t.rimanggis.com Open in urlscan Pro
35.76.145.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.rimanggis.com/activities_web/track/viewMessage?msgid=05e95326-56f6-40aa-b654-c78a69cf41d4&linkid=5d562bbdc...
Effective URL:
https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
Submission: On March 20 via api (March 20th 2024, 9:11:48 am UTC) from HK — Scanned from JP

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 35.76.145.22, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is t.rimanggis.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 17th 2024. Valid for: a year.

This is the only time t.rimanggis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	35.76.145.22 35.76.145.22	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
1	35.77.191.194 35.77.191.194	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3033::6815:51d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	4

3 35.76.145.22 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-145-22.ap-northeast-1.compute.amazonaws.com

t.rimanggis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.77.191.194 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-191-194.ap-northeast-1.compute.amazonaws.com

ri-plus.rimanggis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:51d7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kornerstone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	kornerstone.com www.kornerstone.com	4 KB
4	rimanggis.com 1 redirects t.rimanggis.com ri-plus.rimanggis.com	105 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	24 KB
10	3

	Domain	Requested by
5	www.kornerstone.com	t.rimanggis.com
3	t.rimanggis.com	1 redirects t.rimanggis.com
2	fonts.googleapis.com	t.rimanggis.com
1	ri-plus.rimanggis.com	t.rimanggis.com
10	4

This site contains no links.

Subject Issuer	Validity	Valid
*.rimanggis.com Amazon RSA 2048 M02	`2024-02-17` - `2025-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
kornerstone.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
Frame ID: 5B1AC1087E95861E8C03A9FE5E6C8FA0
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KORNERSTONE

Page URL History Show full URLs

https://t.rimanggis.com/activities_web/track/viewMessage?msgid=05e95326-56f6-40aa-b654-c78a69cf41d4&... HTTP 302
https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?versio... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

133 kB
Transfer

204 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.rimanggis.com/activities_web/track/viewMessage?msgid=05e95326-56f6-40aa-b654-c78a69cf41d4&linkid=5d562bbdc16f4b1d6fa340ee&version=V1 HTTP 302
https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml Show response
t.rimanggis.com/activities_web/viewMessage/
Redirect Chain

https://t.rimanggis.com/activities_web/track/viewMessage?msgid=05e95326-56f6-40aa-b654-c78a69cf41d4&linkid=5d562bbdc16f4b1d6fa340ee&version=V1
https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

24 KB
24 KB

21ms
21ms

Document
text/html

35.76.145.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.76.145.22 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-76-145-22.ap-northeast-1.compute.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash: 60637b41b74db97e0309b386ea72bc04a14dd32e4a6713871d7221d1493f796f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Length: 24938
Content-Type: text/html;charset=utf-8
Server: Jetty(9.4.9.v20180320)

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
Server: Jetty(9.4.9.v20180320)

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
978 B 91ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway&display=swap

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

950198ebab430cd15def82c2f484072f6bbed93759f7d7cd1ef6ec333bd6f881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 09:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 09:11:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 09:11:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 96 KB
23 KB 113ms
62ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+KR&display=swap

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8682273454a835aa6ee959fe1197383ef0a44cd8c572d955f9c11c26b5f13fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 09:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 08:27:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 09:11:43 GMT

GET
H2 200 9eccb28f-df56-11ee-a9db-faa123a5916e.jpg
ri-plus.rimanggis.com/file/general_images/2024-03/ 80 KB
80 KB 64ms
38ms Image
image/jpeg 35.77.191.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ri-plus.rimanggis.com/file/general_images/2024-03/9eccb28f-df56-11ee-a9db-faa123a5916e.jpg
Requested by: Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.77.191.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-77-191-194.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.25.2 /
Resource Hash: a34f49e1abdbd0c4802ef60422dba41d8cebc9818792e09a76c8ee5e40d432af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:11:43 GMT
x-amz-version-id: K2fsla6YeDKQczuSASY2KhlZcMDGHQQV
x-amz-meta-ctime: 1710127362
x-amz-meta-mode: 33188
x-amz-replication-status: COMPLETED
content-length: 81493
last-modified: Mon, 11 Mar 2024 03:22:43 GMT
server: nginx/1.25.2
etag: "22b385518e371c61677826005a5b1061"
x-amz-meta-uid: 0
content-type: image/jpeg
x-amz-meta-gid: 0
cache-control: max-age=3600
accept-ranges: bytes
x-amz-meta-atime: 1710127362
x-amz-meta-mtime: 1710127362

GET
H2 200 fbw.png
www.kornerstone.com/wp-content/uploads/2017/11/ 449 B
1 KB 236ms
93ms Image
image/png 2606:4700:3033::6815:51d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kornerstone.com/wp-content/uploads/2017/11/fbw.png

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:51d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9989790bd951ebd905d14a854a5125300de38495fc1d0c2394b4959f394b48

Security Headers

Name	Value
Content-Security-Policy	: upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:11:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: : upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 449
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 21:23:56 GMT
server: cloudflare
etag: "5ff8cd6c-1c1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6j7%2BMW1XwelegUfX0T6gxYqk1EM6h8wvqIzAtFsN8xuQFgv7qeHlVuwgwB1ayne1xqxugTwEfwaEfPYrrd1dfi3%2FqFOMzr8YeJtcssf6MKlLt4KzuZyb45q2khVJpiCf3UaZLuvZrnsWm2gZFX9RXmf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
feature-policy: geolocation 'self'
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 867493936e1e5e00-HKG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 inw.png
www.kornerstone.com/wp-content/uploads/2017/11/ 498 B
813 B 253ms
117ms Image
image/png 2606:4700:3033::6815:51d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kornerstone.com/wp-content/uploads/2017/11/inw.png

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:51d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8501f74109b7caa5d23b2ae6f7214131f2d367ff17162ba29d3738ffe36924bf

Security Headers

Name	Value
Content-Security-Policy	: upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:11:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: : upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 498
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 21:23:56 GMT
server: cloudflare
etag: "5ff8cd6c-1f2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpNbfVUJxWz4s%2Bhnm5F%2B69%2FAxLCoAsOJp046oCHnvbIhn%2FzODJr%2BVLppDr%2Bmunkbqh1GvxI0diFE0xY8hM1FVWHtuGOPVMpO6cjjQSkl5ma3PU5Or4h6XyQRXTXrUVMqtoz%2FH0lZv03WH2WDSS1wQARq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
feature-policy: geolocation 'self'
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 867493936e1f5e00-HKG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_whatsapp.png
www.kornerstone.com/wp-content/uploads/2018/03/ 509 B
824 B 240ms
106ms Image
image/png 2606:4700:3033::6815:51d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kornerstone.com/wp-content/uploads/2018/03/icon_whatsapp.png

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:51d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d916116dd040b167f49118a6191e6f9c99213783d3162810ff2fd7fb6b4cff27

Security Headers

Name	Value
Content-Security-Policy	: upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:11:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: : upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 509
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 21:23:58 GMT
server: cloudflare
etag: "5ff8cd6e-1fd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGhACVP0LJ0Knbq5LrziEzTQ7QuLL0Z0%2BltkbKmvIqyu6RocHM7nB8%2BZKHuZuTV7M9aFk9VCaDzE4yMBRm7p%2F77AZh2l1JEddxC8cT36JQG56ScwD49ln0WRZAsgmTZS0jYsUiWHWp%2B%2FFSH7N%2FVHTmY4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
feature-policy: geolocation 'self'
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 867493936e215e00-HKG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 liw.png
www.kornerstone.com/wp-content/uploads/2017/11/ 688 B
1001 B 239ms
105ms Image
image/png 2606:4700:3033::6815:51d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kornerstone.com/wp-content/uploads/2017/11/liw.png

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:51d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64e6f2d2b9c1ad75ce8e32be509b0dcc80e5a43950e0c61b48162f052919aa3

