urlscan.io logo urlscan.io
SecurityTrails logo

4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id Open in urlscan Pro
206.189.24.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-eu.mimecast.com/s/AjB8CgpnnIAKVlkyTND0t6?domain=ypbt.ahr.kiramc.go.ug
Effective URL: https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-2581...
Submission: On November 25 via manual from IN — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 206.189.24.169, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is 4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id.
TLS certificate: Issued by R3 on November 24th 2022. Valid for: 3 months.
This is the only time 4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 195.130.217.73 42427 (MIMECAST-UK)
2 154.72.194.114 327724 (NITA)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 8 206.189.24.169 14061 (DIGITALOC...)
10 3
Apex Domain
Subdomains		 Transfer
8 pn-prabumulih.go.id
microsoft-docusigns.pn-prabumulih.go.id
4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id
240 KB
2 kiramc.go.ug
ypbt.ahr.kiramc.go.ug
1 KB
2 mimecast.com
protect-eu.mimecast.com — Cisco Umbrella Rank: 29012
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
30 KB
10 4
Domain Requested by
4 4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id microsoft-docusigns.pn-prabumulih.go.id
4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id
4 microsoft-docusigns.pn-prabumulih.go.id 1 redirects ypbt.ahr.kiramc.go.ug
microsoft-docusigns.pn-prabumulih.go.id
2 ypbt.ahr.kiramc.go.ug code.jquery.com
2 protect-eu.mimecast.com 2 redirects
1 code.jquery.com ypbt.ahr.kiramc.go.ug
10 5

This site contains no links.

Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
pn-prabumulih.go.id
R3		 2022-11-24 -
2023-02-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
Frame ID: 4D6D845015DBC3F1FEFDA74B98DA8E3C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. https://protect-eu.mimecast.com/s/AjB8CgpnnIAKVlkyTND0t6?domain=ypbt.ahr.kiramc.go.ug HTTP 307
    https://protect-eu.mimecast.com/r/MF1iR5nM1HPIGfxfE-YZ9f-a3j9UccZYvuLGAm6f0xu0t6SsFE_SIoeHyJfxu0FzmCmt_SXUId... HTTP 307
    http://ypbt.ahr.kiramc.go.ug/?QQQ Page URL
  2. https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com Page URL
  3. https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com Page URL
  4. https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com&sso_reload=true HTTP 302
    https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

