nexpedia.nexa.net.id Open in urlscan Pro
103.247.123.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nexpedia.nexa.net.id/
Effective URL:
https://nexpedia.nexa.net.id/login/login-page
Submission: On September 26 via automatic, source certstream-suspicious (September 26th 2023, 4:51:04 am UTC) — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 103.247.123.238, located in Semarang, Indonesia and belongs to GMEDIA-AS-ID PT Media Sarana Data, ID. The main domain is nexpedia.nexa.net.id.
TLS certificate: Issued by R3 on September 26th 2023. Valid for: 3 months.

This is the only time nexpedia.nexa.net.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	103.247.123.238 103.247.123.238	55666 (GMEDIA-AS...) (GMEDIA-AS-ID PT Media Sarana Data)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
18	5

11 103.247.123.238 (Semarang, Indonesia) 1 redirects

ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID)
PTR: ipv4-238-123-247.as55666.net

nexpedia.nexa.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
document.nexagroup.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	nexagroup.id document.nexagroup.id	480 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 242 accounts.google.com — Cisco Umbrella Rank: 71	51 KB
2	nexa.net.id 1 redirects nexpedia.nexa.net.id	4 KB
1	gstatic.com www.gstatic.com	36 KB
18	4

	Domain	Requested by
9	document.nexagroup.id	nexpedia.nexa.net.id document.nexagroup.id
3	accounts.google.com	apis.google.com nexpedia.nexa.net.id www.gstatic.com
2	apis.google.com	nexpedia.nexa.net.id apis.google.com
2	nexpedia.nexa.net.id	1 redirects
1	www.gstatic.com	accounts.google.com
18	5

This site contains no links.

Subject Issuer	Validity	Valid
nexpedia.nexa.net.id R3	`2023-09-26` - `2023-12-25`	3 months	crt.sh
document.nexagroup.id R3	`2023-09-06` - `2023-12-05`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nexpedia.nexa.net.id/login/login-page
Frame ID: 5E0AAC2A42F589613742776C33CED356
Requests: 14 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: D6E8342707FDF10AF6F587E2D643700D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nexa | Document Control

Page URL History Show full URLs

https://nexpedia.nexa.net.id/ HTTP 302
https://nexpedia.nexa.net.id/login/login-page Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<iframe[^>]*accounts\.google\.com/o/oauth2

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

18
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

569 kB
Transfer

2166 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nexpedia.nexa.net.id/ HTTP 302
https://nexpedia.nexa.net.id/login/login-page Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login-page Show response
nexpedia.nexa.net.id/login/
Redirect Chain

https://nexpedia.nexa.net.id/
https://nexpedia.nexa.net.id/login/login-page

7 KB
3 KB

464ms
463ms

Document
text/html

103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty / PHP/8.1.21
Resource Hash: ccc88412519801b11eeb3b279cf3bd06fcd00db9883a4b3284d596c17a060fd2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 04:50:56 GMT
server: openresty
vary: Accept-Encoding
x-powered-by: PHP/8.1.21
x-served-by: nexpedia.nexa.net.id

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 04:50:55 GMT
location: https://nexpedia.nexa.net.id/login/login-page
server: openresty
x-powered-by: PHP/8.1.21
x-served-by: nexpedia.nexa.net.id

GET
H2 200 dashlite.css
document.nexagroup.id/assets/css/ 862 KB
126 KB 2096ms
382ms Stylesheet
text/css 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/assets/css/dashlite.css?ver=3.1.0
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: 83c105e55db540854c28289bbbda5323d39ab31a2c1cda702bbcef5cb2039528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:58 GMT
content-encoding: gzip
last-modified: Mon, 25 Sep 2023 03:16:30 GMT
server: openresty
etag: "d7905-606266270905b-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-served-by: document.nexagroup.id

GET
H2 200 theme.css
document.nexagroup.id/assets/css/ 167 B
350 B 1908ms
194ms Stylesheet
text/css 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/assets/css/theme.css?ver=3.1.0
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: aa9350342f4d2ad266c8100a2ce0319997f88695b020f527d3a495b256c559e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:58 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 09:11:09 GMT
server: openresty
etag: "a7-604ad1fd064b9-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 148
x-served-by: document.nexagroup.id

GET
H2 200 api.js Show response
apis.google.com/js/ 18 KB
7 KB 74ms
27ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7ae37c4da26c58fbc7e2fc594d22f56f4ad35c1ebf60808fb597640060eac4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 04:50:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7118
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fd7c054f832daeb0"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 04:50:56 GMT

GET
H2 200 nexa-logo.png
document.nexagroup.id/assets/images/ 22 KB
22 KB 301ms
300ms Image
image/png 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://document.nexagroup.id/assets/images/nexa-logo.png
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: ae1681ad9aa7c029de40149c3eaa2dd4c224039c9851b4785aa548324e149304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:59 GMT
last-modified: Wed, 06 Sep 2023 09:11:09 GMT
server: openresty
etag: "5905-604ad1fd250ea"
content-type: image/png
accept-ranges: bytes
content-length: 22789
x-served-by: document.nexagroup.id

GET
H2 200 bundle.js Show response
document.nexagroup.id/js/ 956 KB
293 KB 381ms
381ms Script
text/javascript 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/js/bundle.js?ver=3.1.0
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: c696bdd401f968fa937f14a39a11c0a1305c574dc6716c2c27ccfc6ba9cb3545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:58 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 09:11:10 GMT
server: openresty
etag: "ef072-604ad1fd3913b-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-served-by: document.nexagroup.id

GET
H2 200 scripts.js Show response
document.nexagroup.id/js/ 35 KB
8 KB 351ms
349ms Script
text/javascript 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/js/scripts.js?ver=3.1.0
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: 4ac21674fcccbaaaba83df78827b2f47f5c36391df7bbfbe05a15447ab5518d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:59 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 09:11:10 GMT
server: openresty
etag: "8af3-604ad1fd54aa3-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 7805
x-served-by: document.nexagroup.id

GET
H2 200 axios.js Show response
document.nexagroup.id/js/libs/axios/ 14 KB
5 KB 306ms
305ms Script
text/javascript 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/js/libs/axios/axios.js
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: 24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:59 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 09:11:10 GMT
server: openresty
etag: "3813-604ad1fd3a4c3-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4949
x-served-by: document.nexagroup.id

GET
H2 200 main.js Show response
document.nexagroup.id/js/ 3 KB
1 KB 303ms
302ms Script
text/javascript 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/js/main.js?_=1956127807
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: fb9b51758c05cf80dc56fb7b845c7823b9bacaa04332ac3a64bf768274c5ef8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:59 GMT
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 09:44:09 GMT
server: openresty
etag: "be4-605db5573e7e3-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 1108
x-served-by: document.nexagroup.id

GET
H2 200 login.js Show response
document.nexagroup.id/js/page/ 3 KB
1 KB 304ms
304ms Script
text/javascript 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to

Full URL: https://document.nexagroup.id/js/page/login.js?_=1455633076
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: 9a8439ffbf5f9541a519d9815df531082f859632bc0896370befb997d6c03279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:59 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 09:39:01 GMT
server: openresty
etag: "bf8-6053a545b4452-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 890
x-served-by: document.nexagroup.id

GET
H2 200 nexa-logo.png
document.nexagroup.id/assets/images/ 22 KB
22 KB 302ms
302ms Image
image/png 103.247.123.238
GMEDIA-AS-ID PT M...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://document.nexagroup.id/assets/images/nexa-logo.png
Requested by: Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.123.238 Semarang, Indonesia, ASN55666 (GMEDIA-AS-ID PT Media Sarana Data, ID),
Reverse DNS: ipv4-238-123-247.as55666.net
Software: openresty /
Resource Hash: ae1681ad9aa7c029de40149c3eaa2dd4c224039c9851b4785aa548324e149304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:50:59 GMT
last-modified: Wed, 06 Sep 2023 09:11:09 GMT
server: openresty
etag: "5905-604ad1fd250ea"
content-type: image/png
accept-ranges: bytes
content-length: 22789
x-served-by: document.nexagroup.id

GET Nioicon.ttf
document.nexagroup.id/assets/fonts/ 0
0

GET Nioicon.woff
document.nexagroup.id/assets/fonts/ 0
0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ 118 KB
40 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

044c695cb98da67982392a582e238387e10d7f87280f1c28bcd2f63b118fa9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nexpedia.nexa.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 17:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40879
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 17:31:06 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame D6E8 280 B
1 KB 108ms
58ms Document
text/html 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e888eeba43b804ea7a79b6d04d68ec09c033d6c19c2721cb7886693a994e3dd7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1zD2jbIMd0sZ2NPUowoDgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexpedia.nexa.net.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1zD2jbIMd0sZ2NPUowoDgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 04:51:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.o4VUXTAdA2g.es5.O/d=1/rs=AOaEmlGBksHIfI9qF1vCaedMLVuHcCrrWA/ Frame D6E8 103 KB
36 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.o4VUXTAdA2g.es5.O/d=1/rs=AOaEmlGBksHIfI9qF1vCaedMLVuHcCrrWA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036c88a59a94d21846fee8d56f94484e92f1ab9280f2ed6565f039e730bf69f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 01:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36014
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 02:46:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 01:33:21 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame D6E8 2 KB
916 B 44ms
43ms Other
text/html 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: nexpedia.nexa.net.id
URL: https://nexpedia.nexa.net.id/login/login-page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b6e54ca34d891e76fd802752a30eda23b70eff0246e410c34026bd0b587365b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 04:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame D6E8 49 B
663 B 72ms
72ms XHR
application/json 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fnexpedia.nexa.net.id&client_id=758893127349-brcb7k7qi6voiik7tg0if28mh5icv63i.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.o4VUXTAdA2g.es5.O/d=1/rs=AOaEmlGBksHIfI9qF1vCaedMLVuHcCrrWA/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-wFaQl9qvsRNsNVZ_zw_WyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:51:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-wFaQl9qvsRNsNVZ_zw_WyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 26 Sep 2023 04:51:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: document.nexagroup.id
URL: https://document.nexagroup.id/assets/fonts/Nioicon.ttf

