wedesatu.com Open in urlscan Pro
45.194.53.13  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://wsatu.carakerja.online/ Page URL
2. https://wedesatu.com/register?ref=2M3TMAA13CR Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response wsatu.carakerja.online/	9 KB 3 KB	1158ms 201ms	Document text/html	202.10.43.28 CRI-AS-AP CV. Rum...
General Check archive.org Show headers Download Go to Full URL https://wsatu.carakerja.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 202.10.43.28 , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID), Reverse DNS sindoro.dua.rumahweb.net Software LiteSpeed / Resource Hash c881e28512a4e9ecb86a30f32d4017ce4d74cb5d1984b66117b419825e19a786 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 2488 content-type text/html date Thu, 14 Nov 2024 17:20:22 GMT last-modified Thu, 14 Nov 2024 10:36:58 GMT server LiteSpeed vary Accept-Encoding
GET		300 via.placeholder.com/	0 0
GET H2	200	lookup Show response www.iplocate.io/api/	406 B 1 KB	695ms 184ms	Fetch application/json	2606:4700:20::681a:b55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.iplocate.io/api/lookup Requested by Host: wsatu.carakerja.online URL: https://wsatu.carakerja.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fec6f7c473171d7cf6275b7ef600cb80e502e8fe34b43e50fe98b44642e211c Security Headers Name Value Content-Security-Policy X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://wsatu.carakerja.online/ Response headers access-control-max-age 7200 x-request-id 20eda95c-4a7d-4dcf-a991-777cfedf1530 access-control-expose-headers x-ratelimit-limit, x-ratelimit-reset, x-ratelimit-remaining content-encoding br cf-cache-status DYNAMIC etag W/"0fec6f7c473171d7cf6275b7ef600cb8" x-permitted-cross-domain-policies none report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5tDkB2RqWS9aF4XD%2FKEHJbRjyBSytgw96n0mBT7yy1FbFAJMgvyUJr2eDgPAYS9yvjTa1ofVIklPBhAYGnEg7hsL0ypJo%2FFfg0FEen7Dh1B%2FRuA1VFACi6voxJqXua4azQ28YsAWLhGjDA%2BNA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS x-content-type-options nosniff server-timing cfL4;desc="?proto=TCP&rtt=24914&sent=10&recv=11&lost=0&retrans=1&sent_bytes=4038&recv_bytes=2245&delivery_rate=139277&cwnd=253&unsent_bytes=0&cid=caa4bd29881d0fd3&ts=527&x=0" date Thu, 14 Nov 2024 17:20:24 GMT content-type application/json; charset=utf-8 vary Origin x-runtime 0.008702 x-frame-options SAMEORIGIN content-security-policy cache-control max-age=0, private, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-ratelimit-reset 2024-11-15 00:00:00 +0000 referrer-policy strict-origin-when-cross-origin x-download-options noopen x-ratelimit-remaining 49 cf-ray 8e28ac06f979903a-FRA x-ratelimit-client-id 2a01:4a0:5a::8 access-control-allow-origin * x-xss-protection 1; mode=block x-ratelimit-limit 50 server cloudflare
POST H2	200	kucing www.menghijau.com/api/v1/	92 B 507 B	483ms 438ms	Fetch application/json	37.44.244.121 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.menghijau.com/api/v1/kucing Requested by Host: wsatu.carakerja.online URL: https://wsatu.carakerja.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.44.244.121 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software nginx/1.26.1 / Resource Hash Request headers ip 2a01:04a0:005a:0000:0000:0000:0000:0008 api {"ip":"2a01:04a0:005a:0000:0000:0000:0000:0008","country":"Germany","country_code":"DE","is_eu":true,"city":"Erlangen","continent":"Europe","latitude":49.5985,"longitude":10.997,"time_zone":"Europe/Berlin","postal_code":"91054","subdivision":"Bavaria","subdivision2":null,"network":"2a01:4a0:40::/42","org":"Core-Backbone GmbH","asn":"AS201011","asn_network":"2a01:4a0:40::/42","threat":{"is_proxy":false}} Referer https://wsatu.carakerja.online/ value pqdyyx3de7 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-ratelimit-limit 60 cache-control no-cache, private access-control-allow-credentials 1 access-control-allow-methods * x-ratelimit-remaining 59 access-control-allow-origin * date Thu, 14 Nov 2024 17:20:25 GMT accept application/json content-type application/json server nginx/1.26.1 access-control-allow-headers X-Requested-With,Content-Type,X-Token-Auth,Authorization
OPTIONS H2	204	kucing www.menghijau.com/api/v1/ Frame	0 0	782ms 172ms	Preflight	37.44.244.121 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://www.menghijau.com/api/v1/kucing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.44.244.121 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software nginx/1.26.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers api,ip,value Access-Control-Request-Method POST Origin https://wsatu.carakerja.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers api,ip,value access-control-allow-methods POST access-control-allow-origin * access-control-max-age 0 cache-control no-cache, private date Thu, 14 Nov 2024 17:20:25 GMT server nginx/1.26.1 vary Access-Control-Request-Method, Access-Control-Request-Headers
GET H3	403	Primary Request register Show response wedesatu.com/	11 KB 9 KB	208ms 47ms	Document text/html	45.194.53.13 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://wedesatu.com/register?ref=2M3TMAA13CR Requested by Host: wsatu.carakerja.online URL: https://wsatu.carakerja.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d78ff897ebb1ef38224aaccd4c0f491696c53a462493c553893c92c7fb9ebef5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://wsatu.carakerja.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out xRc2N/Ye3BwYw5GcL6O4R+xsTE9RRDI8DbT1d+sg9vIt7LrECigkDVkQGjwHLlqO2pkNbvVFi26gzES6Pi8pSuoYsP2pZNCzkeKQV9XRlN0OMIhpe/rbgh+cqQbWbVwLalnFegXBuitiS9bvDdvEZA==$94316xwOIhn4FW5hpByI/Q== cf-mitigated challenge cf-ray 8e28ac1398638f31-FRA content-encoding zstd content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 14 Nov 2024 17:20:26 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() priority u=0,i referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66PgR5PAHgNpC9xtCFYy14oopnOsJm6CCuAfhIeN%2BPETsotKl5z8%2FpVRv%2FKKq%2BrnaWcM9aCiw2sptanTtitj78kbo2pqZZGN8UNlb1O8dFcOnO%2B1tVTeADaSC%2B8QSFA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=33646&sent=12&recv=8&lost=1&retrans=0&sent_bytes=4333&recv_bytes=4433&delivery_rate=93681&cwnd=12000&unsent_bytes=0&cid=98fbc21dd9f7d6e7&ts=168&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H3	200	v1 Show response wedesatu.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	108 KB 43 KB	34ms 33ms	Script application/javascript	45.194.53.13 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://wedesatu.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e28ac1398638f31 Requested by Host: wedesatu.com URL: https://wedesatu.com/register?ref=2M3TMAA13CR Protocol H3 Security QUIC, , AES_128_GCM Server 45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e8a5b088f938e6725351f6a580c3c36bcebb342d7478d9937aad12abe1c67817 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://wedesatu.com/register?ref=2M3TMAA13CR&__cf_chl_rt_tk=3RUGSbHS.MpsO7AaezTcaDJ4t3FfvlYhgpKpOhjEOF8-1731604826-1.0.1.1-9pnvyKFFrcXOWzrVUcU0qzOCABrXwaESNzfUyxtxHjE Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPAfB%2FcoWwH%2FJT20KEZEpi0S6zWMeFfuSXIbhO4gE%2FV8g7k1Lj7THMr1GKbVfDaiGKMRIsVqTxEiw1VCrQt0c6lnAdpf5iR%2FqkEgimLEtNuyuGXpz3OUbhSssCkDc6w%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e28ac16abcf8f31-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31907&sent=23&recv=16&lost=1&retrans=0&sent_bytes=14213&recv_bytes=5284&delivery_rate=343315&cwnd=12000&unsent_bytes=0&cid=98fbc21dd9f7d6e7&ts=663&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 14 Nov 2024 17:20:26 GMT content-type application/javascript; charset=UTF-8 server cloudflare priority u=3,i=?0
GET		9f4e8e84-1c0a-48db-b1c6-c39af5ba559b https://wedesatu.com/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/	47 KB 16 KB	387ms 151ms	Script application/javascript	104.18.95.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit Requested by Host: wedesatu.com URL: https://wedesatu.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e28ac1398638f31 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://wedesatu.com Referer Response headers server cloudflare cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public content-encoding br cross-origin-resource-policy cross-origin cf-ray 8e28ac19efc2dc6c-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Thu, 14 Nov 2024 17:20:27 GMT content-type application/javascript; charset=UTF-8 last-modified Mon, 28 Oct 2024 19:08:47 GMT vary Accept-Encoding priority u=3,i=?0
GET H3	403	favicon.ico wedesatu.com/	8 KB 8 KB	287ms 165ms	Image text/html	45.194.53.13 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://wedesatu.com/favicon.ico Requested by Host: wedesatu.com URL: https://wedesatu.com/register?ref=2M3TMAA13CR Protocol H3 Security QUIC, , AES_128_GCM Server 45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c755de5e5881f89ee50a89035f26d40f5dd2497c3dc1bfc625571382590b4385 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://wedesatu.com/register?ref=2M3TMAA13CR Response headers content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyMX%2FQthQa9OUsVZWAzNQ%2BVpYYM4Vev%2Bpwg%2FCOSKPUSkdV65cGsSunCTHJy4oEzssb4gp2Zni4GJCa70UqldepHCdhC%2FfJV4SgqVkbjjFm7tV%2Fu3UJLnxrNxc5nQekI%3D"}],"group":"cf-nel","max_age":604800} critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22976&sent=65&recv=37&lost=1&retrans=0&sent_bytes=59437&recv_bytes=6623&delivery_rate=1037743&cwnd=30000&unsent_bytes=0&cid=98fbc21dd9f7d6e7&ts=970&x=1", cfExtPri, cfHdrFlush;dur=0 x-content-options nosniff date Thu, 14 Nov 2024 17:20:26 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding priority u=3,i x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out +qm6n9EwB3APVKKhhRu6OYyP7bke6OnKo8vySWq/7dbCA/BkKiHev3QcD9ProVT612Y19K2frVlHW9ZSk+lTScWhySlsdma4OdVlSpseTJ+hmzy1XBBJdutASUmUzaUTMwSsgTe/4FKS3j03SmxcjA==$RD42mktztaGI8Qq6Xg4NQA== cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-resource-policy same-origin referrer-policy same-origin cf-ray 8e28ac189dc68f31-FRA cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare
POST H3	200	dp6LModH7lt1933NRBSVGp.lArq1qwQzljjI4Q0ud0k-1731604826-1.2.1.1-lVYbzQLT7hUiy6VohRFlngXYcCTaykLYhleoP_MdemfUz9GLw2YkXCS22gvwX59l Show response wedesatu.com/cdn-cgi/challenge-platform/h/b/flow/ov1/168468015:1731602277:OEy4R2lzINbKeOT3ZeVij5icopJNkdsRBiX1qwb-aV0/8e28ac1398638f31/	13 KB 10 KB	218ms 59ms	XHR text/plain	45.194.53.13 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://wedesatu.com/cdn-cgi/challenge-platform/h/b/flow/ov1/168468015:1731602277:OEy4R2lzINbKeOT3ZeVij5icopJNkdsRBiX1qwb-aV0/8e28ac1398638f31/dp6LModH7lt1933NRBSVGp.lArq1qwQzljjI4Q0ud0k-1731604826-1.2.1.1-lVYbzQLT7hUiy6VohRFlngXYcCTaykLYhleoP_MdemfUz9GLw2YkXCS22gvwX59l Requested by Host: wedesatu.com URL: https://wedesatu.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e28ac1398638f31 Protocol H3 Security QUIC, , AES_128_GCM Server 45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6900761e0f52facaabf13553788bf57db76dc47fac21b6ac8e048b6add603e2f Request headers Referer https://wedesatu.com/register?ref=2M3TMAA13CR User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded CF-Challenge dp6LModH7lt1933NRBSVGp.lArq1qwQzljjI4Q0ud0k-1731604826-1.2.1.1-lVYbzQLT7hUiy6VohRFlngXYcCTaykLYhleoP_MdemfUz9GLw2YkXCS22gvwX59l Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tvcdp4W9WtMtjmWjfrmNgoGrlY3vtS4d01JQTTXllNsB8tzGVk3W7ke8M3jMksw2xas%2F6kvNKbwB%2BOu%2F57SyD14UgNWpvTvqiOwZ4lZJ1%2B0vqSHoqiV9b5ovASQtfo4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e28ac192e3d8f31-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=30063&sent=74&recv=46&lost=1&retrans=0&sent_bytes=67180&recv_bytes=12052&delivery_rate=26893&cwnd=30000&unsent_bytes=0&cid=98fbc21dd9f7d6e7&ts=1166&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 14 Nov 2024 17:20:27 GMT content-type text/plain; charset=UTF-8 cf-chl-gen qDYmPmezz7tcsifcIuvP++tegqPV98OBczAlMjHkdYeZNjCsEWhouCXrBB40ai1gIbxxnG44/qs=$hFh0uY7/DLP1UXVO server cloudflare priority u=1,i
GET		2819d200-faa2-44df-827a-1cac9c8e7ce4 https://wedesatu.com/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59s8r/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame E796	0 0	75ms 74ms	Document text/html	104.18.94.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/59s8r/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8e28ac1b4adf65cc-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 17:20:27 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() priority u=0,i referrer-policy same-origin server cloudflare server-timing cfExtPri
GET H3	403	favicon.ico wedesatu.com/	8 KB 7 KB	32ms 31ms	Other text/html	45.194.53.13 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://wedesatu.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0b59ba44ad6fc1875c68444f431f4e6d40fcbde40bea596f54e7b4f16b0bfe0f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://wedesatu.com/register?ref=2M3TMAA13CR Response headers content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cacXA25fgsIwwHchlBKaDexqcTip8ZHPkNGhrPIb5PYOvJouWjgCHHjgF37t6CII2ek1OIKhl0rxQxEGwBWhoB72uQfcsZz9fFJm8o5o5dVOUi6BIVaG0%2FNYkX2ai4k%3D"}],"group":"cf-nel","max_age":604800} critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26905&sent=84&recv=52&lost=1&retrans=0&sent_bytes=77231&recv_bytes=12757&delivery_rate=70627&cwnd=30000&unsent_bytes=0&cid=98fbc21dd9f7d6e7&ts=1664&x=1", cfExtPri, cfHdrFlush;dur=0 x-content-options nosniff date Thu, 14 Nov 2024 17:20:27 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding priority u=1,i x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out lmLX9cUkTm2vWWUQiqN6MfFnqGUIjoD/zpJO0FR23PyKpYD19nKYl1UQoQqY3gVnDyfS1W7wz6HktImG/A5FlIJ/t4q6PlyKjRSnUhpU3S3cqT9jagiPMjmBWc57gy728VDfWIr/Xa5qfirqgGaqZg==$avmBtbxq+vN/G5240joYmg== cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-resource-policy same-origin referrer-policy same-origin cf-ray 8e28ac1cfa858f31-FRA cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

via.placeholder.com

URL

https://via.placeholder.com/300

Domain

wedesatu.com

URL

blob:https://wedesatu.com/9f4e8e84-1c0a-48db-b1c6-c39af5ba559b

Domain

wedesatu.com

URL

blob:https://wedesatu.com/2819d200-faa2-44df-827a-1cac9c8e7ce4

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| LHBfo4 function| Hflll3 function| dSYW4 object| bosx7 object| CKFVO1 function| ffEge4 function| KgUqI5 function| FSJw6 function| clJo2 boolean| HUIps4 function| hHfja4 object| djRVl6 number| iDKaN3 object| angular object| mJquG1 function| _ string| QrYdH7 object| turnstile boolean| xafPL6 boolean| IXMd3

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wedesatu.com/	1970-01-21 01:00:06	Name: __cf_bm Value: FvuPsOSGazaBbUHuW4R82mP5Lh7aQ.tgzSfFWYlHsIc-1731604826-1.0.1.1-7B7IHQHDJcZ95XIXuZ0imUNfB5WIJe.KgQX6EHL.iZ5rPKtoJWCKSkuAAR7xDn6XNbRwex96sPchogOS_BuLqw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wedesatu.com/register?ref=2M3TMAA13CR Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://wedesatu.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://wedesatu.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
via.placeholder.com
wedesatu.com
wsatu.carakerja.online
www.iplocate.io
www.menghijau.com
via.placeholder.com
wedesatu.com
104.18.94.41
104.18.95.41
202.10.43.28
2606:4700:20::681a:b55
37.44.244.121
45.194.53.13
0b59ba44ad6fc1875c68444f431f4e6d40fcbde40bea596f54e7b4f16b0bfe0f
0fec6f7c473171d7cf6275b7ef600cb80e502e8fe34b43e50fe98b44642e211c
6900761e0f52facaabf13553788bf57db76dc47fac21b6ac8e048b6add603e2f
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7
c755de5e5881f89ee50a89035f26d40f5dd2497c3dc1bfc625571382590b4385
c881e28512a4e9ecb86a30f32d4017ce4d74cb5d1984b66117b419825e19a786
d78ff897ebb1ef38224aaccd4c0f491696c53a462493c553893c92c7fb9ebef5
e8a5b088f938e6725351f6a580c3c36bcebb342d7478d9937aad12abe1c67817