80 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

270 kB
Transfer

615 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-eu.mimecast.com/s/AjB8CgpnnIAKVlkyTND0t6?domain=ypbt.ahr.kiramc.go.ug HTTP 307
    https://protect-eu.mimecast.com/r/MF1iR5nM1HPIGfxfE-YZ9f-a3j9UccZYvuLGAm6f0xu0t6SsFE_SIoeHyJfxu0FzmCmt_SXUIdon6SqXf0_ADs17ZjIiUkTyWQzEzCgf0JvPHb2JlHgh3-7Uoe7WzyLiT0i-D1_0kvrkPyq-yegEuTsd6SdTJGqKkvXJiR27V3QyNdOchqzB6l_Dps6NoTPcHvDyDf7fPkHdKeKUFhzj1iEQrOmuU_XRA0-6KHeMgYcAHcVwsaKkANXsjrO33VzrDbo1KatbQUrJ7NBiI2kI3W-d2laAfbOWrmFdEyaS8zPRd_W8ejCS9L5KhBeE4VbgyczzkgYpfUF8OFH74ytk8bT2Re6RnM8BOa0nUcQu42QICrEtsNlSjHl_v8yh9c4u-SJshhuIM7a5qQjJkI0-qrXEq8a-fYC7VKvGaIyUJEVHYGhADSXc9u5CBeR3wvaUlq0LD626nr4kWYv7dhq8yM6rAWnk8ARm7uz_TZCTL-Oxr4CZo-ndMYF0M0FPLho-1ouKAtxOx81t2pLVIC3tM2aG4GDE_lwcB0WCgjMHypJBUL-rLQ-v7IXT3waLknvsIpN-GAcQXNJMOlkr2UhE2aX6KdBFG3x_38ZktYnrFOeV_3NLIx4qzkXQb3Vv_gKC07au2cLDUb05GGon1Uyo--QKhID4yrPRG_ZageOrodOGHhvJkequylNT-o0zO7ExPP1UzL8zdr9thL-O19Z_LMLYA6iJwAJVFIzFD7K3JwkkB0MTDf5mNdUCp1yQQ0gF0Hj3m8HK4wDAAZKCQmTOYODVQ-Wm0aq75lj4KU2EuSnkNEvoFQvCxzxpHdU-0Q-Qa3NOpfAl-5m6InDdabeSkd1JoKkbscPW-GruOqdOxrfStxLQ4Qe0kl73PMRsciUhLxOVNqD2XL4ktui3lnNruQFax-hCAe0gvLf0luA-uA9u0WZucuzl8_b5n6ZoRdQSeOic09NqZ8cDiQS642hGwxcqChq8jRgBsV3CpAOMwrXj41MqKrhXfUdlGyLOoAsfaSaqnKmxKKO9jIFm5CybZanzOKkVbuv9NZFwQAP5SliiWvEjohVryy71iCgmjrUHttA7d0GrTmB1cKpjvsPZWigCx_ryBz1V1tTtybijN0gvdBFGkcF92obLPwR9x9Lgfl8J66pbzKo3GbODqU5jrjN_fNOyTonGuhLs2FWa2N-N5V0B8m1UA1oly1A-a6YTsV7TSrtojHvGk97gZpZHjx7o9_zVBkTVE3PupzPVSE2KWEOfF3Q9GhHQZoqayzwVb0aYRWcVzG8-h8_WMT28W6JuRgxzQnvRs5ZnaJVUxsx-QK6GBrAvIdrrf5BYb1iL6Nm1dWm24EhgBR8DRVTzM0Hbb-NjLnCU1raLnTXWkN-ZpHjLoqnpA1oDHiI5CZCWB7MZ3qVRizeJ7EUopbJq2NPOxnnvUx8-vHGrhns-NVzvu_HAIslqSOi9FoeozJW3aL9WvHQE85bDbHTrrMQirTLrMZDVHhEKO8vpPykoLfHVSl7ym9QcY4vOmqkriZJPsp_4A54Fuo5ampp9Z9F-qkE70Y_zYb_G-qW_PXRssfzwjrF_sdd-KXgB3Q05sZDwRaTO-IPz_ll3OVJmelmYJm-__b-01a50fY8i1F98VffA4TFzm6tP3QjhGjPLUvMP8AplDgiSCehfYKGNwZchXbCOW-xOQyCnr9EoRwN7vEYKDuHSPzhJJyOoY5wDU5CjtEF0NR8I__j4KIoAfj3LmAuLWQls-A93NNH_UkFLXdd6aDHUv5uqY-dtWpQ4hYA7bpeOl_sVKL4JSmFFP9ZecSSI-ulpH_bB81L6vTcq5s1RkZTi8UlS9QZVw6Uh4x3MSB0JwDWyWRH0wzVQcq-W92dSDBVFYRo1kStr-zEOkV7myZiC-W7pgG7Y7rxacG6x080An7rkGw6iTTaxB9fMZSHmCtNqsOAqd5QxLUs-hhOj56zU73MoOgQSAcD1xcnDSKye6oAjwpvZcRJfy4E73FdyFFGuQyt6gApeA-S3nA76ar5hp_eJoJJCqpBsXEqouGb0gYOiSXOqVGTBTYjnYba2g-H68rGNspioUd1KNCo HTTP 307
    http://ypbt.ahr.kiramc.go.ug/?QQQ Page URL
  2. https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com Page URL
  3. https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com Page URL
  4. https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com&sso_reload=true HTTP 302
    https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-eu.mimecast.com/s/AjB8CgpnnIAKVlkyTND0t6?domain=ypbt.ahr.kiramc.go.ug HTTP 307
  • https://protect-eu.mimecast.com/r/MF1iR5nM1HPIGfxfE-YZ9f-a3j9UccZYvuLGAm6f0xu0t6SsFE_SIoeHyJfxu0FzmCmt_SXUIdon6SqXf0_ADs17ZjIiUkTyWQzEzCgf0JvPHb2JlHgh3-7Uoe7WzyLiT0i-D1_0kvrkPyq-yegEuTsd6SdTJGqKkvXJiR27V3QyNdOchqzB6l_Dps6NoTPcHvDyDf7fPkHdKeKUFhzj1iEQrOmuU_XRA0-6KHeMgYcAHcVwsaKkANXsjrO33VzrDbo1KatbQUrJ7NBiI2kI3W-d2laAfbOWrmFdEyaS8zPRd_W8ejCS9L5KhBeE4VbgyczzkgYpfUF8OFH74ytk8bT2Re6RnM8BOa0nUcQu42QICrEtsNlSjHl_v8yh9c4u-SJshhuIM7a5qQjJkI0-qrXEq8a-fYC7VKvGaIyUJEVHYGhADSXc9u5CBeR3wvaUlq0LD626nr4kWYv7dhq8yM6rAWnk8ARm7uz_TZCTL-Oxr4CZo-ndMYF0M0FPLho-1ouKAtxOx81t2pLVIC3tM2aG4GDE_lwcB0WCgjMHypJBUL-rLQ-v7IXT3waLknvsIpN-GAcQXNJMOlkr2UhE2aX6KdBFG3x_38ZktYnrFOeV_3NLIx4qzkXQb3Vv_gKC07au2cLDUb05GGon1Uyo--QKhID4yrPRG_ZageOrodOGHhvJkequylNT-o0zO7ExPP1UzL8zdr9thL-O19Z_LMLYA6iJwAJVFIzFD7K3JwkkB0MTDf5mNdUCp1yQQ0gF0Hj3m8HK4wDAAZKCQmTOYODVQ-Wm0aq75lj4KU2EuSnkNEvoFQvCxzxpHdU-0Q-Qa3NOpfAl-5m6InDdabeSkd1JoKkbscPW-GruOqdOxrfStxLQ4Qe0kl73PMRsciUhLxOVNqD2XL4ktui3lnNruQFax-hCAe0gvLf0luA-uA9u0WZucuzl8_b5n6ZoRdQSeOic09NqZ8cDiQS642hGwxcqChq8jRgBsV3CpAOMwrXj41MqKrhXfUdlGyLOoAsfaSaqnKmxKKO9jIFm5CybZanzOKkVbuv9NZFwQAP5SliiWvEjohVryy71iCgmjrUHttA7d0GrTmB1cKpjvsPZWigCx_ryBz1V1tTtybijN0gvdBFGkcF92obLPwR9x9Lgfl8J66pbzKo3GbODqU5jrjN_fNOyTonGuhLs2FWa2N-N5V0B8m1UA1oly1A-a6YTsV7TSrtojHvGk97gZpZHjx7o9_zVBkTVE3PupzPVSE2KWEOfF3Q9GhHQZoqayzwVb0aYRWcVzG8-h8_WMT28W6JuRgxzQnvRs5ZnaJVUxsx-QK6GBrAvIdrrf5BYb1iL6Nm1dWm24EhgBR8DRVTzM0Hbb-NjLnCU1raLnTXWkN-ZpHjLoqnpA1oDHiI5CZCWB7MZ3qVRizeJ7EUopbJq2NPOxnnvUx8-vHGrhns-NVzvu_HAIslqSOi9FoeozJW3aL9WvHQE85bDbHTrrMQirTLrMZDVHhEKO8vpPykoLfHVSl7ym9QcY4vOmqkriZJPsp_4A54Fuo5ampp9Z9F-qkE70Y_zYb_G-qW_PXRssfzwjrF_sdd-KXgB3Q05sZDwRaTO-IPz_ll3OVJmelmYJm-__b-01a50fY8i1F98VffA4TFzm6tP3QjhGjPLUvMP8AplDgiSCehfYKGNwZchXbCOW-xOQyCnr9EoRwN7vEYKDuHSPzhJJyOoY5wDU5CjtEF0NR8I__j4KIoAfj3LmAuLWQls-A93NNH_UkFLXdd6aDHUv5uqY-dtWpQ4hYA7bpeOl_sVKL4JSmFFP9ZecSSI-ulpH_bB81L6vTcq5s1RkZTi8UlS9QZVw6Uh4x3MSB0JwDWyWRH0wzVQcq-W92dSDBVFYRo1kStr-zEOkV7myZiC-W7pgG7Y7rxacG6x080An7rkGw6iTTaxB9fMZSHmCtNqsOAqd5QxLUs-hhOj56zU73MoOgQSAcD1xcnDSKye6oAjwpvZcRJfy4E73FdyFFGuQyt6gApeA-S3nA76ar5hp_eJoJJCqpBsXEqouGb0gYOiSXOqVGTBTYjnYba2g-H68rGNspioUd1KNCo HTTP 307
  • http://ypbt.ahr.kiramc.go.ug/?QQQ

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ypbt.ahr.kiramc.go.ug/
Redirect Chain
  • https://protect-eu.mimecast.com/s/AjB8CgpnnIAKVlkyTND0t6?domain=ypbt.ahr.kiramc.go.ug
  • https://protect-eu.mimecast.com/r/MF1iR5nM1HPIGfxfE-YZ9f-a3j9UccZYvuLGAm6f0xu0t6SsFE_SIoeHyJfxu0FzmCmt_SXUIdon6SqXf0_ADs17ZjIiUkTyWQzEzCgf0JvPHb2JlHgh3-7Uoe7WzyLiT0i-D1_0kvrkPyq-yegEuTsd6SdTJGqKkvX...
  • http://ypbt.ahr.kiramc.go.ug/?QQQ
687 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ypbt.ahr.kiramc.go.ug/?QQQ
Protocol
HTTP/1.1
Server
154.72.194.114 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh3.nita.go.ug
Software
Apache /
Resource Hash
945044f8abf0f6c11b9b099b061dee87bfd0215bb2d1cc4d6ca75991f72732c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, s-maxage=10
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
415
Content-Type
text/html; charset=UTF-8
Date
Fri, 25 Nov 2022 09:04:54 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Mod-Pagespeed
1.13.35.2-0

Redirect headers

Cache-control
no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 25 Nov 2022 09:04:52 GMT
Location
http://ypbt.ahr.kiramc.go.ug/?QQQ#.c2hhcm9uLnBlYXJjZUB0bWYtZ3JvdXAuY29t
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, nofollow
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: ypbt.ahr.kiramc.go.ug
URL: http://ypbt.ahr.kiramc.go.ug/?QQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
http://ypbt.ahr.kiramc.go.ug/
Origin
http://ypbt.ahr.kiramc.go.ug
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 09:04:55 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1669367095.dop012.lo4.t,1669367095.cds286.lo4.hn,1669367095.cds081.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
red.php
ypbt.ahr.kiramc.go.ug/ 		85 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ypbt.ahr.kiramc.go.ug/red.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Server
154.72.194.114 Kampala, Uganda, ASN327724 (NITA, UG),
Reverse DNS
wh3.nita.go.ug
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Referer
http://ypbt.ahr.kiramc.go.ug/?QQQ
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 25 Nov 2022 09:04:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
X-Mod-Pagespeed
1.13.35.2-0
Cache-Control
max-age=0, no-cache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
91
/
microsoft-docusigns.pn-prabumulih.go.id/ 		58 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Requested by
Host: ypbt.ahr.kiramc.go.ug
URL: http://ypbt.ahr.kiramc.go.ug/?QQQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8bb83913fa8c13720f792f0a132ff1fdd3e2996960c36d4313082e2dc0b851a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://ypbt.ahr.kiramc.go.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 25 Nov 2022 09:04:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
microsoft-docusigns.pn-prabumulih.go.id/ 		206 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Requested by
Host: microsoft-docusigns.pn-prabumulih.go.id
URL: https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5d8622c18591c2774acf1309b68552c5c8d446e6ca25fecba6023c2b2b73fbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 25 Nov 2022 09:04:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/json
/
microsoft-docusigns.pn-prabumulih.go.id/ 		329 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Requested by
Host: microsoft-docusigns.pn-prabumulih.go.id
URL: https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d2597140810991e1fec80b83295a05537143ed5ddb054f649616889ebc910291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 25 Nov 2022 09:04:57 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://641c2bda-6dc6-42d8-93dd-db4b280842c4-242ed0f1.pn-prabumulih.go.id/api/report?catId=GW+estsfd+ams2"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.14059.16 - NEULR2 ProdSlices
x-ms-request-id
b2814ff9-57d1-46dd-b97a-261a61627801
Primary Request /
4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/
Redirect Chain
  • https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com&sso_reload=true
  • https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pe...
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
Requested by
Host: microsoft-docusigns.pn-prabumulih.go.id
URL: https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
df42461e9a861cfd58a67461108454cfa602971c75b8e1536e8793258a0ac7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://microsoft-docusigns.pn-prabumulih.go.id/?username=sharon.pearce@tmf-group.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-cache,no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 25 Nov 2022 09:04:59 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-type
text/html; charset=utf-8
date
Fri, 25 Nov 2022 09:04:58 GMT
location
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1#
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://641c2bda-6dc6-42d8-93dd-db4b280842c4-242ed0f1.pn-prabumulih.go.id/api/report?catId=GW+estsfd+ams2"}]}
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-ms-ests-server
2.1.14167.14 - NEULR2 ProdSlices
x-ms-request-id
29b0a5f0-f749-4489-a27d-967d02d4e300
style.css
4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/portal/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/portal/css/style.css?id=83A9CB425C23E3BCD689A13356FECF221D6366C6D307A6B194E1F5D47D980F41
Requested by
Host: 4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id
URL: https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ce730ff9e448a42b0b188d3b191938bd23fcc11e0dd020d3ec25e70df9e02198
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 09:05:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-allow-headers
*
logo.png
4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/portal/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/portal/logo/logo.png?id=D13A90AC73B59F49C9082B039B64980040EE9135557EF4791DD5DFFAF3F3E709
Requested by
Host: 4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id
URL: https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d13a90ac73b59f49c9082b039b64980040ee9135557ef4791dd5dffaf3f3e709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Nov 2022 09:05:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
D13A90AC73B59F49C9082B039B64980040EE9135557EF4791DD5DFFAF3F3E709
access-control-allow-headers
*
content-type
image/png
illustration.png
4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/portal/illustration/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/portal/illustration/illustration.png?id=B94059EF57DAFC048D65BC3D37B38431FA69B6ACBD80FA7A1B45DFAA5C26B750
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.24.169 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b94059ef57dafc048d65bc3d37b38431fa69b6acbd80fa7a1b45dfaa5c26b750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://4474dacf-6fd1-4dba-ad94-0eebc3f3ed6e-242ed0f1.pn-prabumulih.go.id/adfs/ls/?login_hint=sharon.pearce%40tmf-group.com&client-request-id=393287cc-05cb-4707-8f1f-25811ae1b40d&username=sharon.pearce%40tmf-group.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuATOtBtZnmZld--XV22UeriFdxWjMmEj9C8wMr5gZJzEJF2ckViUn6dXkJpYlJzqUJKbpptelF9aAFJ0i0nQvyjdMyW82C01JbUosSQzP-8RMz4dF1gEXrHwGDBbcXBwCTBIMCgw_GBhXMQKdOWHpRs0Pb93uiyqnVbLdOUxwylW_TTj4rLSvArzkNTM0hLv0BBX71SvQKOkkPRsi_Sk5CBvR6MQIx_tnODKEFdbQyvDCWxCE9iYTrExfGBj7GBnmMXOcICT8QAvww--692fmw_d2PzWAwA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Nov 2022 09:05:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
B94059EF57DAFC048D65BC3D37B38431FA69B6ACBD80FA7A1B45DFAA5C26B750
access-control-allow-headers
*
content-type
image/png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage object| checkidp_OtherRpPanel

3 Cookies

Domain/Path Name / Value
.pn-prabumulih.go.id/ Name: lXytqx
Value: MjQyZWQwZjEtNmMxMS00N2I4LTg0NjgtMDk2ODg0MjBmODdjOjI2OWIzMjg4LWU2Y2MtNDA1MS04MzcwLTIxMDRhMjlmY2RlYg==
.microsoft-docusigns.pn-prabumulih.go.id/ Name: AADSSO
Value: NA|NoExtension
microsoft-docusigns.pn-prabumulih.go.id/ Name: SSOCOOKIEPULLED
Value: 1