urlscan.io logo urlscan.io
SecurityTrails logo

mahadewatoto.net Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Effective URL: https://mahadewatoto.net/
Submission Tags: @phish_report
Submission: On November 20 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 13 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is mahadewatoto.net.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.
This is the only time mahadewatoto.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.65.236.164 135450 (IDNIC-BST...)
2 148.153.240.75 63199 (CDSC-AS1)
1 1 104.20.6.133 13335 (CLOUDFLAR...)
5 188.114.97.3 13335 (CLOUDFLAR...)
2 104.18.94.41 13335 (CLOUDFLAR...)
13 5
2    103.65.236.164 (Indonesia)

ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID)
PTR: server.uinjambi.ac.id
baitululum.fah.uinjambi.ac.id
2    148.153.240.75 (Amman, Jordan)

ASN63199 (CDSC-AS1, US)
g.lazcdn.com
1    104.20.6.133 (None, )

ASN13335 (CLOUDFLARENET, US)
t.ly
5    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
mahadewatoto.net
2    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 mahadewatoto.net
mahadewatoto.net
73 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 lazcdn.com
g.lazcdn.com — Cisco Umbrella Rank: 22832
211 KB
2 uinjambi.ac.id
baitululum.fah.uinjambi.ac.id
80 KB
1 t.ly
t.ly — Cisco Umbrella Rank: 33922
1 KB
13 5
Domain Requested by
5 mahadewatoto.net baitululum.fah.uinjambi.ac.id
mahadewatoto.net
2 challenges.cloudflare.com mahadewatoto.net
challenges.cloudflare.com
2 g.lazcdn.com baitululum.fah.uinjambi.ac.id
2 baitululum.fah.uinjambi.ac.id baitululum.fah.uinjambi.ac.id
1 t.ly 1 redirects
13 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
cpanel.baitululum.fah.uinjambi.ac.id
R11		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.lazcdn.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-06-20 -
2025-07-22		 a year crt.sh
mahadewatoto.net
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mahadewatoto.net/
Frame ID: 48E003514A1C3117A832CAC6E069CC70
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zcasl/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: FEB1E67EFF9EDCC71B7A7F9D828B4FFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pieni hetki...

Page URL History Show full URLs

  1. https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138 Page URL
  2. https://t.ly/uangkoin HTTP 302
    https://mahadewatoto.net/ Page URL

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

380 kB
Transfer

1227 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138 Page URL
  2. https://t.ly/uangkoin HTTP 302
    https://mahadewatoto.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
baitululum.fah.uinjambi.ac.id/lib/ 		426 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.65.236.164 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
server.uinjambi.ac.id
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 09:52:30 GMT
server
LiteSpeed
vary
Accept-Encoding
whatsapp-image-2024-04-19-at-14.47.39-264fe53c-43070740ab79a977db69337d1edb1894.jpg
baitululum.fah.uinjambi.ac.id/public/site/images/bu4n4master/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://baitululum.fah.uinjambi.ac.id/public/site/images/bu4n4master/whatsapp-image-2024-04-19-at-14.47.39-264fe53c-43070740ab79a977db69337d1edb1894.jpg
Requested by
Host: baitululum.fah.uinjambi.ac.id
URL: https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.65.236.164 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
server.uinjambi.ac.id
Software
LiteSpeed /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1251
pragma
no-cache
date
Wed, 20 Nov 2024 09:52:32 GMT
content-type
text/html
server
LiteSpeed
/
g.lazcdn.com/g/ 		556 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js
Requested by
Host: baitululum.fah.uinjambi.ac.id
URL: https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.153.240.75 Amman, Jordan, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
Strict-Transport-Security max-age=360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baitululum.fah.uinjambi.ac.id/