Security Headers

Name	Value
Content-Security-Policy	: upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:11:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: : upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 688
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 21:23:56 GMT
server: cloudflare
etag: "5ff8cd6c-2b0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyUGytTT8RhTTfsC69aXqtSZ5aT4wgz5lpza43qIsYvQmqyGOBdXqDUHUD7D3yCYOm%2BvL8rH%2F5woSh2b0getf0fmoZmOixR%2FtNslr2Wo5t4WlHE9%2FkdKVP7C2SziIxsJn%2FDb1NWkFaFUwfFJax%2Bv7izN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
feature-policy: geolocation 'self'
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 867493936e225e00-HKG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_youtube.png
www.kornerstone.com/wp-content/uploads/2018/03/ 336 B
676 B 237ms
105ms Image
image/png 2606:4700:3033::6815:51d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kornerstone.com/wp-content/uploads/2018/03/icon_youtube.png

Requested by

Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:51d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a59e6d1ef55fdf439c069dfceb9be3d16716e463e35ae178089c709b8ce3b16

Security Headers

Name	Value
Content-Security-Policy	: upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:11:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: : upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
content-length: 336
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jan 2021 21:23:58 GMT
server: cloudflare
etag: "5ff8cd6e-150"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UC3WxkJr4UwAp2QNOwZXXHYWcvs%2Flh2PRuyTb6W%2BJAU5rfIkrN9jI%2Fj3BEBBvV8W%2FBz7woxLWTqC%2FIMQLgTnTzlkcWBDAXiesm4cTdvS%2BAQz5IR6N3OFebeILBiymMBCum%2FTeGbpJWOcRrHNUitz0iBy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
feature-policy: geolocation 'self'
permissions-policy: camera=(), microphone=()
accept-ranges: bytes
cf-ray: 867493936e235e00-HKG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK open
t.rimanggis.com/activities_web/track/ 43 B
177 B 17ms
15ms Image
image/gif 35.76.145.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.rimanggis.com/activities_web/track/open?msgid=05e95326-56f6-40aa-b654-c78a69cf41d4
Requested by: Host: t.rimanggis.com
URL: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.76.145.22 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-76-145-22.ap-northeast-1.compute.amazonaws.com
Software: Jetty(9.4.9.v20180320) /
Resource Hash: 85f7ed0343a0bef0668954921124dec90764b4a7225228e0d56866d4417d1c58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.rimanggis.com/activities_web/viewMessage/05e95326-56f6-40aa-b654-c78a69cf41d4.xhtml?version=V1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Server: Jetty(9.4.9.v20180320)
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif;charset=utf-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
ri-plus.rimanggis.com
t.rimanggis.com
www.kornerstone.com
2404:6800:4004:823::200a
2606:4700:3033::6815:51d7
35.76.145.22
35.77.191.194
4a59e6d1ef55fdf439c069dfceb9be3d16716e463e35ae178089c709b8ce3b16
60637b41b74db97e0309b386ea72bc04a14dd32e4a6713871d7221d1493f796f
8501f74109b7caa5d23b2ae6f7214131f2d367ff17162ba29d3738ffe36924bf
85f7ed0343a0bef0668954921124dec90764b4a7225228e0d56866d4417d1c58
8682273454a835aa6ee959fe1197383ef0a44cd8c572d955f9c11c26b5f13fde
950198ebab430cd15def82c2f484072f6bbed93759f7d7cd1ef6ec333bd6f881
a34f49e1abdbd0c4802ef60422dba41d8cebc9818792e09a76c8ee5e40d432af
d916116dd040b167f49118a6191e6f9c99213783d3162810ff2fd7fb6b4cff27
e64e6f2d2b9c1ad75ce8e32be509b0dcc80e5a43950e0c61b48162f052919aa3
fe9989790bd951ebd905d14a854a5125300de38495fc1d0c2394b4959f394b48

t.rimanggis.com Open in urlscan Pro 35.76.145.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

133 kBTransfer

204 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

t.rimanggis.com Open in urlscan Pro
35.76.145.22 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

133 kB
Transfer

204 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions