client.idea.dkytmshrn.online Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client.idea.dkytmshrn.online/
Submission: On October 08 via automatic, source certstream-suspicious (October 8th 2023, 12:28:18 pm UTC) — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is client.idea.dkytmshrn.online.
TLS certificate: Issued by GTS CA 1D4 on October 8th 2023. Valid for: 3 months.

This is the only time client.idea.dkytmshrn.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
3	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	172.217.16.205 172.217.16.205	15169 (GOOGLE) (GOOGLE)
1 2	104.16.124.175 104.16.124.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.99.10 13.32.99.10	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.91 13.32.121.91	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.145 142.250.185.145	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
20	10

4 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

client.idea.dkytmshrn.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.205 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.124.175 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-10.fra60.r.cloudfront.net

www.ikea.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-91.fra60.r.cloudfront.net

assets2.lottiefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.145 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f17.1e100.net

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	google.com accounts.google.com — Cisco Umbrella Rank: 32	119 KB
4	dkytmshrn.online client.idea.dkytmshrn.online	7 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	72 KB
2	lottiefiles.com assets2.lottiefiles.com — Cisco Umbrella Rank: 309699	3 KB
2	ikea.co.id www.ikea.co.id — Cisco Umbrella Rank: 487720	115 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1102	94 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 508
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	873 B
20	10

	Domain	Requested by
4	accounts.google.com	client.idea.dkytmshrn.online accounts.google.com
4	client.idea.dkytmshrn.online	client.idea.dkytmshrn.online
3	cdn.jsdelivr.net	client.idea.dkytmshrn.online
2	assets2.lottiefiles.com	unpkg.com
2	www.ikea.co.id	client.idea.dkytmshrn.online
2	unpkg.com	1 redirects client.idea.dkytmshrn.online
1	fonts.gstatic.com
1	csp.withgoogle.com	client.idea.dkytmshrn.online
1	code.jquery.com	client.idea.dkytmshrn.online
1	fonts.googleapis.com	client.idea.dkytmshrn.online
20	10

This site contains no links.

Subject Issuer	Validity	Valid
client.idea.dkytmshrn.online GTS CA 1D4	`2023-10-08` - `2024-01-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.ikea.co.id DigiCert TLS RSA SHA256 2020 CA1	`2022-12-05` - `2023-12-09`	a year	crt.sh
*.lottiefiles.com Amazon RSA 2048 M01	`2023-08-25` - `2024-09-22`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://client.idea.dkytmshrn.online/
Frame ID: E85B0EFF7B470615D215EBC55CF6C614
Requests: 17 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&size=large&client_id=69712922364-va91sq6k9i5p3fon4fc409isrbrcdsc6.apps.googleusercontent.com&iframe_id=gsi_93923_444733&as=%2FVIf%2Fn7qqyNHOhyXWP7omQ
Frame ID: 7A8ACF40A22BD02BDF549F8FBA5CD52A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IDEA - Admin Panel

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

467 kB
Transfer

1311 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
client.idea.dkytmshrn.online/ 14 KB
3 KB 1341ms
147ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11c558eb180b7a3b7086a42703a9e9a602b072f85d3bfa61e6a0f94325b220fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 2458
content-type: text/html; charset=utf-8
date: Sun, 08 Oct 2023 12:28:13 GMT
etag: "d8f46f8f02d1b12e5675f1f57f397b9fcc4ccdc35ae3226f94e34b741e23f534-br"
last-modified: Sun, 08 Oct 2023 11:33:20 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230132-FRA
x-timer: S1696768093.916888,VS0,VE137

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 190 KB
29 KB 384ms
23ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.idea.dkytmshrn.online/
Origin: https://client.idea.dkytmshrn.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19713272
x-jsd-version: 5.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230090-FRA, cache-yyz4561-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnpJGUWKGdeNXdI76V7g9fKFodisNyZrIfnTA%2BgPu344UuJ02jbRcB4tTYBUcsMUalx5X%2FM%2B3QH2obr9kI9flqptjbnuF%2BCPUcnELCbWpEDOh7JuVcKdHCNsp0%2FBk728lO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 812e61e7e8da9025-FRA

GET
H2 200 css2
fonts.googleapis.com/ 696 B
873 B 383ms
27ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,600,0,0