Response headers

content-md5
JifVEYiUXrmAm4B/x/wkKg==
x-oss-storage-class
Standard
content-encoding
br
age
2159
nginx-hit
1
x-oss-object-type
Normal
eagleeye-traceid
2ff6319917320910214377993e
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-type
hwc
x-oss-server-time
1
content-type
application/javascript
x-swift-cachetime
1516
cache-control
max-age=2592000,s-maxage=3600
x-oss-hash-crc64ecma
6996595059999626840
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
ali-swift-global-savetime
1732091022
x-swift-savetime
Wed, 20 Nov 2024 08:58:26 GMT
accept-ranges
bytes
eagleid
a3b55c9717320941937184089e
content-length
185111
x-oss-request-id
673D9C8DA288B2313857A528
x-source-scheme
https
server
openresty
access-control-allow-methods
GET,HEAD
x-ccdn-req-id-46b1
da2a422bfafdba49e1b751928ca4cb95
date
Wed, 20 Nov 2024 09:52:32 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=360000; includeSubDomains
content-security-policy
frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
timing-allow-origin
*
via
EU-GER-frankfurt-EDGE7-CACHE3[2],EU-GER-frankfurt-EDGE7-CACHE3[0,TCP_HIT,1],EU-GER-frankfurt-GLOBAL1-CACHE2[5],EU-GER-frankfurt-GLOBAL1-CACHE3[0,TCP_HIT,3],cache24.l2fr1[0,0,200-0,H], cache34.l2fr1[0,0], ens-cache3.de5[0,0,200-0,H], ens-cache3.de5[2,0]
access-control-allow-origin
*
jssdk
g.lazcdn.com/g/woodpeckerx/ 		60 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js
Requested by
Host: baitululum.fah.uinjambi.ac.id
URL: https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.153.240.75 Amman, Jordan, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
Strict-Transport-Security max-age=360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://baitululum.fah.uinjambi.ac.id/

Response headers

content-md5
mVwXOqBD08wdd0yimKcbdA==
x-oss-storage-class
Standard
content-encoding
br
age
403
nginx-hit
1
x-oss-object-type
Normal
eagleeye-traceid
a3b55c9b17320959254723526e
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-type
hwc
x-oss-server-time
2
content-type
application/javascript
x-swift-cachetime
600
cache-control
max-age=86400,s-maxage=600
x-oss-hash-crc64ecma
17575337766638963859
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
ali-swift-global-savetime
1732095926
x-swift-savetime
Wed, 20 Nov 2024 09:45:26 GMT
accept-ranges
bytes
eagleid
a3b55c9f17320959492031947e
content-length
28714
x-oss-request-id
673DAFB5C9F03B30322E7384
x-source-scheme
https
server
openresty
access-control-allow-methods
GET,HEAD
x-ccdn-req-id-46b1
ca7412ccb72439ce8d1eade33a2ea330
date
Wed, 20 Nov 2024 09:52:32 GMT
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=360000; includeSubDomains
content-security-policy
frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
timing-allow-origin
*
via
EU-GER-frankfurt-EDGE7-CACHE3[3],EU-GER-frankfurt-EDGE7-CACHE4[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE5[6],EU-GER-frankfurt-GLOBAL1-CACHE14[3,TCP_MISS,5],ens-cache31.l2us3[594,594,200-0,M], ens-cache13.l2us3[603,0], ens-cache6.de5[0,0,200-0,H], ens-cache11.de5[2,0]
access-control-allow-origin
*
Primary Request /
mahadewatoto.net/
Redirect Chain
  • https://t.ly/uangkoin
  • https://mahadewatoto.net/
10 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mahadewatoto.net/
Requested by
Host: baitululum.fah.uinjambi.ac.id
URL: https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041a7cd16110b320ec5378d282cfe30bc99c38de38f24c14bf85915236f64596
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://baitululum.fah.uinjambi.ac.id/lib/?reff=panen138
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
PwSw2N0F+IQ19ZlzGS9abVB/M+vFtTCEPdmAB90NTWjSD2eiDGy5E56QCqscoJZiY00CErYaFoaA8A4JMj8PtwaZM4JDxaDTRV4nrhxKFLNg0vd6OTrCA+CfROzK6KoI7ZGfqnvSRcdGVxwdlvrOmg==$lVaFsyD+e1pgKlsNYuJ/rA==
cf-mitigated
challenge
cf-ray
8e578c435a34b8af-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 20 Nov 2024 09:52:33 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTe8HTFKzFsn2kLNakBd9Mc6L90MWaDgt4vntBFVrf32D91UtWarQLW6QJ9%2BLgDn7q04MGrauE7I0I26XG45IkiapVdUapULwc9gkl7skJ8bPFAA6tUgdnFIx3AAdWq7rWCB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=30362&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3916&recv_bytes=2276&delivery_rate=138490&cwnd=33&unsent_bytes=0&cid=ddfb55f694efa9fe&ts=98&x=0"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600, stale-if-error=86400, stale-while-revalidate=600, no-store
cf-cache-status
MISS
cf-ray
8e578c3c499a8d69-HEL
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 09:52:32 GMT
location
https://mahadewatoto.net
server
cloudflare
server-timing
cfCacheStatus;desc="MISS"
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status
302
x-frame-options
SAMEORIGIN
x-whom
tly-app
x-xss-protection
1; mode=block
v1
mahadewatoto.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mahadewatoto.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e578c435a34b8af
Requested by
Host: mahadewatoto.net
URL: https://mahadewatoto.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10299e45d98b98074c3bebd876b5b3a2f99ee36ae27059c41a54db2555dd9c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mahadewatoto.net/?__cf_chl_rt_tk=mWEMc0xHkZ9xS3e8hzVmpaSCWgIW1VTVmdRRc9PYpoU-1732096353-1.0.1.1-3KMLFKBF_n2RIVqeNhR_QOT_I88RUB7LeZgqiypLMX0