Domain: document.nexagroup.id
URL: https://document.nexagroup.id/assets/fonts/Nioicon.woff

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nexpedia.nexa.net.id/	1970-01-20 15:01:51	Name: XSRF-TOKEN Value: eyJpdiI6ImJCWk1SZkloNi9Ua1BFbzh1NmVZYkE9PSIsInZhbHVlIjoiblY5T3l6WEkwVHlDRUR3dGx2VkNXMkxlUzVuQ3RiWnFSU3VYZTZlRDdKODRXbzAxM1VNcWphamdwampDRUhQSGowbUVwd1N3K1Z4Z1ZIanZON0dwRlRXN0gydWFpUW1IakxveWMrK2xnKzB5YWR2ekhGbFlwTFRvVnVSRVFROSsiLCJtYWMiOiJiZGRmYzMwYmI4N2FjZjM3MzI3NDk1ZTZmMjVlOWZhMTMyMDNhMjQyOTk3YzkxZGFkMzFjOWQwMzRiODMwYWViIiwidGFnIjoiIn0%3D
nexpedia.nexa.net.id/	1970-01-20 15:01:51	Name: laravel_session Value: eyJpdiI6IlFZdDNpN3E5U3B2WFEyWDNhaEdHZ0E9PSIsInZhbHVlIjoicVJWNmo0YlpYaE9USjJ0Uktkck9PYUdNeENLbmtNOFhjSUkyWWlMVDM2Q29LNXBDUFgrNTdycjNwWGpGaTdWa3E2VlhRUUptb3JYQVp6M0gyejdXTXJQR2tDanI0emdzaUFWMTJLc1pEOUFxVjk2WS9WdTdYYTZUbnE2Y3habjQiLCJtYWMiOiJmZDAyNWE0MjI3Njc2M2Y0YWQ4YmNlODFlMzhkZTY1OTEwNDMwZTM4YmU4YzM0ZmRlODczZmY2MjhjYTI1MmU2IiwidGFnIjoiIn0%3D
.nexpedia.nexa.net.id/	1970-01-21 00:37:43	Name: G_ENABLED_IDPS Value: google
.google.com/	1970-01-20 19:25:15	Name: NID Value: 511=BdQC0B38IIQdL_GQlKaYQexg-GSQI69tIMeImSLHXztLeJRM5w-pw0Nw-qgmn7x7XrkLdn2CsEGw1hDMV1hfk191UVqd3Sg902BCr8ATt9x7UagJi9I5SemRokD-roGQP_1m2qjVyJQ0IKmXGps4ozTGCdfCv-L1dfcRo-janKo

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://nexpedia.nexa.net.id/login/login-page Message: Access to font at 'https://document.nexagroup.id/assets/fonts/Nioicon.ttf' from origin 'https://nexpedia.nexa.net.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://document.nexagroup.id/assets/fonts/Nioicon.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nexpedia.nexa.net.id/login/login-page Message: Access to font at 'https://document.nexagroup.id/assets/fonts/Nioicon.woff' from origin 'https://nexpedia.nexa.net.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://document.nexagroup.id/assets/fonts/Nioicon.woff Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs(Line 186) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
document.nexagroup.id
nexpedia.nexa.net.id
www.gstatic.com
document.nexagroup.id
103.247.123.238
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200d
036c88a59a94d21846fee8d56f94484e92f1ab9280f2ed6565f039e730bf69f8
044c695cb98da67982392a582e238387e10d7f87280f1c28bcd2f63b118fa9c9
0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
4ac21674fcccbaaaba83df78827b2f47f5c36391df7bbfbe05a15447ab5518d8
5b6e54ca34d891e76fd802752a30eda23b70eff0246e410c34026bd0b587365b
7e7ae37c4da26c58fbc7e2fc594d22f56f4ad35c1ebf60808fb597640060eac4
83c105e55db540854c28289bbbda5323d39ab31a2c1cda702bbcef5cb2039528
9a8439ffbf5f9541a519d9815df531082f859632bc0896370befb997d6c03279
aa9350342f4d2ad266c8100a2ce0319997f88695b020f527d3a495b256c559e1
ae1681ad9aa7c029de40149c3eaa2dd4c224039c9851b4785aa548324e149304
c696bdd401f968fa937f14a39a11c0a1305c574dc6716c2c27ccfc6ba9cb3545
ccc88412519801b11eeb3b279cf3bd06fcd00db9883a4b3284d596c17a060fd2
e888eeba43b804ea7a79b6d04d68ec09c033d6c19c2721cb7886693a994e3dd7
fb9b51758c05cf80dc56fb7b845c7823b9bacaa04332ac3a64bf768274c5ef8d

nexpedia.nexa.net.id Open in urlscan Pro 103.247.123.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

89 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

569 kBTransfer

2166 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

4 Cookies

7 Console Messages

Indicators

nexpedia.nexa.net.id Open in urlscan Pro
103.247.123.238 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

569 kB
Transfer

2166 kB
Size

4
Cookies

18 HTTP transactions
0 data transactions