn-cgi/styles/challenges.css

Requested by

Host: va7sw1xodm637f6a9351437.rihann.ru
URL: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 10:50:41 GMT
server: cloudflare
etag: W/"63f5f381-182e"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 79eab2a26c0e91f0-FRA
expires: Fri, 24 Feb 2023 21:44:46 GMT

GET
H2 403 favicon.ico
va7sw1xodm637f6a9351437.rihann.ru/ 8 KB
8 KB 92ms
91ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://va7sw1xodm637f6a9351437.rihann.ru/favicon.ico

Requested by

Host: va7sw1xodm637f6a9351437.rihann.ru
URL: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e387ec77c682ad97614cea887e2b35b99f077ac336090f6d0880c60dc55cacb3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:46 GMT
content-encoding: br
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rox0mNJyClm8DcyHR5nD6mac0Bs06s9xK4WyIVjnC%2BdyCVRQkA%2Fkizo9%2BxoGW17d684q26d5nKm4Vt0QJuA4kVdgDWO8G7G2BJaaXtyFJU%2FQR6butFWLJGwS%2BbCgyVSZiAMM2E55KvzL8mw0phbwMegDrXqUIaaouFxRJryvR3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 79eab2a26c1191f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 v1 Show response
va7sw1xodm637f6a9351437.rihann.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 5 KB
2 KB 47ms
46ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va7sw1xodm637f6a9351437.rihann.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=79eab2a1fb4991f0

Requested by

Host: va7sw1xodm637f6a9351437.rihann.ru
URL: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

986a0acfad1a705c4659931bbf5cb01f51ceab4729d924f4fc8e741cc00678f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1?__cf_chl_rt_tk=JljxI8NwLg5i17p4lChqbn8mYVfjzEgEAAOWH8j8SeY-1677267886-0-gaNycGzNCvs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:46 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txcyM9XJLU7roCgl%2B30tk8yyULNLaqVAtqWwKjocdcESKebXYnvdN1Mw1%2F2XBnoz8bOXeTc2M2HJsWxJCbK%2FZjPQWTvnhsL6Hf9XQqF5Zgvjr9vIPGgAt0b2LHy67y05Drd%2FdM7jRl29kH9je5Fku%2B6sYGWZqe5DuM81GW4JqTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 79eab2a2acb391f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
va7sw1xodm637f6a9351437.rihann.ru/cdn-cgi/images/trace/managed/js/ 42 B
129 B 45ms
45ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://va7sw1xodm637f6a9351437.rihann.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=79eab2a1fb4991f0

Requested by

Host: va7sw1xodm637f6a9351437.rihann.ru
URL: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1?__cf_chl_rt_tk=JljxI8NwLg5i17p4lChqbn8mYVfjzEgEAAOWH8j8SeY-1677267886-0-gaNycGzNCvs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1?__cf_chl_rt_tk=JljxI8NwLg5i17p4lChqbn8mYVfjzEgEAAOWH8j8SeY-1677267886-0-gaNycGzNCvs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:44:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 10:50:41 GMT
server: cloudflare
etag: "63f5f381-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 79eab2a2acb491f0-FRA
content-length: 42
expires: Fri, 24 Feb 2023 21:44:46 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _cf_chl_opt

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sbckcloud.com/	1970-01-20 19:30:27	Name: _ga Value: GA1.2.1519987617.1677267881
.sbckcloud.com/	1970-01-20 09:55:54	Name: _gid Value: GA1.2.597842293.1677267881
.sbckcloud.com/	1970-01-20 09:54:27	Name: _gat_gtag_UA_72064064_7 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://va7sw1xodm637f6a9351437.rihann.ru/MZXphenJAbWFzaHJlcWJhbmsuY29t&session=6244b69bc5b28d8b3fb4bf027a862ba16244b69bc5b28d8b3fb4bf027a862ba1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://va7sw1xodm637f6a9351437.rihann.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

96784.pn-bobong.go.id
fonts.googleapis.com
gw.sbckcloud.com
va7sw1xodm637f6a9351437.rihann.ru
www.google-analytics.com
www.googletagmanager.com
103.216.188.226
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:400d:808::200a
2a06:98c1:3120::3
52.231.37.35
071a86f3d83ec0bcdb644b921908674c054b40bc63ac0fd4e9877bea89e08d05
078e5fe3f224404192036746969988466566007143ba876a48b114df6ea602ab
13a2d36953bf2a7b8b113cca7e4a717da41533f5b308ec26cce56fcd3925247a
2649413e41293a02f93f5695895ed2464f2ee3e972cfe1f424a87de2247e9f3e
29b4b086d9a290e2358b52af7d2198122eb9b4660f6114bd076348cc35c5af5a
2a45bedfe38e564d998ad7e3a8b57edec612b199bfc15d945c16c9bc55c5285e
2c9b741c9dada71b7d04bc6310c63c04087cc491205cd3da0e81aa0572365db6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5acf6655734cc2c87fd06328e2d0c58f5cc72076c1f14bab96a5fc71b9d7242a
5f96088f63798fe2d443704cebbfd9031296307c54906070eef9cd7daefa2dc6
6181bc3749b55f042db574e465d6208f804bf3f02d04d2dc04c0ab1a398b8281
6bc3fbf48548c53b54d70d5f9e416c2fdb546eea54baad15b979e11a55a29ed3
6dc75f3812c5972aaaa485d02b43c61dc562af38fd9872e693d0438a23f1b408
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e5a350616711e5a31886f9655335844ccba367dd5f82c95d632c76760e85316
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
986a0acfad1a705c4659931bbf5cb01f51ceab4729d924f4fc8e741cc00678f2
b178280c0ae3bcd7e86e70ca283f1abfea6206506347cfe0c4f6c95540633d33
c5bd784ca1658b85647965b9d6166fd3d102e145a3f96ea86b2b63db51dadbe9
c87b043e1934a01b389f0dfb25f85a6343c860566ff918eef25ff0056a5cf71d
d0311c21072a7ace2fbbad6fa48caa53c7e928ae1359e65c2e0ba5d3af723320
d35022b73e3b3a1d6690d086e895d77ee7ea5447a9588976d362bf59786a60e9
e387ec77c682ad97614cea887e2b35b99f077ac336090f6d0880c60dc55cacb3
e68b84af8e851099600e225adda5865492d75612e3e9acee5d3916d4aa0567f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb5bcc25efa09532fbbf93e67a4bd0f74016ad3cfe118a2fbc94296adf875b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

va7sw1xodm637f6a9351437.rihann.ru Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

83 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

5 Countries

798 kBTransfer

1265 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

va7sw1xodm637f6a9351437.rihann.ru Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

83 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

5
Countries

798 kB
Transfer

1265 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions