urlscan.io logo urlscan.io
SecurityTrails logo

account.blibli.com Open in urlscan Pro
2606:4700:4400::6812:29d1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://account.blibli.com/
Effective URL: https://account.blibli.com/login
Submission: On November 25 via api from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 2606:4700:4400::6812:29d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.blibli.com.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time account.blibli.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:440... 13335 (CLOUDFLAR...)
11 2
Apex Domain
Subdomains		 Transfer
10 blibli.com
account.blibli.com
461 KB
0 gdn-app.com Failed
xstatic.gdn-app.com Failed
11 2
Domain Requested by
10 account.blibli.com 1 redirects account.blibli.com
0 xstatic.gdn-app.com Failed account.blibli.com
11 2

This site contains no links.

Subject Issuer Validity Valid
account.blibli.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://account.blibli.com/login
Frame ID: 423337147D78AFA1BB663E962BF25B74
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CAS – Central Authentication Service

Page URL History Show full URLs

  1. http://account.blibli.com/ HTTP 307
    https://account.blibli.com/ HTTP 302
    https://account.blibli.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

82 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

461 kB
Transfer

927 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://account.blibli.com/ HTTP 307
    https://account.blibli.com/ HTTP 302
    https://account.blibli.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
account.blibli.com/
Redirect Chain
  • http://account.blibli.com/
  • https://account.blibli.com/
  • https://account.blibli.com/login
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16bd6ebf7e92a641292ee353f551e72340e9a31d5358b443c4b81d04c9a040cd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e7f025469d33a3e-FRA
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Mon, 25 Nov 2024 04:48:54 GMT
expires
0
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e7f0253190c3a3e-FRA
content-language
de-DE
content-length
0
date
Mon, 25 Nov 2024 04:48:54 GMT
expires
0
location
/login
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
jquery.min.js
account.blibli.com/webjars/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/webjars/jquery/3.5.1/jquery.min.js
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/login

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
64
x-content-type-options
nosniff
cf-ray
8e7f0256bb003a3e-FRA
date
Mon, 25 Nov 2024 04:48:54 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:30:34 GMT
x-frame-options
DENY
blistrap.css
xstatic.gdn-app.com//blistrap-1.0.0/stylesheets/ 		0
0
bootstrap.min.css
xstatic.gdn-app.com//blistrap-1.0.0/stylesheets/vendor/ 		0
0
style.css
account.blibli.com/css/ 		3 KB
929 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/css/style.css
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6dc86c0f5b3bb8d4ecf9ffa808c8a025188b950fee8b6f1279c23beb0e8621
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/login

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
64
x-content-type-options
nosniff
cf-ray
8e7f0256bafe3a3e-FRA
date
Mon, 25 Nov 2024 04:48:54 GMT
x-xss-protection
1; mode=block
content-type
text/css;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:35:08 GMT
x-frame-options
DENY
zxcvbn.js
account.blibli.com/webjars/zxcvbn/dist/ 		802 KB
403 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/webjars/zxcvbn/dist/zxcvbn.js
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6677fc15d245f397f52d5d0998f3a86f9aae752ae7b3ca4b3d9eaa91dffe174a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/login

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
64
x-content-type-options
nosniff
cf-ray
8e7f0256cb013a3e-FRA
date
Mon, 25 Nov 2024 04:48:54 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:30:34 GMT
x-frame-options
DENY
head.min.js
account.blibli.com/webjars/headjs/1.0.3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/webjars/headjs/1.0.3/head.min.js
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db917fc3741ec881cde5f77f9d0514a27081219aea5b4cbc81a391345f5ae8ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/login

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
64
x-content-type-options
nosniff
cf-ray
8e7f0256cb023a3e-FRA
date
Mon, 25 Nov 2024 04:48:54 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:30:34 GMT
x-frame-options
DENY
cas.js
account.blibli.com/js/ 		1 KB
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/js/cas.js
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ebcb20dcd109494aa4a59c720fda8e41341e7152c40873a37c66f4a1518c3d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/login

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
64
x-content-type-options
nosniff
cf-ray
8e7f0256cb033a3e-FRA
date
Mon, 25 Nov 2024 04:48:54 GMT
x-xss-protection
1; mode=block
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:35:08 GMT
x-frame-options
DENY
logo-blibli.png
account.blibli.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.blibli.com/images/logo-blibli.png
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d38d1e4b6b55598298aa33ff98c07833bfc60ce5323b3eef7e6284f8881b91
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/css/style.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
age
65
x-content-type-options
nosniff
cf-ray
8e7f02584bd33a3e-FRA
accept-ranges
bytes
content-length
12170
date
Mon, 25 Nov 2024 04:48:55 GMT
x-xss-protection
1; mode=block
content-type
image/png;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:35:08 GMT
x-frame-options
DENY
Img_login.jpg
account.blibli.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.blibli.com/images/Img_login.jpg
Requested by
Host: account.blibli.com
URL: https://account.blibli.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e82aa118cceb48171c4ff85cb983254cc070b0430b50fd056c8c654e0130f2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/css/style.css

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cf-bgj
h2pri
cf-cache-status
HIT
age
65
x-content-type-options
nosniff
cf-ray
8e7f02584bd43a3e-FRA
accept-ranges
bytes
content-length
5175
date
Mon, 25 Nov 2024 04:48:55 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg;charset=UTF-8
last-modified
Fri, 04 Oct 2024 07:35:08 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
x-frame-options
DENY
favicon.png
account.blibli.com/ 		264 B
329 B 		Other
General
Check archive.org
Download Go to
Full URL
https://account.blibli.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdecea6e82d0ae3968f6e5e25b854a36d710c669b38c35ccac445c8393021d97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://account.blibli.com/login

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
age
64
x-content-type-options
nosniff
cf-ray
8e7f0258fc4b3a3e-FRA
accept-ranges
bytes
content-length
264
date
Mon, 25 Nov 2024 04:48:55 GMT
x-xss-protection
1; mode=block
content-type
image/png;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
last-modified
Fri, 04 Oct 2024 07:35:08 GMT
x-frame-options
DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xstatic.gdn-app.com
URL
https://xstatic.gdn-app.com//blistrap-1.0.0/stylesheets/blistrap.css
Domain
xstatic.gdn-app.com
URL
https://xstatic.gdn-app.com//blistrap-1.0.0/stylesheets/vendor/bootstrap.min.css

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| zxcvbn function| head

2 Cookies

Domain/Path Name / Value
.account.blibli.com/ Name: __cf_bm
Value: FijW5QA2FiOUDqHwrAa0fK85lNTLZiXLJ8Bn2rfNum0-1732510134-1.0.1.1-IMoGQ4tdoCP33uGZkOBl0dRJQpWpOei60rbHsRHDQoZQWWS2LE0Pj0kRzKyGTTe37sVKKMB30kgW1AqRLmiR6w
account.blibli.com/ Name: JSESSIONID
Value: A9265EEE09E344B6D551C58920AC9DFA

2 Console Messages

Source Level URL
Text
network error URL: https://xstatic.gdn-app.com//blistrap-1.0.0/stylesheets/blistrap.css
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://xstatic.gdn-app.com//blistrap-1.0.0/stylesheets/vendor/bootstrap.min.css
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block