urlscan.io logo urlscan.io
SecurityTrails logo

sartomo-somon.my.id Open in urlscan Pro
104.21.18.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sartomo-somon.my.id/
Effective URL: https://sartomo-somon.my.id/
Submission Tags: @ecarlesi threat #phishing #facebook Search All
Submission: On June 02 via api from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 104.21.18.46, located in and belongs to CLOUDFLARENET, US. The main domain is sartomo-somon.my.id.
TLS certificate: Issued by GTS CA 1P5 on June 2nd 2023. Valid for: 3 months.
This is the only time sartomo-somon.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 104.21.18.46 13335 (CLOUDFLAR...)
4 1
Apex Domain
Subdomains		 Transfer
6 sartomo-somon.my.id
sartomo-somon.my.id
18 KB
4 1
Domain Requested by
6 sartomo-somon.my.id 2 redirects sartomo-somon.my.id
4 1

This site contains no links.

Subject Issuer Validity Valid
sartomo-somon.my.id
GTS CA 1P5		 2023-06-02 -
2023-08-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://sartomo-somon.my.id/
Frame ID: 973904CE0D2F4E7C689954428AEDA909
Requests: 1 HTTP requests in this frame

Frame: https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
Frame ID: E8B763709C7F83C72422BAA0B7A90235
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Index of /

Page URL History Show full URLs

  1. http://sartomo-somon.my.id/ HTTP 301
    https://sartomo-somon.my.id/ Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

17 kB
Transfer

34 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sartomo-somon.my.id/ HTTP 301
    https://sartomo-somon.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://sartomo-somon.my.id/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sartomo-somon.my.id/
Redirect Chain
  • http://sartomo-somon.my.id/
  • https://sartomo-somon.my.id/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sartomo-somon.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.18.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0591f88ce19c2ce530c8ecbab74c4b94aa67e85f47884b47cc0f01fac0d5eb3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d10d1821a14352d-WAW
content-encoding
br
content-type
text/html;charset=ISO-8859-1
date
Fri, 02 Jun 2023 15:44:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Edp5C%2Bpcjrmwrvbkc55Qi16UuEInAxoJdlpgwH4ofSdRprBU6mI64tawqTHpRgjI8qHo%2Bo0dZpfUOgM3MjfvxzVety8lf68GRLFZWv4XvdaZRkvMzqX9OQTtmpHEblp3FOPqu%2Fs"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
7d10d1817deb34c8-WAW
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 02 Jun 2023 15:44:33 GMT
Expires
Fri, 02 Jun 2023 16:44:33 GMT
Location
https://sartomo-somon.my.id/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9qaZWJ6L70uY5z4gDskxsctOR08Wv9TZL24%2BvHgIHckgRNSqQ9iVP5q4MNNdquezlUSoxAsOlCCB6oNQzYPf3QiFXQ7wBlSTEFfEncSX%2FFotGnDrfpFE4sP9LmguNpHIUR9vnMJ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
invisible.js
sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/ Frame E8B7
Redirect Chain
  • https://sartomo-somon.my.id/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
Protocol
H2
Server
104.21.18.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d9e6ff823528d55119c2d4f583d5839da6ea30c40b7674183dcd3d87cb6000
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 15:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thJe4W%2Fl9a2PBPRBk0DMv%2BQD9W2LflB%2FxpyY7dZItnT29IquOnpnrf%2BQwpDlEI5pubFCDz867SdfjTD%2Bw30lM8qYovT6ghxevNou%2BtMFLu6htneaARe5vGCu0WWKqdnZ7aSYzMjQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d10d1851ce1352d-WAW
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 02 Jun 2023 15:44:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fxfb2GmEBvAN2RvEj%2F5hQoZhMtIkEarY92%2Fv5LlKOsjtfDw2CgC1xSYZr9UgFb%2FApiEG2J57pJV6Xhi77n9CBJydND4QPyqCLRJqEE3hsjYqyKwQZgB96IQlyZPdsvbRR7%2BVOTID"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
cache-control
max-age=300, public
cf-ray
7d10d184ecad352d-WAW
alt-svc
h3=":443"; ma=86400
pica.js
sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/ Frame E8B7 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.18.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77eff3066bac39703644649ec78099f76c01ee4b5299ca51bef206c112b7824e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 15:44:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc%2FbZwzXgQi8SPGlIYPaS6t7CkTVUogL8GH2wNa%2B0%2BqX%2B4U%2BzmxuQw5wgAguwb37amgOYlKYj7Fxg2hERHlqaabY3copXr1ZeKBpDzuovUk6oSEjpwAVaBLDliC8PHgl3%2FKBqad%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d10d1856d71bf6f-WAW
alt-svc
h3=":443"; ma=86400
7d10d1821a14352d
sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E8B7 		2 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/cv/result/7d10d1821a14352d
Requested by
Host: sartomo-somon.my.id
URL: https://sartomo-somon.my.id/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.18.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Jun 2023 15:44:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oSF%2B7n3mMzwY5Hwvk0DEEjaWOP79SWK1aUEE0aN5Z6fD7SLogdG%2BN9VpiGwxQISi72hlvPHat%2BCWQao%2BG2TyPYthxA1o9q2ag5E1mjNLK0L%2F1aj7UBlyw4VHy4UGSDBKXfp7zuZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d10d1871ef6bf6f-WAW
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Domain/Path Name / Value
.sartomo-somon.my.id/ Name: __cf_bm
Value: TvOaRMwbzzlcncR3om4LN0tJzUvhvxJzFrRCok2IRlw-1685720674-0-AVKU2BNc1rtC32RJ+Ahzdv/z+2J+QkzdsSbHztutxUZe6tzdPsNsbYwBlflAn+Tj0GXEdKRKDvtsx4Bpr6Hp4rclp5aRk+eYQZ2zGEbgcfub