www.pmu.survey.pindadmedika.com Open in urlscan Pro
156.67.213.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.pmu.survey.pindadmedika.com/
Effective URL:
https://www.pmu.survey.pindadmedika.com/login
Submission: On April 29 via api (April 29th 2024, 7:43:39 am UTC) from US — Scanned from SG

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 156.67.213.157, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is www.pmu.survey.pindadmedika.com.
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.

This is the only time www.pmu.survey.pindadmedika.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	156.67.213.157 156.67.213.157	47583 (AS-HOSTINGER) (AS-HOSTINGER)
4	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.54.170.150 103.54.170.150	136052 (IDNIC-IDC...) (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia)
4	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	5

4 156.67.213.157 (Singapore, Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)
PTR: srv49.niagahoster.com

www.pmu.survey.pindadmedika.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.54.170.150 (Indonesia)

ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID)
PTR: ip103-54-170-150.cloudhost.web.id

psurvey.pindadmedika.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1791 ka-f.fontawesome.com — Cisco Umbrella Rank: 4267	35 KB
5	pindadmedika.com 1 redirects www.pmu.survey.pindadmedika.com psurvey.pindadmedika.com	120 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	81 KB
13	3

	Domain	Requested by
4	ka-f.fontawesome.com	kit.fontawesome.com
4	cdn.jsdelivr.net	www.pmu.survey.pindadmedika.com
4	www.pmu.survey.pindadmedika.com	1 redirects www.pmu.survey.pindadmedika.com
1	psurvey.pindadmedika.com	www.pmu.survey.pindadmedika.com
1	kit.fontawesome.com	www.pmu.survey.pindadmedika.com
13	5

This site contains no links.

Subject Issuer	Validity	Valid
pmu.survey.pindadmedika.com R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
psurvey.pindadmedika.com R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.pmu.survey.pindadmedika.com/login
Frame ID: C6CA9745D181D12A65C6068FC832C4C6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Masuk

Page URL History Show full URLs

https://www.pmu.survey.pindadmedika.com/ HTTP 302
https://www.pmu.survey.pindadmedika.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

235 kB
Transfer

879 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.pmu.survey.pindadmedika.com/ HTTP 302
https://www.pmu.survey.pindadmedika.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.pmu.survey.pindadmedika.com/
Redirect Chain

https://www.pmu.survey.pindadmedika.com/
https://www.pmu.survey.pindadmedika.com/login

20 KB
8 KB

558ms
557ms

Document
text/html

156.67.213.157
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pmu.survey.pindadmedika.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.67.213.157 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv49.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

ccee80645f81d110229b9af2c5cbbcd86e09cbf57e531d93faead7bdb10a55b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-encoding: br
content-length: 7509
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 07:43:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
content-length: 228
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 07:43:33 GMT
location: https://www.pmu.survey.pindadmedika.com/login
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
35 KB 378ms
25ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Origin: https://www.pmu.survey.pindadmedika.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 07:43:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 857035
x-jsd-version: 5.3.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34908
x-served-by: cache-fra-eddf8230118-FRA, cache-qpg120104-QPG
x-jsd-version-type: version
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/ 20 KB
8 KB 378ms
26ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.js

Requested by

Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Origin: https://www.pmu.survey.pindadmedika.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 07:43:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4167711
x-jsd-version: 2.11.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7651
x-served-by: cache-fra-eddf8230047-FRA, cache-qpg120104-QPG
x-jsd-version-type: version
etag: W/"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/ 59 KB
17 KB 378ms
27ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.min.js

Requested by

Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de040986d9a3ed89d5d5f9ad6d5727015e9e238c2cd13af8f1b55909386d0864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Origin: https://www.pmu.survey.pindadmedika.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 07:43:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2021840
x-jsd-version: 5.3.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17737
x-served-by: cache-fra-etou8220156-FRA, cache-qpg120104-QPG
x-jsd-version-type: version
etag: W/"ecdb-LGwKWDRaCdN2EjCvgjpOSFKxJkM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 286e1d7d30.js Show response
kit.fontawesome.com/ 12 KB
5 KB 650ms
295ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/286e1d7d30.js
Requested by: Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94870ad8fe62c67e9d53e754a6e1d96456733927d9ebeb1d3ed76fb11e38fa4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Origin: https://www.pmu.survey.pindadmedika.com
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:34 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 87bda96efff46003-SIN
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8qwcpgCw87CieaM4LnB

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 74 KB
21 KB 371ms
20ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 07:43:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8210
x-jsd-version: 11.10.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21319
x-served-by: cache-fra-eddf8230029-FRA, cache-qpg1222-QPG
x-jsd-version-type: version
etag: W/"129b5-XGZJUMaOVjBYPbRYOQFSrQ4cZNk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK image
psurvey.pindadmedika.com/_next/ 12 KB
12 KB 1505ms
335ms Image
image/webp 103.54.170.150
IDNIC-IDCLOUDHOST...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://psurvey.pindadmedika.com/_next/image?url=%2Frsu-pindad.png&w=384&q=75

Requested by

Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.54.170.150 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID),

Reverse DNS

ip103-54-170-150.cloudhost.web.id

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d63434b6239f8d695c25e2c115853779afe63774ef72baf860923092333f3796

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 07:43:35 GMT
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
Server: nginx/1.18.0 (Ubuntu)
ETag: 1jQ0tiOfjWlcJeLBFYU3ea-mN3Tvcrr4YJIwkjM-N5Y=
Vary: Accept
Content-Type: image/webp
X-Nextjs-Cache: STALE
Cache-Control: public, max-age=60, must-revalidate
Content-Disposition: inline; filename="rsu-pindad.webp"
Connection: keep-alive
Content-Length: 11912

GET
H3 200 livewire.js Show response
www.pmu.survey.pindadmedika.com/livewire/ 325 KB
99 KB 252ms
251ms Script
application/javascript 156.67.213.157
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pmu.survey.pindadmedika.com/livewire/livewire.js?id=239a5c52

Requested by

Host: www.pmu.survey.pindadmedika.com
URL: https://www.pmu.survey.pindadmedika.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.213.157 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv49.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

00ff2736f6f603ad2e6e0818ac43d6469a18844dd19c887bb9c9c6697f618fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/login
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 02 Apr 2024 14:22:50 GMT
server: LiteSpeed
x-powered-by: Niagahoster
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-xss-protection: 1; mode=block
expires: Tue, 29 Apr 2025 07:43:34 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 101 KB
23 KB 436ms
50ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=286e1d7d30
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/286e1d7d30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:34 GMT
via: 1.1 8f2a5dcba4af73563588816a8f361736.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Repo2y6PZkC4DEYy2LD%2FdQ9wyhLE4dSfTq6gowBr2XUTgsnnSJHx6eZqdqVdChXzXD0k2MdMp2COZ45g%2FzpKKp4vku3g4N0ZrvIpeDIbWo4i6Z%2FMUNC1w3QeghYRhrOJIj3XtWk18Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87bda9735aeb9c5f-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: dicaZE2gX1xeXqTxAPz2h8_pT3UP6JQTcnX8iI-OTA2BZVmiUzS5tw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 423ms
37ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=286e1d7d30
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/286e1d7d30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:34 GMT
via: 1.1 4e7ab7d3a1019b0c033068318d72e5ee.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5TgtL3u5y1YBosUOyP0PbP6RVnqH4IgYugjhf9UfGMpulJnHiWFayz%2B0I5WjkJYxXy0BJ2mGxkHaR6I3mzgKjtuqZw66vH1N811QNoSkjqz2kC3SR7whUvqGHioinRNkNrR9LB58A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87bda9735aed9c5f-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: akGfc1hlvkePNxuX9swZgmNQVmTixD_wq6TJsZV1yCpTC8QevOoqZQ==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 823 B
702 B 428ms
43ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=286e1d7d30
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/286e1d7d30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:34 GMT
via: 1.1 6bba44d47d881e087bd912149e58e0ca.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wBuUSU9UXeajSUKINveU3zNVGCOUZ7nOgFEGPweaVInhTe%2B75dNVFqI7NsJOXM2moPlA95v3rV3zMAJmMrdwSi%2Brxzwat2bCB3jNFw0gog07nD1bCqkWP67olWvEqa7ScjU2ndedw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87bda9735aee9c5f-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RpEKxsEjaU59QgI3mFbWub7gRMzcxEHIgtDhyE62D0lXz94Oap7ZlA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 2 KB
1 KB 431ms
46ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=286e1d7d30
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/286e1d7d30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:34 GMT
via: 1.1 f626414885b2faf7a229c7fb2778d5c8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jpiFu%2F9D2WBeJviODlZnlaa%2FkyNAIdA8aElwLWCOiCJEyJ7l3TyhUrUV9bZamn3jQVqlQ5ETs1%2Bof52CmLtaXo3iOBeQ9aF%2BgBfy8yjjG8nOLGZWoPc5Buq74%2F8r1hLC5BBabGSnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87bda9735af09c5f-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 5hCtG7nxmV422T42EATFDYslLu65q40l0FXlzxKQFblzs_JIsza-hg==

