blc-api-mobile2.bersatulawancovid.id Open in urlscan Pro
103.10.120.233  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response blc-api-mobile2.bersatulawancovid.id/	4 KB 1 KB	669ms 223ms	Document text/html	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash eb44da023d3e8ccb44ce5e16f1f1f1cff354ecd785f2240277da46596470e5f4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers :method GET :authority blc-api-mobile2.bersatulawancovid.id :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Sat, 03 Oct 2020 14:11:58 GMT content-type text/html; charset=utf-8 x-dns-prefetch-control off x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen x-content-type-options nosniff nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block 1; mode=block etag "e22-UGa650wBS/3rICJxelD6X+bTISM" accept-ranges none vary Accept-Encoding content-encoding gzip
GET H2	200	runtime.c54e5aa.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/	3 KB 2 KB	222ms 219ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/runtime.c54e5aa.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash ec873a39d0eeec8c3225fbb6fba9ba0666d0051ec806b8f8a3a67270a771b06e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:11:58 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"ba6-174baef1798" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	commons.app.7d72152.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/	205 KB 69 KB	414ms 412ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/commons.app.7d72152.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash 87173ba61364d83f4c87cf1eadaf4582ae03603f1e7edf6655cee5e17a0ba0be Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:11:58 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"33299-174baef1780" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	vendors.app.4e18c9a.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/	4 MB 1 MB	417ms 414ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/vendors.app.4e18c9a.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash 9aeae4a60fdcfed76b4934322afc99cf21d3c81d0ca1423d069baba58baf34b8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:11:58 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"3d7d47-174baef1798" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	app.25fa394.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/	105 KB 29 KB	418ms 416ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/app.25fa394.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash 07bdfca6be771ac7dc344fd2cbb15104796301fc40423533056adde8e7180aeb Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:11:58 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"1a281-174baef1780" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	jquery.min.js Show response blc-api-mobile2.bersatulawancovid.id/external/jquery/	85 KB 30 KB	414ms 413ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/external/jquery/jquery.min.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash 892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:11:58 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Mon, 20 Jul 2020 20:52:42 GMT server nginx x-frame-options SAMEORIGIN etag W/"152b4-1736e000590" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes
GET H2	200	20.84b42ad.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/	4 KB 2 KB	218ms 218ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/20.84b42ad.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/_nuxt/runtime.c54e5aa.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash b247d0d7c15e50a0477a3079f1d664b0ab8c5a4546c1b7c9d1caf6f266454cf5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:00 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"1138-174baef17a4" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	index.ac5bfa2.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/pages/	338 B 705 B	218ms 218ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/pages/index.ac5bfa2.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/_nuxt/runtime.c54e5aa.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash d78f784691a5d2de5194fb2ad90f5dac20427e09d4095f357694f6e9dc68e520 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:00 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"152-174baef1780" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	login.f0bd097.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/pages/auth/	4 KB 2 KB	218ms 218ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/pages/auth/login.f0bd097.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/_nuxt/runtime.c54e5aa.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash 8ce573d64f8c69f8b38673a17d415ceb2ab054886b7d27d53f1b9da5e2fb4bfa Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:00 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"119d-174baef1798" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	19.11a33f0.js Show response blc-api-mobile2.bersatulawancovid.id/_nuxt/	1 KB 1 KB	219ms 218ms	Script application/javascript	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Full URL https://blc-api-mobile2.bersatulawancovid.id/_nuxt/19.11a33f0.js Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/_nuxt/runtime.c54e5aa.js Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash 55492f5c9c59bd88084ff16628b971e6761347a8d483c8decad8ece32946e55a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/auth/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:01 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 vary Accept-Encoding x-xss-protection 1; mode=block, 1; mode=block last-modified Wed, 23 Sep 2020 12:27:45 GMT server nginx x-frame-options SAMEORIGIN etag W/"5a2-174baef17a4" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	logo.png blc-api-mobile2.bersatulawancovid.id/images/	149 KB 149 KB	217ms 217ms	Image image/png	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Show image Full URL https://blc-api-mobile2.bersatulawancovid.id/images/logo.png Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash c5beeaaceff9ebbf717a0e22d3073a5a1c2ca98f1ee2c3aac87cd6bbeb126a18 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/auth/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:01 GMT x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 content-length 152116 x-xss-protection 1; mode=block, 1; mode=block last-modified Fri, 18 Sep 2020 18:48:14 GMT server nginx x-frame-options SAMEORIGIN etag W/"25234-174a28ba1b0" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type image/png cache-control public, max-age=0 accept-ranges bytes
GET H2	200	tile.png blc-api-mobile2.bersatulawancovid.id/images/	14 KB 14 KB	221ms 221ms	Image image/png	103.10.120.233 SDI-AS-ID PT Sumb...
General Check archive.org Show headers Download Go to Show image Full URL https://blc-api-mobile2.bersatulawancovid.id/images/tile.png Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 103.10.120.233 , Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID), Reverse DNS Software nginx / Resource Hash d47e03e965d7446f79a0473f4175aecb2e0cd5fcc51f4aec0304daa0d1069a87 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:01 GMT x-content-type-options nosniff, nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off status 200 content-length 13905 x-xss-protection 1; mode=block, 1; mode=block last-modified Tue, 18 Aug 2020 18:58:56 GMT server nginx x-frame-options SAMEORIGIN etag W/"3651-17402f04980" x-download-options noopen strict-transport-security max-age=15552000; includeSubDomains content-type image/png cache-control public, max-age=0 accept-ranges bytes
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 1014 B	40ms 18ms	Script text/javascript	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?hl=en Requested by Host: blc-api-mobile2.bersatulawancovid.id URL: https://blc-api-mobile2.bersatulawancovid.id/_nuxt/app.25fa394.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f45068d9955109994e74e581521de618f9f6aea2414383c1aa8096eabc780ee4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://blc-api-mobile2.bersatulawancovid.id/auth/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 14:12:01 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 557 x-xss-protection 1; mode=block expires Sat, 03 Oct 2020 14:12:01 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Y5tQ3lKwn1XL5hGgLz1kR4-1/	340 KB 134 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y5tQ3lKwn1XL5hGgLz1kR4-1/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 01c3a4ce829c1fbf0971eb258b96314724a64d2c5e50b8c088f60328c4f35df1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://blc-api-mobile2.bersatulawancovid.id Referer https://blc-api-mobile2.bersatulawancovid.id/auth/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 03 Oct 2020 13:45:49 GMT content-encoding gzip x-content-type-options nosniff age 1572 status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 136974 x-xss-protection 0 last-modified Mon, 28 Sep 2020 22:01:34 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 03 Oct 2021 13:45:49 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 6633	0 0	37ms 36ms	Document text/html	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcZ3w8TAAAAADqDY7Dj99ekhjI_B6IOw-M-wGlk&co=aHR0cHM6Ly9ibGMtYXBpLW1vYmlsZTIuYmVyc2F0dWxhd2FuY292aWQuaWQ6NDQz&hl=en&v=Y5tQ3lKwn1XL5hGgLz1kR4-1&theme=dark&size=normal&badge=bottomright&cb=aqqrqgplxmmq Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Y5tQ3lKwn1XL5hGgLz1kR4-1/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fvvx4GAuvqS1ThfCgpFk3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LcZ3w8TAAAAADqDY7Dj99ekhjI_B6IOw-M-wGlk&co=aHR0cHM6Ly9ibGMtYXBpLW1vYmlsZTIuYmVyc2F0dWxhd2FuY292aWQuaWQ6NDQz&hl=en&v=Y5tQ3lKwn1XL5hGgLz1kR4-1&theme=dark&size=normal&badge=bottomright&cb=aqqrqgplxmmq pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://blc-api-mobile2.bersatulawancovid.id/auth/login accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://blc-api-mobile2.bersatulawancovid.id/auth/login Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 03 Oct 2020 14:12:01 GMT content-security-policy script-src 'report-sample' 'nonce-fvvx4GAuvqS1ThfCgpFk3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 11071 server GSE alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	bframe www.google.com/recaptcha/api2/ Frame D049	0 0	25ms 24ms	Document text/html	2a00:1450:4001:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=Y5tQ3lKwn1XL5hGgLz1kR4-1&k=6LcZ3w8TAAAAADqDY7Dj99ekhjI_B6IOw-M-wGlk&cb=qjc3n8bb7uz3 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Y5tQ3lKwn1XL5hGgLz1kR4-1/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-owSbHqxHVj7vkvAb58Ir8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=Y5tQ3lKwn1XL5hGgLz1kR4-1&k=6LcZ3w8TAAAAADqDY7Dj99ekhjI_B6IOw-M-wGlk&cb=qjc3n8bb7uz3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://blc-api-mobile2.bersatulawancovid.id/auth/login accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://blc-api-mobile2.bersatulawancovid.id/auth/login Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 03 Oct 2020 14:12:01 GMT content-security-policy script-src 'report-sample' 'nonce-owSbHqxHVj7vkvAb58Ir8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1175 server GSE alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| __NUXT__ object| webpackJsonp function| installComponents object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $workbox object| $nuxt function| recaptchaSuccessCallback function| recaptchaExpiredCallback function| recaptchaErrorCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_367824

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			blc-api-mobile2.bersatulawancovid.id/	1969-12-31 23:59:59	Name: auth.redirect Value: %2F
			blc-api-mobile2.bersatulawancovid.id/	1969-12-31 23:59:59	Name: auth.strategy Value: local

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blc-api-mobile2.bersatulawancovid.id
www.google.com
www.gstatic.com
103.10.120.233
2a00:1450:4001:806::2003
2a00:1450:4001:81d::2004
01c3a4ce829c1fbf0971eb258b96314724a64d2c5e50b8c088f60328c4f35df1
07bdfca6be771ac7dc344fd2cbb15104796301fc40423533056adde8e7180aeb
55492f5c9c59bd88084ff16628b971e6761347a8d483c8decad8ece32946e55a
87173ba61364d83f4c87cf1eadaf4582ae03603f1e7edf6655cee5e17a0ba0be
892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd
8ce573d64f8c69f8b38673a17d415ceb2ab054886b7d27d53f1b9da5e2fb4bfa
9aeae4a60fdcfed76b4934322afc99cf21d3c81d0ca1423d069baba58baf34b8
b247d0d7c15e50a0477a3079f1d664b0ab8c5a4546c1b7c9d1caf6f266454cf5
c5beeaaceff9ebbf717a0e22d3073a5a1c2ca98f1ee2c3aac87cd6bbeb126a18
d47e03e965d7446f79a0473f4175aecb2e0cd5fcc51f4aec0304daa0d1069a87
d78f784691a5d2de5194fb2ad90f5dac20427e09d4095f357694f6e9dc68e520
eb44da023d3e8ccb44ce5e16f1f1f1cff354ecd785f2240277da46596470e5f4
ec873a39d0eeec8c3225fbb6fba9ba0666d0051ec806b8f8a3a67270a771b06e
f45068d9955109994e74e581521de618f9f6aea2414383c1aa8096eabc780ee4