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

30ac49028c33e1930abe098de328180e23438c1ea6d23ca2c749f8194b7bc580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 12:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 12:28:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 12:28:13 GMT

GET
H2 200 style.css
client.idea.dkytmshrn.online/css/ 5 KB
1 KB 106ms
106ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://client.idea.dkytmshrn.online/css/style.css

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

033b84c9ddb9d9b6e5d4d50808babb83a1e0689b9484753585616a1dcc7cf186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230132-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 08 Oct 2023 12:28:13 GMT
last-modified: Sun, 08 Oct 2023 11:33:20 GMT
x-timer: S1696768093.070141,VS0,VE97
etag: "a45332a3fd47bc8ad7380323828e47be7a46e02bbb9a741015910ae199893f64-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1144
x-cache-hits: 0

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 366ms
12ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer: https://client.idea.dkytmshrn.online/
Origin: https://client.idea.dkytmshrn.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1967429
x-cache: HIT, HIT
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-fra-eddf8230108-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696768093.423661,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 34, 35427

GET
H2 200 IDEA_logo.svg
client.idea.dkytmshrn.online/image/ 2 KB
1 KB 90ms
89ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.idea.dkytmshrn.online/image/IDEA_logo.svg

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

58f7c1d86490dec29c9320e644c83d5ab17a98887b5fc62d34b91a26281a6ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230132-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 08 Oct 2023 12:28:13 GMT
last-modified: Sun, 08 Oct 2023 11:33:20 GMT
x-timer: S1696768093.495047,VS0,VE72
etag: "f7147b5026172e9ba6a5f6259e4c022c3dfe45417fd8afe6d6a81bf72997f2ac-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1015
x-cache-hits: 0

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/ 78 KB
24 KB 19ms
18ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.idea.dkytmshrn.online/
Origin: https://client.idea.dkytmshrn.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13799715
x-jsd-version: 5.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230139-FRA, cache-yyz4565-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xwk9h1%2FnXn5l07guo2ofEYREtOWRqt8vZ%2BypWhyllvFh9HXUYNorVu1GrI2iIAmA6qENyny%2FvOA3ZLrJQ0ymcCaxYU3pqgmVgBwJBtIZhkI6wTYOfBqmQx4Xf6k%2FtvRx%2BGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 812e61e818f99025-FRA

GET
H2 200 client Show response
accounts.google.com/gsi/ 198 KB
78 KB 385ms
55ms Script
application/javascript 172.217.16.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.205 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f13.1e100.net

Software

ESF /

Resource Hash

bc68cf6d2a6603a8107c74917be24fea26caaac438b99a457a8020d62bf29da0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c3kFGg22fLVyFOQnUHL56A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-c3kFGg22fLVyFOQnUHL56A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 08 Oct 2023 12:28:13 GMT

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 68 KB
19 KB 349ms
26ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e40bead9cdb36412578196519d28035ee67c47d109d18e7e216f0da55be1e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8625
x-jsd-version: 11.7.32
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-yyz4553-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"110ad-1vwpTWZ+mHiuDTzQ9wZKrTHZo2Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsGFrcIj7FI9kDMajf9zRlXm91hWi4NcNQjHzsabStpK7N%2BZHMOPzLZ1SgdEy1Wx%2FcADU4b4qKjEWW0j9fkaoG3IS4IzvDvbhN53ZkKKPVdL795yeHUz%2BLs%2BBMQNGPVIMMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 812e61ea28e092a5-FRA

GET
H2 200 index.js Show response
client.idea.dkytmshrn.online/ 12 KB
2 KB 167ms
165ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://client.idea.dkytmshrn.online/index.js

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a6c8a9f18b949122fdbb475b7f3376470d2ef7dd5e376e331a54e1fa5d9cada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230132-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 08 Oct 2023 12:28:13 GMT
last-modified: Sun, 08 Oct 2023 11:33:20 GMT
x-timer: S1696768093.495098,VS0,VE156
etag: "652a53edf76c854495c4668fcab6684aed22b46804959a9c7368c7df20d05bd5-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1636
x-cache-hits: 0

