urlscan.io logo urlscan.io
SecurityTrails logo

sso.staging.pajakku.com Open in urlscan Pro
2606:4700:3037::ac43:c1e2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ebilling-psiap.staging.sobatpajak.com/
Effective URL: https://sso.staging.pajakku.com/auth/oauth/login?client_id=sDOLHDG7QBGQkLzDm4BiZhxJr0SYVG5u1fXfRHmA&state=d-billing-state&redire...
Submission: On October 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3037::ac43:c1e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is sso.staging.pajakku.com.
TLS certificate: Issued by E1 on September 25th 2023. Valid for: 3 months.
This is the only time sso.staging.pajakku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 103.131.94.68 138092 (IDNIC-NEB...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
17 5
Domain Requested by
14 ebilling-psiap.staging.sobatpajak.com 1 redirects ebilling-psiap.staging.sobatpajak.com
2 user.sobatpajak.com ebilling-psiap.staging.sobatpajak.com
1 sso.staging.pajakku.com ebilling-psiap.staging.sobatpajak.com
1 fonts.gstatic.com ebilling-psiap.staging.sobatpajak.com
17 4

This site contains links to these domains. Also see Links.

Domain
cloudflare.com
Subject Issuer Validity Valid
*
*		 2020-07-24 -
2021-07-24		 a year crt.sh
sobatpajak.com
GTS CA 1P5		 2023-10-01 -
2023-12-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.staging.pajakku.com
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sso.staging.pajakku.com/auth/oauth/login?client_id=sDOLHDG7QBGQkLzDm4BiZhxJr0SYVG5u1fXfRHmA&state=d-billing-state&redirect_uri=https%3A%2F%2Febilling-psiap.staging.sobatpajak.com
Frame ID: 7817D7C57473E662AECE9675209202E0
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Denied

Page URL History Show full URLs

  1. https://ebilling-psiap.staging.sobatpajak.com/ Page URL
  2. https://sso.staging.pajakku.com/auth/oauth/login?client_id=sDOLHDG7QBGQkLzDm4BiZhxJr0SYVG5u1fXfRHmA&state=d-... Page URL

Page Statistics

17
Requests

24 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

1821 kB
Transfer

2101 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ebilling-psiap.staging.sobatpajak.com/ Page URL
  2. https://sso.staging.pajakku.com/auth/oauth/login?client_id=sDOLHDG7QBGQkLzDm4BiZhxJr0SYVG5u1fXfRHmA&state=d-billing-state&redirect_uri=https%3A%2F%2Febilling-psiap.staging.sobatpajak.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ebilling-psiap.staging.sobatpajak.com//api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com HTTP 308
  • https://ebilling-psiap.staging.sobatpajak.com/api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ebilling-psiap.staging.sobatpajak.com/ 		39 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
0791d6870ab8d52c3e2330dd79c7d4ae9d2a3d76788cc0f621dd43a5b7f8812e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 20 Oct 2023 10:25:30 GMT
etag
W/"tnavz5a50sv4v"
expires
-1
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=15768000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
fb807c672eae189a.css
ebilling-psiap.staging.sobatpajak.com/_next/static/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/css/fb807c672eae189a.css
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
14f008cf724c1bca99692b0e2a3733b004ccfa54f41dd3f40204ebb8f12a7dc9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
5961
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"1749-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
webpack-ec5639a1e81dcf5c.js
ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/webpack-ec5639a1e81dcf5c.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
ec55b629b417f809dfb231ab7a816915e7068d4870f05d222d858e7ec6159a33
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
4076
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"fec-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
framework-b20e9722cfc7fb3b.js
ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/ 		138 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/framework-b20e9722cfc7fb3b.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
c0b92237de71c45e5d2b56169e0e9b43c1d91f423c943bb3f2b89b6915b4bb5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
141054
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"226fe-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
main-96dcf8479e9a5145.js
ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/main-96dcf8479e9a5145.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
60959684d336b47dfa9d73f8681c48466fb24e01b07ecc5f36ae7a8c19ad0ca2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
92634
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"169da-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
_app-3bd3a5c693ad2dd9.js
ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/ 		459 KB
460 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/_app-3bd3a5c693ad2dd9.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
0f46042619a50b7d6570d758f0c2073efbcb8e1485092c5f493eab9cc4a1427d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
470106
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"72c5a-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
index-40c4941b291e34c1.js
ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/ 		408 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/index-40c4941b291e34c1.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
08f72b1f932efc48b01ce30572cffbacda3616ca1ac88d45375899b1d3b927ed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
408
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"198-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
_buildManifest.js
ebilling-psiap.staging.sobatpajak.com/_next/static/b3j-pS4VoYWHXwBDMKpzh/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/b3j-pS4VoYWHXwBDMKpzh/_buildManifest.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
83fcee4e7ea1c4202418f91dfedf57c9c6b46ab3bb71e61188267be01bd798dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
1183
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"49f-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
_ssgManifest.js
ebilling-psiap.staging.sobatpajak.com/_next/static/b3j-pS4VoYWHXwBDMKpzh/ 		77 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/static/b3j-pS4VoYWHXwBDMKpzh/_ssgManifest.js
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
content-length
77
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Fri, 20 Oct 2023 06:54:30 GMT
server
nginx
etag
W/"4d-18b4bdd3470"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable, max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
doodle-website-16c543067a40a3211d208661c65a3ff0.png
user.sobatpajak.com/images/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.sobatpajak.com/images/doodle-website-16c543067a40a3211d208661c65a3ff0.png
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/_next/static/css/fb807c672eae189a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
138843
last-modified
Wed, 01 Dec 2021 05:09:00 GMT
server
cloudflare
etag
W/"21e5b-17d74655de0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXu5MNpPWiVZMGuhgL5SsJzeZPIlWbwrUkJKFAIqwNhs1LNtIwQTzMZ9abtchfroRt5Jq3zDD9sxZNTWmZ6DBUA6nRslVtZSLp%2Fxru%2F5MzEx9R4q2WD%2FKTr%2BgV27dcgUquJBcsHt2rY49XcKKMaXouJ8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
81908eaa9cf19b76-FRA
access-control-allow-headers
*
1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I28dnyM.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I28dnyM.woff2
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da2fb26cf1b6baa1a6d0929b5cbf65f4b770d91403cc9da6070fb5e19cfa4aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ebilling-psiap.staging.sobatpajak.com/
Origin
https://ebilling-psiap.staging.sobatpajak.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:47:23 GMT
x-content-type-options
nosniff
age
578288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22796
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:33:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 17:47:23 GMT
logo-sobatpajak-light-26fe423ab3c1cf5e9ffadda3a9cb64cc.svg
user.sobatpajak.com/fonts/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user.sobatpajak.com/fonts/logo-sobatpajak-light-26fe423ab3c1cf5e9ffadda3a9cb64cc.svg
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f9354a36e1ae3755cec9eff1356bba4750ecffd12c9ecc339bf0f5649d260be3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 05:09:00 GMT
server
cloudflare
etag
W/"3d4b-17d74655de0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbi8bxUIu0JIRQqZ7Faebo71sz9QIeyaqQQeZxtfyTh%2Bh6vDf6SiD76O6E3U7mkltX4k9dLxAaENSBx2yaNJ%2FT5nXeUBYYvuR2A5u45t3ccU%2FfqTvzHkV%2F291Zn5I0mumNCy2u%2BV%2FycpfN6JokMpid3F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
81908eaa9cf69b76-FRA
access-control-allow-headers
*
image
ebilling-psiap.staging.sobatpajak.com/_next/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ebilling-psiap.staging.sobatpajak.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flogo-djp-inverse.8d2a3e0f.png&w=32&q=75
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
dac9aba3ef80fb0f16f46a822ffd47b2e0e2c2a71e4d293387dbb82fae0594e0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:25:31 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-permitted-cross-domain-policies
master-only
x-nextjs-cache
STALE
content-disposition
inline; filename="logo-djp-inverse.png"
content-length
3248
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
server
nginx
etag
2smro++A+w8W9GqCL-1HsuDiwqceTSkzh9u4L64FlOA=
x-download-options
noopen
vary
Accept
content-type
image/png
cache-control
public, max-age=315360000, immutable, max-age=0, no-cache, no-store, must-revalidate
expires
-1
version
ebilling-psiap.staging.sobatpajak.com/api/iams/ 		16 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/api/iams/version
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/_app-3bd3a5c693ad2dd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
89969ddab73529210242688ba347492cf9b12d70ec9f48dd5b28dd241e1de22a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 10:25:32 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"44zqe37kddccz"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
16019
x-xss-protection
1; mode=block
expires
-1
version
ebilling-psiap.staging.sobatpajak.com/api/iams/ 		16 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/api/iams/version
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/_app-3bd3a5c693ad2dd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
89969ddab73529210242688ba347492cf9b12d70ec9f48dd5b28dd241e1de22a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
Authorization
Bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 10:25:32 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"44zqe37kddccz"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
16019
x-xss-protection
1; mode=block
expires
-1
login
ebilling-psiap.staging.sobatpajak.com/api/iams/
Redirect Chain
  • https://ebilling-psiap.staging.sobatpajak.com//api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com
  • https://ebilling-psiap.staging.sobatpajak.com/api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com
186 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ebilling-psiap.staging.sobatpajak.com/api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/
Protocol
H2
Server
103.131.94.68 , Indonesia, ASN138092 (IDNIC-NEBULA-AS-ID PT. Nebula Surya Corpora, ID),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 10:25:32 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"hk8pdkwjku56"
x-download-options
noopen
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
186
x-xss-protection
1; mode=block
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 20 Oct 2023 10:25:32 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
x-permitted-cross-domain-policies
master-only
x-download-options
noopen
location
/api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
refresh
0;url=/api/iams/login?redirect_uri=https%253A%252F%252Febilling-psiap.staging.sobatpajak.com
content-length
86
x-xss-protection
1; mode=block
expires
-1
Primary Request login
sso.staging.pajakku.com/auth/oauth/ 		958 KB
714 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.staging.pajakku.com/auth/oauth/login?client_id=sDOLHDG7QBGQkLzDm4BiZhxJr0SYVG5u1fXfRHmA&state=d-billing-state&redirect_uri=https%3A%2F%2Febilling-psiap.staging.sobatpajak.com
Requested by
Host: ebilling-psiap.staging.sobatpajak.com
URL: https://ebilling-psiap.staging.sobatpajak.com/_next/static/chunks/pages/_app-3bd3a5c693ad2dd9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c1e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf8a7c6edda2f61a57c0f09b4be070e18dba74aec6b38ae6503e213c1d10e86
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=15
cf-ray
81908eb7698c4d9c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 10:25:33 GMT
expires
Fri, 20 Oct 2023 10:25:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVft69qY%2BFHa9ftDrCkgTS93oqVp1lyAJJxu1shou8nHy%2BtMa2jQWadd2AD8KJMairO2mcqqXNumOAATAT30S1vqukepE8X2U3aTLyqm6iWAVkkudEP7VU04T7VsjzFHFrx9xq%2F7bT9cs9BtYv1r4F91qfKdQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb6ddff8b9be276a59c056daacf012fa88236d1f8d76cd911e1ea092ccb893a5

Request headers

Referer
Origin
https://sso.staging.pajakku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34de17b4dcd270e40a493c7d0c448b336a378f98dba99c07325f1a6b93029f85

Request headers

Referer
Origin
https://sso.staging.pajakku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e

Request headers

Referer
Origin
https://sso.staging.pajakku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577

Request headers

Referer
Origin
https://sso.staging.pajakku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
font/woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://sso.staging.pajakku.com/auth/oauth/login?client_id=sDOLHDG7QBGQkLzDm4BiZhxJr0SYVG5u1fXfRHmA&state=d-billing-state&redirect_uri=https%3A%2F%2Febilling-psiap.staging.sobatpajak.com
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebilling-psiap.staging.sobatpajak.com
fonts.gstatic.com
sso.staging.pajakku.com
user.sobatpajak.com
103.131.94.68
2606:4700:3030::ac43:a207
2606:4700:3037::ac43:c1e2
2a00:1450:4001:811::2003
0791d6870ab8d52c3e2330dd79c7d4ae9d2a3d76788cc0f621dd43a5b7f8812e
08f72b1f932efc48b01ce30572cffbacda3616ca1ac88d45375899b1d3b927ed
0f46042619a50b7d6570d758f0c2073efbcb8e1485092c5f493eab9cc4a1427d
14f008cf724c1bca99692b0e2a3733b004ccfa54f41dd3f40204ebb8f12a7dc9
34de17b4dcd270e40a493c7d0c448b336a378f98dba99c07325f1a6b93029f85
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
60959684d336b47dfa9d73f8681c48466fb24e01b07ecc5f36ae7a8c19ad0ca2
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
83fcee4e7ea1c4202418f91dfedf57c9c6b46ab3bb71e61188267be01bd798dd
89969ddab73529210242688ba347492cf9b12d70ec9f48dd5b28dd241e1de22a
c0b92237de71c45e5d2b56169e0e9b43c1d91f423c943bb3f2b89b6915b4bb5c
c0bc26da9499372e6b55886d4f2040de764391ecc9cefdd8a5df0284a345120e
cb6ddff8b9be276a59c056daacf012fa88236d1f8d76cd911e1ea092ccb893a5
da2fb26cf1b6baa1a6d0929b5cbf65f4b770d91403cc9da6070fb5e19cfa4aae
dac9aba3ef80fb0f16f46a822ffd47b2e0e2c2a71e4d293387dbb82fae0594e0
ec55b629b417f809dfb231ab7a816915e7068d4870f05d222d858e7ec6159a33
f9354a36e1ae3755cec9eff1356bba4750ecffd12c9ecc339bf0f5649d260be3
fcf8a7c6edda2f61a57c0f09b4be070e18dba74aec6b38ae6503e213c1d10e86