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDc0trV22WzFeKfvl34xDRpTRCGku%2BN%2BkmOZRWD0Z1pDqLDx7HPjMOR7BTNIEuT39kxKEyQSqQVxE5dougsVmKmifWLVle3PpK14gQ8qXCZlCf6DfBXpTRuUb78%2Fn8z7PxDp"}],"group":"cf-nel","max_age":604800}
cf-ray
8e578c447babb8af-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=32719&sent=17&recv=13&lost=0&retrans=0&sent_bytes=13264&recv_bytes=2553&delivery_rate=297156&cwnd=37&unsent_bytes=0&cid=ddfb55f694efa9fe&ts=273&x=0"
date
Wed, 20 Nov 2024 09:52:34 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
2c84eaa7-d3f5-4c02-8668-0cde8ad33736
https://mahadewatoto.net/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit
Requested by
Host: mahadewatoto.net
URL: https://mahadewatoto.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e578c435a34b8af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mahadewatoto.net
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8e578c4a3f8fd933-HEL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 09:52:34 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 28 Oct 2024 19:08:47 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
mahadewatoto.net/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mahadewatoto.net/favicon.ico
Requested by
Host: mahadewatoto.net
URL: https://mahadewatoto.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37eaa1469982aca0346fe583f5814e8a9ffe4b2d3d0c7f46aad1f7e80aae3acc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mahadewatoto.net/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMANlS8Vaq6jf1esnkSdnndks50VthHxuwwUEyJBUkAZdv7SNFW%2FHphsHg8Dqm%2BlsjJUfbRaBl51Iy3DfXRVEfypKZsueuolg8NHAyPIPbETrE%2B11HOWZ8CzMovl02cW8KxF"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31477&sent=47&recv=23&lost=0&retrans=0&sent_bytes=53727&recv_bytes=2690&delivery_rate=1121614&cwnd=57&unsent_bytes=0&cid=ddfb55f694efa9fe&ts=408&x=0"
x-content-options
nosniff
date
Wed, 20 Nov 2024 09:52:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
7xzOVKxLM2dpwXjivkrRXgctlNkcqe3hkFkE4Zl3UrIR6WjzTLZ9vUyu4g7Ff71nX/Ztba/KTte7V7j53bZSwiEzFvKQTuOLdd1n+vfpAKck6nB2SdeXIanXoBB/FDhsBYNQKMhnM4Zev/9aiAm8rQ==$PeceSsBbCa7rrd9iYH6oIQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e578c454cd0b8af-AMS
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
6KyuZWROJUUV9F2UeNd2RZk4xrM90UdYo5wFjMAxVkQ-1732096353-1.2.1.1-xN9fgTR7rhbuAYCqap2EA1IRayo3iYyVwHX8EMaZHuxc8nZ0su9mZ_HztvGMXV3Z
mahadewatoto.net/cdn-cgi/challenge-platform/h/b/flow/ov1/2053298860:1732092289:uMk2haQMGfxjrBkGqMPt4MsxMxCv8737Iigtg2unq0g/8e578c435a34b8af/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mahadewatoto.net/cdn-cgi/challenge-platform/h/b/flow/ov1/2053298860:1732092289:uMk2haQMGfxjrBkGqMPt4MsxMxCv8737Iigtg2unq0g/8e578c435a34b8af/6KyuZWROJUUV9F2UeNd2RZk4xrM90UdYo5wFjMAxVkQ-1732096353-1.2.1.1-xN9fgTR7rhbuAYCqap2EA1IRayo3iYyVwHX8EMaZHuxc8nZ0su9mZ_HztvGMXV3Z
Requested by
Host: mahadewatoto.net
URL: https://mahadewatoto.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e578c435a34b8af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d4bde7c4f1d1f8ade8a50a69ca7a939c7282858e5a111c650f0f28986368e8

Request headers

Referer
https://mahadewatoto.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
6KyuZWROJUUV9F2UeNd2RZk4xrM90UdYo5wFjMAxVkQ-1732096353-1.2.1.1-xN9fgTR7rhbuAYCqap2EA1IRayo3iYyVwHX8EMaZHuxc8nZ0su9mZ_HztvGMXV3Z

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fah0AqjWRAaeAQjX7wyYBEHnMOZw%2FQBSkzItC1nNTLoPW46DV5SjPhhoXF%2FzrAmBWXMOPiwYmEnewtEOXfAU5cBXX2UOv2pkshYMulMCC%2ByhN%2BBLkElvkrX%2BFp5R%2BwfL9X5%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8e578c474ed6b8af-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31726&sent=56&recv=28&lost=0&retrans=0&sent_bytes=60106&recv_bytes=7471&delivery_rate=1121614&cwnd=65&unsent_bytes=0&cid=ddfb55f694efa9fe&ts=744&x=0"
date
Wed, 20 Nov 2024 09:52:34 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
PLQ0TWW+0EBfr/e5iRNLQuIz46DiPVNpwtDjy1DhNXl/br7HBaNZEQhUx2bjtC5X9aOCPfWqQ7M=$mkp7dXrFSIwX33eS
server
cloudflare
68c3c399-87b8-4607-80bd-8a448dd8be61
https://mahadewatoto.net/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zcasl/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame FEB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zcasl/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e578c4f9eb44c78-HEL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 09:52:35 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
mahadewatoto.net/ 		8 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mahadewatoto.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04923fdfd0ccc1f413dbdedcf344ba190e80929d20d95f79f6d9466c701d515
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mahadewatoto.net/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJrae8nyXyO2REX4P5E%2FQDqzdhkRAUE5CVbite9QVcJ0JcQYTxcnRjZRa6Jwh%2BMkRZQSOF%2Fn%2BNH72HYy1yAxk4yYKnHvV87%2BQmA3YywhVT4qhHuyBeuUTayvNFF1cL9GdsGr"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=32417&sent=66&recv=31&lost=0&retrans=0&sent_bytes=69873&recv_bytes=7530&delivery_rate=1121614&cwnd=75&unsent_bytes=0&cid=ddfb55f694efa9fe&ts=2491&x=0"
x-content-options
nosniff
date
Wed, 20 Nov 2024 09:52:36 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
HK6nbbNi3XbZHux0nW9CGIRi02M+JHisKdA89f3RO6z8yB19FbsA5Y5U6xb4NtQt+jTBI1aqc+3wCLSqkj6mM/cEYPcmovdKxEiRmxu5i0V/v70q5rc9kORJy98Px89abj+FJ/1cHnGkKsf/DITtbQ==$hXDDvefP9tKwEUuCcz524Q==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e578c5259c0b8af-AMS
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mahadewatoto.net
URL
blob:https://mahadewatoto.net/2c84eaa7-d3f5-4c02-8668-0cde8ad33736
Domain
mahadewatoto.net
URL
blob:https://mahadewatoto.net/68c3c399-87b8-4607-80bd-8a448dd8be61

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| ffEge4 function| KgUqI5 function| FSJw6 function| LHBfo4 function| Hflll3 function| dSYW4 object| bosx7 object| CKFVO1 function| clJo2 boolean| HUIps4 function| hHfja4 object| djRVl6 number| iDKaN3 object| angular object| mJquG1 function| _ string| QrYdH7 object| turnstile boolean| xafPL6 boolean| IXMd3

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://baitululum.fah.uinjambi.ac.id/public/site/images/bu4n4master/whatsapp-image-2024-04-19-at-14.47.39-264fe53c-43070740ab79a977db69337d1edb1894.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mahadewatoto.net/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://mahadewatoto.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://mahadewatoto.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()