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js

359 KB
93 KB

31ms
31ms

Script
application/javascript

104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/

Protocol

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d2f8de4f55304e80b710304c00dfc431f692bf1c71f1595f78c75451044de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10470045
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H2FK4E7VB9TBQ87WV00Z46SE-fra
server: cloudflare
etag: W/"59a07-4AFgJQ3i5PlD1ojTWKqOoTRXKIo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812e61ea8e4c9259-FRA

Redirect headers

date: Sun, 08 Oct 2023 12:28:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HC7KP02F1Q001KHM47BV662Y-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 487
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@lottiefiles/lottie-player@2.0.2/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 812e61ea5e289259-FRA

GET
H2 200 NotoIKEALatin-Bold.woff2
www.ikea.co.id/webroot/fonts/NotoIKEALatin/ 56 KB
57 KB 414ms
15ms Font
font/woff2 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ikea.co.id/webroot/fonts/NotoIKEALatin/NotoIKEALatin-Bold.woff2

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-10.fra60.r.cloudfront.net

Software

Resource Hash

104dae0a1c4f6c9d4c6b2eb1474fac8bb296db0d45a3a65488b9816661a3f2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.idea.dkytmshrn.online/
Origin: https://client.idea.dkytmshrn.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:01:37 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P3
age: 969995
x-cache: Hit from cloudfront
x-bb-served-by: 957cd86e2e174c8faff30e9f01b10ff8
content-length: 57776
last-modified: Wed, 27 Sep 2023 06:48:26 GMT
server
vary: Host
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: TJp7VLjzE5dNffwU5yPkB_4fwTlNaJD7Bir_IjDO4UpPqzOyGW3LUQ==
expires: Fri, 27 Oct 2023 07:01:37 GMT

GET
H2 200 NotoIKEALatin-Regular.woff2
www.ikea.co.id/webroot/fonts/NotoIKEALatin/ 57 KB
58 KB 412ms
18ms Font
font/woff2 13.32.99.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ikea.co.id/webroot/fonts/NotoIKEALatin/NotoIKEALatin-Regular.woff2

Requested by

Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-10.fra60.r.cloudfront.net

Software

Resource Hash

1f64f174ed99f51be9ce54e8fa49557bd58fc35a6efc3db2161c86c54258fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.idea.dkytmshrn.online/
Origin: https://client.idea.dkytmshrn.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:02:52 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P3
age: 969921
x-cache: Hit from cloudfront
x-bb-served-by: b454e794d0164173835a6f30dbbfb7a8
content-length: 58640
last-modified: Wed, 27 Sep 2023 06:48:26 GMT
server
vary: Host
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: U-K-664GZzTLl1Cd3W2ePIiXy7_JJlMzPTh826_YsrMpR8uwEzy9_g==
expires: Fri, 27 Oct 2023 07:02:52 GMT

GET
H2 200 lf20_remmdtqv.json Show response
assets2.lottiefiles.com/packages/ 11 KB
2 KB 1011ms
631ms XHR
application/json 13.32.121.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets2.lottiefiles.com/packages/lf20_remmdtqv.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dddfdedaf7e3e11bbcabeff5a4159bac24771cf39d8d46531970ffb1cfe8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:15 GMT
x-amz-version-id: cDWRYjzGxzcF.fYZP4J1C.DtG8EkGLVv
content-encoding: br
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
last-modified: Sun, 14 Aug 2022 11:24:47 GMT
server: AmazonS3
etag: W/"61f2dc18bb9408184f6f4bf5226f4419"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding,Origin
x-amz-cf-id: E8s-KjK4C14dNKvbS4lSZntpvN8NEKgBvE_BLuTctQAvUGc5iILdCA==

GET
H2 200 lf20_remmdtqv.json Show response
assets2.lottiefiles.com/packages/ 11 KB
2 KB 1012ms
632ms Fetch
application/json 13.32.121.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets2.lottiefiles.com/packages/lf20_remmdtqv.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dddfdedaf7e3e11bbcabeff5a4159bac24771cf39d8d46531970ffb1cfe8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:15 GMT
x-amz-version-id: cDWRYjzGxzcF.fYZP4J1C.DtG8EkGLVv
content-encoding: br
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
last-modified: Sun, 14 Aug 2022 11:24:47 GMT
server: AmazonS3
etag: W/"61f2dc18bb9408184f6f4bf5226f4419"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding,Origin
x-amz-cf-id: WiEHsM7U0bsa-12Mqzevjxnx_8jPOCoSu1OnnW7YrpXv0gdVf3Zh5A==

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 32ms
31ms Stylesheet
text/css 172.217.16.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.205 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f13.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-x---ArAZCEK9q0C45pbQAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-x---ArAZCEK9q0C45pbQAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 08 Oct 2023 12:28:13 GMT

GET
H2 200 button Show response
accounts.google.com/gsi/ Frame 7A8A 110 KB
40 KB 86ms
86ms Document
text/html 172.217.16.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&size=large&client_id=69712922364-va91sq6k9i5p3fon4fc409isrbrcdsc6.apps.googleusercontent.com&iframe_id=gsi_93923_444733&as=%2FVIf%2Fn7qqyNHOhyXWP7omQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.205 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f13.1e100.net

Software

ESF /

Resource Hash

8e25b94793868c393e1587184ac1bbd7778be522922ecdfd829337fa17d2cc05

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-e8o4DD7uBK2ap7NxCEZKwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://client.idea.dkytmshrn.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-e8o4DD7uBK2ap7NxCEZKwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:28:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
534 B 33ms
33ms XHR
application/json 172.217.16.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=69712922364-va91sq6k9i5p3fon4fc409isrbrcdsc6.apps.googleusercontent.com&as=%2FVIf%2Fn7qqyNHOhyXWP7omQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.205 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f13.1e100.net

Software

ESF /

Resource Hash

85df487facc6a969e3fe76050e01085296f013719245ee612922fe4ff7e8b33e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-mkr72ffoi15vmi4-ReAxHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.idea.dkytmshrn.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:28:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-mkr72ffoi15vmi4-ReAxHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.idea.dkytmshrn.online
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 7A8A 0
0 352ms
23ms Other
text/html 142.250.185.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by: Host: client.idea.dkytmshrn.online
URL: https://client.idea.dkytmshrn.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.145 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f17.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 7A8A 51 KB
27 KB 377ms
46ms Font
font/ttf 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27431
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:23:53 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
assets2.lottiefiles.com
cdn.jsdelivr.net
client.idea.dkytmshrn.online
code.jquery.com
csp.withgoogle.com
fonts.googleapis.com
fonts.gstatic.com
unpkg.com
www.ikea.co.id
104.16.124.175
104.16.87.20
13.32.121.91
13.32.99.10
142.250.185.145
151.101.2.137
172.217.16.195
172.217.16.205
199.36.158.100
216.58.212.138
033b84c9ddb9d9b6e5d4d50808babb83a1e0689b9484753585616a1dcc7cf186
104dae0a1c4f6c9d4c6b2eb1474fac8bb296db0d45a3a65488b9816661a3f2fb
11c558eb180b7a3b7086a42703a9e9a602b072f85d3bfa61e6a0f94325b220fa
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f64f174ed99f51be9ce54e8fa49557bd58fc35a6efc3db2161c86c54258fce9
21dddfdedaf7e3e11bbcabeff5a4159bac24771cf39d8d46531970ffb1cfe8c6
2e40bead9cdb36412578196519d28035ee67c47d109d18e7e216f0da55be1e3a
30ac49028c33e1930abe098de328180e23438c1ea6d23ca2c749f8194b7bc580
4a6c8a9f18b949122fdbb475b7f3376470d2ef7dd5e376e331a54e1fa5d9cada
55d2f8de4f55304e80b710304c00dfc431f692bf1c71f1595f78c75451044de5
58f7c1d86490dec29c9320e644c83d5ab17a98887b5fc62d34b91a26281a6ec8
85df487facc6a969e3fe76050e01085296f013719245ee612922fe4ff7e8b33e
8e25b94793868c393e1587184ac1bbd7778be522922ecdfd829337fa17d2cc05
bc68cf6d2a6603a8107c74917be24fea26caaac438b99a457a8020d62bf29da0
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

client.idea.dkytmshrn.online Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

10 IPs

2 Countries

467 kBTransfer

1311 kBSize

0 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

client.idea.dkytmshrn.online Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

467 kB
Transfer

1311 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions