![](/screenshots/fc1ea72a-9541-4565-b4f9-9a047c233682.png)
sartomo-somon.my.id
Open in
urlscan Pro
104.21.18.46
Public Scan
Effective URL: https://sartomo-somon.my.id/
Submission Tags: @ecarlesi threat #phishing #facebook Search All
Submission: On June 02 via api from PL — Scanned from PL
Summary
TLS certificate: Issued by GTS CA 1P5 on June 2nd 2023. Valid for: 3 months.
This is the only time sartomo-somon.my.id was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 104.21.18.46 104.21.18.46 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
sartomo-somon.my.id
2 redirects
sartomo-somon.my.id |
18 KB |
4 | 1 |
Domain | Requested by | |
---|---|---|
6 | sartomo-somon.my.id |
2 redirects
sartomo-somon.my.id
|
4 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sartomo-somon.my.id GTS CA 1P5 |
2023-06-02 - 2023-08-31 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://sartomo-somon.my.id/
Frame ID: 973904CE0D2F4E7C689954428AEDA909
Requests: 1 HTTP requests in this frame
Frame:
https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
Frame ID: E8B763709C7F83C72422BAA0B7A90235
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/fc1ea72a-9541-4565-b4f9-9a047c233682.png)
Page Title
Index of /Page URL History Show full URLs
-
http://sartomo-somon.my.id/
HTTP 301
https://sartomo-somon.my.id/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sartomo-somon.my.id/
HTTP 301
https://sartomo-somon.my.id/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://sartomo-somon.my.id/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sartomo-somon.my.id/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/ Frame E8B7 Redirect Chain
|
26 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pica.js
sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/scripts/ Frame E8B7 |
6 KB 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7d10d1821a14352d
sartomo-somon.my.id/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E8B7 |
2 B 614 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sartomo-somon.my.id/ | Name: __cf_bm Value: TvOaRMwbzzlcncR3om4LN0tJzUvhvxJzFrRCok2IRlw-1685720674-0-AVKU2BNc1rtC32RJ+Ahzdv/z+2J+QkzdsSbHztutxUZe6tzdPsNsbYwBlflAn+Tj0GXEdKRKDvtsx4Bpr6Hp4rclp5aRk+eYQZ2zGEbgcfub |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sartomo-somon.my.id
104.21.18.46
19d9e6ff823528d55119c2d4f583d5839da6ea30c40b7674183dcd3d87cb6000
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
77eff3066bac39703644649ec78099f76c01ee4b5299ca51bef206c112b7824e
d0591f88ce19c2ce530c8ecbab74c4b94aa67e85f47884b47cc0f01fac0d5eb3