GET
H3 200 favicon.ico
www.pmu.survey.pindadmedika.com/ 0
128 B 35ms
34ms Other
image/x-icon 156.67.213.157
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pmu.survey.pindadmedika.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

156.67.213.157 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv49.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.pmu.survey.pindadmedika.com/login
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:43:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2024 01:17:55 GMT
server: LiteSpeed
x-powered-by: Niagahoster
vary: User-Agent
content-type: image/x-icon
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 06 May 2024 07:43:35 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.pmu.survey.pindadmedika.com/	1970-01-20 20:13:03	Name: XSRF-TOKEN Value: eyJpdiI6IllOeUgyb1FsbGh5NkdTb094Rk93T2c9PSIsInZhbHVlIjoiQ3FFMCtTc0F0SVJPQmMzNXRicFYrRndjZzhUQkxLMHlnaFlrdGE2M0JURC9ZTEc4ak51eUE2dVYxSGJDY3Bzc0NkSVIyN01WeDVCQnpCaEZDakVlcXcxMW0xV3NRSmNwTTgyTFpBTUgrUWUyNktXdDlXY0RoV1prZ0JBOWlSN2kiLCJtYWMiOiJjMjhiOGRkYjFiNTc4YmJkZmQzZjM1NzdlMDJhYjJkNTg3NThhZjc5YTM3MTI3YmYzZmRmMzJiYzM4YTgxZGY4IiwidGFnIjoiIn0%3D
			www.pmu.survey.pindadmedika.com/	1970-01-20 20:13:03	Name: laravel_session Value: eyJpdiI6IjY2aHNiTHhvS3YxTTZFay83L0xWSEE9PSIsInZhbHVlIjoibjhleWF3UEdWMktlTGxHejczRmhvdlR3YmRsRGYvVWwvc2UyMjFYZjR6VzJVc0dtSi9LamttQmtKMzlQNjM0cVNpbFRCVmozZkhJNkE0MDQ4ZVNsWjhOWVkvRUJTYkpGYktTaFB1Ri9CV2ZlRDJMLzBwSHBjRmgxMEJKUkNLM3UiLCJtYWMiOiI1MDdjZjIwMGNkNjU0YjllMTcwMGI4YWQ5YWU5OWRmZjU2NWY5M2VhNDJkMTEzY2IzZWMyMDJiYzU5MDY5Yjg2IiwidGFnIjoiIn0%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.pmu.survey.pindadmedika.com/login Message: Mixed Content: The page at 'https://www.pmu.survey.pindadmedika.com/login' was loaded over HTTPS, but requested an insecure element 'http://psurvey.pindadmedika.com/_next/image?url=%2Frsu-pindad.png&w=384&q=75'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.pmu.survey.pindadmedika.com/login(Line 201) Message: Mixed Content: The page at 'https://www.pmu.survey.pindadmedika.com/login' was loaded over HTTPS, but requested an insecure element 'http://psurvey.pindadmedika.com/_next/image?url=%2Frsu-pindad.png&w=384&q=75'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://www.pmu.survey.pindadmedika.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
ka-f.fontawesome.com
kit.fontawesome.com
psurvey.pindadmedika.com
www.pmu.survey.pindadmedika.com
103.54.170.150
151.101.193.229
156.67.213.157
172.64.147.188
172.67.139.119
00ff2736f6f603ad2e6e0818ac43d6469a18844dd19c887bb9c9c6697f618fa6
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
ccee80645f81d110229b9af2c5cbbcd86e09cbf57e531d93faead7bdb10a55b8
d63434b6239f8d695c25e2c115853779afe63774ef72baf860923092333f3796
de040986d9a3ed89d5d5f9ad6d5727015e9e238c2cd13af8f1b55909386d0864
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f94870ad8fe62c67e9d53e754a6e1d96456733927d9ebeb1d3ed76fb11e38fa4

www.pmu.survey.pindadmedika.com Open in urlscan Pro 156.67.213.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

5 IPs

3 Countries

235 kBTransfer

879 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

www.pmu.survey.pindadmedika.com Open in urlscan Pro
156.67.213.157 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

235 kB
Transfer

879 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions