web.sman1ciawigebang.sch.id Open in urlscan Pro
103.178.174.211 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://web.sman1ciawigebang.sch.id/add/
Submission: On August 30 via manual (August 30th 2022, 11:23:12 am UTC) from FR — Scanned from FR

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 103.178.174.211, located in Cirebon, Indonesia and belongs to MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID. The main domain is web.sman1ciawigebang.sch.id.

This is the only time web.sman1ciawigebang.sch.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
1 10	103.178.174.211 103.178.174.211	136873 (MEGADATA-...) (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA)
1 2	2606:4700:20:... 2606:4700:20::ac43:4ad5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
14	5

10 103.178.174.211 (Cirebon, Indonesia) 1 redirects

ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID)
PTR: serv02.whmserver.com

web.sman1ciawigebang.sch.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4ad5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sman1ciawigebang.sch.id 1 redirects web.sman1ciawigebang.sch.id	196 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 286 fonts.googleapis.com — Cisco Umbrella Rank: 54	35 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 130305	97 KB
14	4

	Domain	Requested by
10	web.sman1ciawigebang.sch.id	1 redirects web.sman1ciawigebang.sch.id
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.tailwindcss.com	1 redirects web.sman1ciawigebang.sch.id
1	fonts.googleapis.com	web.sman1ciawigebang.sch.id
1	ajax.googleapis.com	web.sman1ciawigebang.sch.id
14	5

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://web.sman1ciawigebang.sch.id/add/
Frame ID: 36FF001E550CF7C645969E42B4DDF6C1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Authentification

Page URL History Show full URLs

http://web.sman1ciawigebang.sch.id/add HTTP 301
http://web.sman1ciawigebang.sch.id/add/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

29 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

353 kB
Transfer

644 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://web.sman1ciawigebang.sch.id/add HTTP 301
http://web.sman1ciawigebang.sch.id/add/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.1.8

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
web.sman1ciawigebang.sch.id/add/
Redirect Chain

http://web.sman1ciawigebang.sch.id/add
http://web.sman1ciawigebang.sch.id/add/

4 KB
2 KB

228ms
228ms

Document
text/html

103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to

Full URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 9d7885f72325a318e1de24c31797155ba3ab5517f14a7b196a77b781a9998edf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 1734
content-type: text/html
date: Tue, 30 Aug 2022 11:23:06 GMT
last-modified: Thu, 25 Aug 2022 08:47:23 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Tue, 30 Aug 2022 11:23:06 GMT
location: http://web.sman1ciawigebang.sch.id/add/
server: LiteSpeed

GET
H2

200

3.1.8 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.1.8

319 KB
97 KB

50ms
50ms

Script
text/javascript

2606:4700:20::ac43:4ad5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.1.8

Requested by

Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/

Protocol

Server

2606:4700:20::ac43:4ad5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1217315
last-modified: Fri, 05 Aug 2022 17:01:21 GMT
server: cloudflare
x-vercel-id: syd1::iad1::5cswb-1659718880314-e36b19295c12
x-vercel-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeIVpaqRZGfWWBq4clglMtM1mjClXQYSymLmcGVznozAVEnYx7qpfIThLo8%2Fx%2B5%2BwhMrz%2FWhROnqUlNd4nEGwt4rC1sanXMBL7g6HPeDKCykw%2Fp7gSHwZAZcQC39NWNylLAMoWIEvU3Ii7mSa9FmUuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 742d270b1b5dd245-CDG

Redirect headers

date: Tue, 30 Aug 2022 11:23:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: syd1::iad1::srnjw-1661857533153-0e0fa79d3cbe
age: 277
x-vercel-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qne%2BdzIJcVDvRbX63AInD0psa1qva3WMB49kHcNa2%2BWVb8J%2FXHbQg%2BjoLiULv%2F0PwQAyI%2ByGTNIUV62IL7XOGd2M6uu4NkMKE6Tgj%2BBYi6Aa6QXkPIc5Pq7xjULCvGUtxPM2QBVOqzmqL4wh7c%2Fr5jA%3D"}],"group":"cf-nel","max_age":604800}
location: /3.1.8
cache-control: max-age=14400
strict-transport-security: max-age=63072000
cf-ray: 742d270abadcd245-CDG
content-length: 0
server: cloudflare

GET
H/1.1 200
OK style.css
web.sman1ciawigebang.sch.id/add/ 2 KB
993 B 230ms
230ms Stylesheet
text/css 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to

Full URL: http://web.sman1ciawigebang.sch.id/add/style.css
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: d37ef1f345d6ce54cd260070cc05ebf2e2277a1ee507d0d8739b8f4895573b08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 02:47:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 623
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H/1.1 200
OK logo.png
web.sman1ciawigebang.sch.id/add/assets/ 2 KB
2 KB 212ms
212ms Image
image/png 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/logo.png
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 01:05:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1560
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H/1.1 200
OK visit.png
web.sman1ciawigebang.sch.id/add/assets/ 14 KB
15 KB 209ms
208ms Image
image/png 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/visit.png
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 10880160d83a8a9b3331085e6802c9331db9e82a5e3164bdbf7d1c8b4ebad8a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 01:52:08 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 14563
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H/1.1 200
OK mvisit.png
web.sman1ciawigebang.sch.id/add/assets/ 14 KB
14 KB 292ms
216ms Image
image/png 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/mvisit.png
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 70932205b3c45b200cf0d0df03197fcb6de4aa48030ff111b1279ed7ea2a5731

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 03:11:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 14290
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H/1.1 200
OK forget.png
web.sman1ciawigebang.sch.id/add/assets/ 16 KB
16 KB 419ms
212ms Image
image/png 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/forget.png
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 3e7038c796bd064c74f34c275ec924f9ff3d307a11855760345517a941f0bf5d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 02:59:57 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 16266
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H/1.1 200
OK footer.png
web.sman1ciawigebang.sch.id/add/assets/ 21 KB
22 KB 419ms
212ms Image
image/png 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/footer.png
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 165dba2a8064c69e644608669d8779c7d395d41d344de1dce967b4db39e67863

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 03:04:03 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 21891
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H/1.1 200
OK mfooter.png
web.sman1ciawigebang.sch.id/add/assets/ 24 KB
24 KB 422ms
215ms Image
image/png 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/mfooter.png
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 16488506ee9f8ccb3ad5c22c86a4b71cca906585646ee901f8be22ab3c7422fa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 03:09:08 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 24215
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 205ms
36ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 08:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 108ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Requested by

Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56d09fab20e26089283df8d787e15c486c2e38705ac234d4f105d389321060b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 10:53:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 11:23:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 11:23:07 GMT

GET
H/1.1 200
OK hero.jpeg
web.sman1ciawigebang.sch.id/add/assets/ 100 KB
100 KB 279ms
219ms Image
image/jpeg 103.178.174.211
MEGADATA-AS-ID PT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://web.sman1ciawigebang.sch.id/add/assets/hero.jpeg
Requested by: Host: web.sman1ciawigebang.sch.id
URL: http://web.sman1ciawigebang.sch.id/add/style.css
Protocol: HTTP/1.1
Server: 103.178.174.211 Cirebon, Indonesia, ASN136873 (MEGADATA-AS-ID PT. MEGA ARTHA LINTAS DATA, ID),
Reverse DNS: serv02.whmserver.com
Software: LiteSpeed /
Resource Hash: 88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://web.sman1ciawigebang.sch.id/add/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:23:07 GMT
last-modified: Thu, 25 Aug 2022 01:09:38 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 102191
expires: Tue, 06 Sep 2022 11:23:07 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 126ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://web.sman1ciawigebang.sch.id
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 489487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:25:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 120ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://web.sman1ciawigebang.sch.id
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 586707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 16:24:40 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.tailwindcss.com
fonts.googleapis.com
fonts.gstatic.com
web.sman1ciawigebang.sch.id
103.178.174.211
2606:4700:20::ac43:4ad5
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
10880160d83a8a9b3331085e6802c9331db9e82a5e3164bdbf7d1c8b4ebad8a5
16488506ee9f8ccb3ad5c22c86a4b71cca906585646ee901f8be22ab3c7422fa
165dba2a8064c69e644608669d8779c7d395d41d344de1dce967b4db39e67863
2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b
3e7038c796bd064c74f34c275ec924f9ff3d307a11855760345517a941f0bf5d
56d09fab20e26089283df8d787e15c486c2e38705ac234d4f105d389321060b5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
70932205b3c45b200cf0d0df03197fcb6de4aa48030ff111b1279ed7ea2a5731
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
9d7885f72325a318e1de24c31797155ba3ab5517f14a7b196a77b781a9998edf
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d37ef1f345d6ce54cd260070cc05ebf2e2277a1ee507d0d8739b8f4895573b08
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77

web.sman1ciawigebang.sch.id Open in urlscan Pro 103.178.174.211 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

29 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

353 kBTransfer

644 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

web.sman1ciawigebang.sch.id Open in urlscan Pro
103.178.174.211 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

29 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

353 kB
Transfer

644 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!