urlscan.io logo urlscan.io
SecurityTrails logo

candy.paba-binjai.sch.id Open in urlscan Pro
156.67.211.191  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://candy.paba-binjai.sch.id/
Effective URL: https://candy.paba-binjai.sch.id/login
Submission: On July 24 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 26 HTTP transactions. The main IP is 156.67.211.191, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is candy.paba-binjai.sch.id.
TLS certificate: Issued by R10 on July 24th 2024. Valid for: 3 months.
This is the only time candy.paba-binjai.sch.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 25 156.67.211.191 47583 (AS-HOSTINGER)
2 104.17.111.223 13335 (CLOUDFLAR...)
26 2
Apex Domain
Subdomains		 Transfer
25 paba-binjai.sch.id
candy.paba-binjai.sch.id
482 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
71 KB
26 2
Domain Requested by
25 candy.paba-binjai.sch.id 1 redirects candy.paba-binjai.sch.id
2 cdn.onesignal.com candy.paba-binjai.sch.id
cdn.onesignal.com
26 2

This site contains no links.

Subject Issuer Validity Valid
candy.paba-binjai.sch.id
R10		 2024-07-24 -
2024-10-22		 3 months crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://candy.paba-binjai.sch.id/login
Frame ID: 3001089F9160B3348534F0A35EFB1818
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CBT PABA Binjai

Page URL History Show full URLs

  1. https://candy.paba-binjai.sch.id/ HTTP 307
    https://candy.paba-binjai.sch.id/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

553 kB
Transfer

1825 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://candy.paba-binjai.sch.id/ HTTP 307
    https://candy.paba-binjai.sch.id/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
candy.paba-binjai.sch.id/
Redirect Chain
  • https://candy.paba-binjai.sch.id/
  • https://candy.paba-binjai.sch.id/login
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
bbf75a5ad1a0885006f3295cb2c56797b1b096158c5dfd9e6d96c938db431896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, max-age=0, no-cache
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 15:07:24 GMT
platform
hostinger
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
PHP/7.4.33
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, max-age=0, no-cache
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 15:07:23 GMT
location
https://candy.paba-binjai.sch.id/login
platform
hostinger
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
User-Agent
x-content-type-options
nosniff
x-powered-by
PHP/7.4.33
x-xss-protection
1; mode=block
font.css
candy.paba-binjai.sch.id/vendors/gfont/css/ 		15 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
90b50626a0295fc8b762df77a85e7b5c95d91e0d29a4d575f258c97c081fcfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
601
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
bootstrap.min.css
candy.paba-binjai.sch.id/mobile/css/ 		196 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/css/bootstrap.min.css
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
6a894e1cd21a6f8dd9d58ecc34bc378207e2f6072017c59642ae171e86852d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
22216
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
bootstrap-icons.css
candy.paba-binjai.sch.id/mobile/css/ 		66 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/css/bootstrap-icons.css
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
d03d432dc7bfbeb117a4d55c40d155d9c0c545a08df3ffe5e4fe12e8f2caaa29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8216
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
all.min.css
candy.paba-binjai.sch.id/vendors/fontawesome-free-5.15.4-web/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/fontawesome-free-5.15.4-web/css/all.min.css
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:02 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12343
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
style.css
candy.paba-binjai.sch.id/mobile/ 		201 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/style.css?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
5b2caf81f5abb510bbfa0c5714017f07041c30c725321e4c2871248844e02c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
24204
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://candy.paba-binjai.sch.id/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1813
etag
W/"09282956186c8515ef0d208902803581"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a84d1d68b735fb5-SIN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jul 2024 15:07:24 GMT
bootstrap.bundle.min.js
candy.paba-binjai.sch.id/mobile/js/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/js/bootstrap.bundle.min.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
ac09d69d59f30a1c40022f0d4be225af5984ed28fe768f97fc3ab28a536cce73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
21527
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
active.js
candy.paba-binjai.sch.id/mobile/js/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/js/active.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
a31510f20de08c4e03797eaea1e95fc68695711a034b778e53fdf585d3cb8a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3779
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
moment-with-locales.min.js
candy.paba-binjai.sch.id/vendors/plainadmin/assets/js/ 		395 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/plainadmin/assets/js/moment-with-locales.min.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
86379e75094ec8b5632b186e719dad9a1e43643aae1e5704c82bee690ac6aae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:10 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
72021
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
vue.global.prod.js
candy.paba-binjai.sch.id/vendors/vue/3.2.20/ 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/vue/3.2.20/vue.global.prod.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
eaa8b1ed5e5f4f47e7f1df5a0ac57cc9807542a39bb828d1b3d5f74d290be0d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:14 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
48389
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
vuex.global.js
candy.paba-binjai.sch.id/vendors/vuex/4.0.0/dist/ 		42 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/vuex/4.0.0/dist/vuex.global.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
2ef96ea8b536adf2cbb08d2eac21a0b048f18f1e703c7e3a4ea01c48145b6dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:14 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8630
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
axios.min.js
candy.paba-binjai.sch.id/vendors/axios/0.23.0/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/axios/0.23.0/axios.min.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
fd52d6d2ca13c85baf9254de058e792f86e7a07638e6be4dda49ea548cc373d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:02 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6138
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
main.js
candy.paba-binjai.sch.id/mobile/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/js/main.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
ad2d3b0830424d630d129026262e7495697c4c7cff6e6100dd92bfed9c33ae4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
2503
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
init.js
candy.paba-binjai.sch.id/mobile/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/js/init.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
ed31cf11ceb7af825c3a0051c4d8deab5d65d693dc9ce5d273605dc6d0dc5926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1245
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
pwa.js
candy.paba-binjai.sch.id/mobile/js/ 		289 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/js/pwa.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
43bcecf7f80bcf3ba3801ee21a5aaee1e7a081048f5fb43d6a5f276cbd99baef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
289
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:25 GMT
poppins-v15-latin-ext_latin_devanagari-regular.woff2
candy.paba-binjai.sch.id/vendors/gfont/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/gfont/fonts/poppins-v15-latin-ext_latin_devanagari-regular.woff2
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
bca0cbef4d9a1480419d2e87f92f86f2b04237f91c1a36800ff4929370b931a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Origin
https://candy.paba-binjai.sch.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:10 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
49712
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:26 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://candy.paba-binjai.sch.id/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1781
etag
W/"7e91359b46e1da637080a03b759164fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a84d1dfacde5fb5-SIN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jul 2024 15:07:26 GMT
osc
candy.paba-binjai.sch.id/ 		41 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/osc
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/vendors/axios/0.23.0/axios.min.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
5b99b029bf0137a11728a02fffdb092779bb536f846b8069e9df1259021f525d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://candy.paba-binjai.sch.id/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=UTF-8
cache-control
no-store, max-age=0, no-cache
platform
hostinger
content-length
45
x-xss-protection
1; mode=block
offline
candy.paba-binjai.sch.id/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/offline
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/vendors/axios/0.23.0/axios.min.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
b0c704ae7471863f4b53b465bdedbebc4f9e5c61d41360022a1acb5716ec26cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://candy.paba-binjai.sch.id/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, max-age=0, no-cache
platform
hostinger
content-length
3085
x-xss-protection
1; mode=block
header
candy.paba-binjai.sch.id/panel/utils/ 		132 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/panel/utils/header
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/vendors/axios/0.23.0/axios.min.js?v=19ca14e7ea6328a42e0eb13d585e4c22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
843ceb9e28572c9d5f53ebf50f7153b09c43078b322a750c437d8f6b2a1e8968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://candy.paba-binjai.sch.id/login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=UTF-8
cache-control
no-store, max-age=0, no-cache
platform
hostinger
content-length
130
x-xss-protection
1; mode=block
logo.png
candy.paba-binjai.sch.id/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candy.paba-binjai.sch.id/assets/img/logo.png
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
f47781962c0ebe3c2c455c7fc0ab350d97d89b2e7f169814739b85f2e3fbc75f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7136
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:26 GMT
poppins-v15-latin-ext_latin_devanagari-500.woff2
candy.paba-binjai.sch.id/vendors/gfont/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/gfont/fonts/poppins-v15-latin-ext_latin_devanagari-500.woff2
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
c293b3aeb4898d08cc511c812408a728d6c707c464078342d9af91adcb3adc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Origin
https://candy.paba-binjai.sch.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:10 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
49000
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:26 GMT
bootstrap-icons.woff2
candy.paba-binjai.sch.id/mobile/css/fonts/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/mobile/css/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/mobile/css/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/mobile/css/bootstrap-icons.css
Origin
https://candy.paba-binjai.sch.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
90528
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:26 GMT
poppins-v15-latin-ext_latin_devanagari-italic.woff2
candy.paba-binjai.sch.id/vendors/gfont/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/vendors/gfont/fonts/poppins-v15-latin-ext_latin_devanagari-italic.woff2
Requested by
Host: candy.paba-binjai.sch.id
URL: https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
48eb74a45169ea3d83367b03ba9fcfaa84db06cc587da680c6e9b864a15b4e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/vendors/gfont/css/font.css?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Origin
https://candy.paba-binjai.sch.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:10 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
56868
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:26 GMT
logo.png
candy.paba-binjai.sch.id/assets/img/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://candy.paba-binjai.sch.id/assets/img/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
156.67.211.191 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv26.niagahoster.com
Software
LiteSpeed /
Resource Hash
f47781962c0ebe3c2c455c7fc0ab350d97d89b2e7f169814739b85f2e3fbc75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://candy.paba-binjai.sch.id/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:07:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 07:05:00 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7136
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 15:07:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| myVueMixin function| gaem string| base_url function| OneSignal object| xaedm number| uidEvent object| bootstrap function| passwordFunction object| aisEmpty object| dropdownTarget object| affanTooltip object| tooltipList object| affanToast object| toastList object| formcontrolInput object| activeEffect object| favIcon object| offlineBtn object| onlineBtn object| preloader function| moment object| Vue object| Vuex function| axios function| degreesToRadians function| getDistanceBetweenPoints function| mm function| myMoment function| getMomentDay function| makeid function| showDismisableLoading function| bulanIndo function| parseTimeToString function| secondsToTime function| parseURLParams function| SwalDelete function| archiveIcon function| isJson function| isObject function| noBrowserFullscreen function| openFullscreen string| cssRule string| timezone boolean| __VUE__ object| VPLogin number| __oneSignalSdkLoadCount

2 Cookies

Domain/Path Name / Value
candy.paba-binjai.sch.id/ Name: xaedxiijuwbanw
Value: 12af18d1fdf3972b0f9b67a0b298b95f
.onesignal.com/ Name: __cf_bm
Value: nBJidcQjUBT6ZYTS8V7s0FfsbWIaI5IfcspHkPoMw8E-1721833644-1.0.1.1-KUcsxM8PCdIZ2FkZthUeh8Xhm3XQpqEtqfWZiXX1zus0Z.xFqjWHJOEaCxsaDlLzgvbvkzx9KRMSogTqdzSFJw

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://candy.paba-binjai.sch.id/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

candy.paba-binjai.sch.id
cdn.onesignal.com
104.17.111.223
156.67.211.191
2ef96ea8b536adf2cbb08d2eac21a0b048f18f1e703c7e3a4ea01c48145b6dfa
43bcecf7f80bcf3ba3801ee21a5aaee1e7a081048f5fb43d6a5f276cbd99baef
48eb74a45169ea3d83367b03ba9fcfaa84db06cc587da680c6e9b864a15b4e5b
5b2caf81f5abb510bbfa0c5714017f07041c30c725321e4c2871248844e02c0e
5b99b029bf0137a11728a02fffdb092779bb536f846b8069e9df1259021f525d
6a894e1cd21a6f8dd9d58ecc34bc378207e2f6072017c59642ae171e86852d40
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
843ceb9e28572c9d5f53ebf50f7153b09c43078b322a750c437d8f6b2a1e8968
86379e75094ec8b5632b186e719dad9a1e43643aae1e5704c82bee690ac6aae1
90b50626a0295fc8b762df77a85e7b5c95d91e0d29a4d575f258c97c081fcfd4
a31510f20de08c4e03797eaea1e95fc68695711a034b778e53fdf585d3cb8a43
ac09d69d59f30a1c40022f0d4be225af5984ed28fe768f97fc3ab28a536cce73
ad2d3b0830424d630d129026262e7495697c4c7cff6e6100dd92bfed9c33ae4a
b0c704ae7471863f4b53b465bdedbebc4f9e5c61d41360022a1acb5716ec26cf
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
bbf75a5ad1a0885006f3295cb2c56797b1b096158c5dfd9e6d96c938db431896
bca0cbef4d9a1480419d2e87f92f86f2b04237f91c1a36800ff4929370b931a4
c293b3aeb4898d08cc511c812408a728d6c707c464078342d9af91adcb3adc8a
d03d432dc7bfbeb117a4d55c40d155d9c0c545a08df3ffe5e4fe12e8f2caaa29
eaa8b1ed5e5f4f47e7f1df5a0ac57cc9807542a39bb828d1b3d5f74d290be0d8
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ed31cf11ceb7af825c3a0051c4d8deab5d65d693dc9ce5d273605dc6d0dc5926
f47781962c0ebe3c2c455c7fc0ab350d97d89b2e7f169814739b85f2e3fbc75f
fd52d6d2ca13c85baf9254de058e792f86e7a07638e6be4dda49ea548cc373d2