Submitted URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Effective URL: https://replay79vipp.site/register?ref=7012346314
Submission Tags: @phish_report
Submission: On November 14 via api from FI — Scanned from GB

Summary

This website contacted 6 IPs in 3 countries across 11 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3033::6815:2f2a, located in United States and belongs to . The main domain is replay79vipp.site.
TLS certificate: Issued by WE1 on October 22nd 2024. Valid for: 3 months.
This is the only time replay79vipp.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
6 k24klik.com
www.k24klik.com — Cisco Umbrella Rank: 433637
55 KB
5 replay79vipp.site
replay79vipp.site
14 KB
1 kuehpancong.site
kuehpancong.site
657 B
1 chromakopia.site
chromakopia.site
589 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
721 B
1 gifyu.com
s1.gifyu.com — Cisco Umbrella Rank: 260334
390 KB
1 pn-muaraenim.go.id
www.pn-muaraenim.go.id
26 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 cloudflareinsights.com Failed
static.cloudflareinsights.com Failed
0 wikimedia.org Failed
upload.wikimedia.org Failed
0 cloudflare.com Failed
ajax.cloudflare.com Failed
27 11
Domain Requested by
6 www.k24klik.com www.pn-muaraenim.go.id
5 replay79vipp.site www.pn-muaraenim.go.id
replay79vipp.site
1 kuehpancong.site 1 redirects
1 chromakopia.site 1 redirects
1 fonts.googleapis.com www.pn-muaraenim.go.id
1 s1.gifyu.com www.pn-muaraenim.go.id
1 www.pn-muaraenim.go.id
0 www.googletagmanager.com Failed www.pn-muaraenim.go.id
0 static.cloudflareinsights.com Failed www.pn-muaraenim.go.id
0 upload.wikimedia.org Failed www.pn-muaraenim.go.id
0 ajax.cloudflare.com Failed www.pn-muaraenim.go.id
27 11

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.pn-muaraenim.go.id
R10
2024-06-19 -
2024-09-17
3 months crt.sh
s1.gifyu.com
E6
2024-11-04 -
2025-02-02
3 months crt.sh
www.k24klik.com
WE1
2024-10-20 -
2025-01-18
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
replay79vipp.site
WE1
2024-10-22 -
2025-01-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://replay79vipp.site/register?ref=7012346314
Frame ID: C5A7937746E1EA20D31615339C15D8B6
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

  1. https://www.pn-muaraenim.go.id/jadwal/asentogel Page URL
  2. https://chromakopia.site/2 HTTP 301
    https://kuehpancong.site/ HTTP 301
    https://replay79vipp.site/register?ref=7012346314 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

48 %
HTTPS

71 %
IPv6

11
Domains

11
Subdomains

6
IPs

3
Countries

485 kB
Transfer

733 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.pn-muaraenim.go.id/jadwal/asentogel Page URL
  2. https://chromakopia.site/2 HTTP 301
    https://kuehpancong.site/ HTTP 301
    https://replay79vipp.site/register?ref=7012346314 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
asentogel
www.pn-muaraenim.go.id/jadwal/
138 KB
26 KB
Document
General
Full URL
https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.250.235.31 , United Kingdom, ASN204800 (WHG-SGP, GB),
Reverse DNS
s1309.sgp1.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
c8b09ea23f8176095d46d5fbf998b41465547a924a8ac9ac9128adebfde81e64

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Nov 2024 08:34:54 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
Sy0WM.jpg
s1.gifyu.com/images/
389 KB
390 KB
Image
General
Full URL
https://s1.gifyu.com/images/Sy0WM.jpg?format=1500w
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.40.164.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.54.164.40.188.clients.your-server.de
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

accept-ranges
bytes
content-length
398813
date
Thu, 14 Nov 2024 08:34:55 GMT
etag
"67330679-615dd"
content-type
image/jpeg
last-modified
Tue, 12 Nov 2024 07:40:41 GMT
server
nginx/1.24.0 (Ubuntu)
jquery.min.js
www.k24klik.com/assets/7301462e/
93 KB
34 KB
Script
General
Full URL
https://www.k24klik.com/assets/7301462e/jquery.min.js
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47be , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672ae980-17278"
age
582897
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FqTyURVSh2S%2B0yyZs1xyzRqZ3du1hf8uqcCDg0BgQXaUtqFCzxtIMDxEjzCoLRIG6F1zm5O4GRYCXw4EyB5QOHRxsxVtDRQjjY9PtyTipQKRVlqYXU5rW5EgLx%2BmOdypHRp5%2Bn5p5DgKwD9jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 14:39:58 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2904&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4016&recv_bytes=2554&delivery_rate=1388227&cwnd=254&unsent_bytes=0&cid=ccece3eb50c8eeca&ts=54&x=0"
date
Thu, 14 Nov 2024 08:34:55 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 06 Nov 2024 03:58:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8e25aa46086cd16c-LHR
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
css
fonts.googleapis.com/
805 B
721 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, max-age=86400
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 08:34:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 08:34:55 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
jquery.raty.min.js
www.k24klik.com/js/
8 KB
4 KB
Script
General
Full URL
https://www.k24klik.com/js/jquery.raty.min.js
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47be , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"672ae399-2051"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJX9uVq01kdzpSGJy%2FvAcEIsLsZ5yjLFFvpB%2Bw5laXBDfUKzJGESLpNwav3S4fsckN1uwy8BDf1mHv8ayxfXcE1NpEIafntkenvGV0smHbZI8GrZ2G8frQN6MA%2FWmCP3tbRBpx00Qh%2FPpikuqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 08:34:55 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=4871&sent=70&recv=22&lost=0&retrans=0&sent_bytes=52494&recv_bytes=2650&delivery_rate=3350705&cwnd=258&unsent_bytes=0&cid=ccece3eb50c8eeca&ts=819&x=0"
date
Thu, 14 Nov 2024 08:34:55 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 06 Nov 2024 03:33:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8e25aa46086fd16c-LHR
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
cart-shopping.svg
www.k24klik.com/redesign/icon/
962 B
965 B
Image
General
Full URL
https://www.k24klik.com/redesign/icon/cart-shopping.svg
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47be , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"672ae399-3c2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75gdu2u2FVlUzBKB5IPudLSmnrSdlj4kdhC%2FzZmfcEkWf%2Fxg%2FUBtpamN1Me8PgjZ8kHNysWHRcLpSApu1O1HhlRuYLdZTWwiyW8sdL3IAH%2FBSjRysGHqsry6fsw3P%2Bw5zLRzuD7fPUGeAzgLmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=3801&sent=60&recv=18&lost=0&retrans=0&sent_bytes=45692&recv_bytes=2650&delivery_rate=3350705&cwnd=258&unsent_bytes=0&cid=ccece3eb50c8eeca&ts=741&x=0"
date
Thu, 14 Nov 2024 08:34:55 GMT
content-type
image/svg+xml
last-modified
Wed, 06 Nov 2024 03:33:45 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8e25aa460870d16c-LHR
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
product-view.min.css
www.k24klik.com/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://www.k24klik.com/css/product-view.min.css
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47be , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0365e3166ea7b698b1e91c3af0db8c59eb0b18a460c218c283a10f08a19051
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672ae399-6673"
age
430053
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrvB9ZVfm3Uq4nTEbz6%2B78K9%2FmF%2FOrdOl6%2BzCEC%2Bp4QyMBcnWHRl4XzfgaMPdexxsTjJhbocMscj3BK4C4JTHvIe%2FYL%2BgYK8jiYLxvUKxO%2BaMxz1ToxOS0s4k7%2BwD4hHg%2BsSQALFqA3FRJBfJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 09:07:22 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=5091&sent=48&recv=8&lost=0&retrans=0&sent_bytes=39294&recv_bytes=2554&delivery_rate=1388227&cwnd=255&unsent_bytes=0&cid=ccece3eb50c8eeca&ts=57&x=0"
date
Thu, 14 Nov 2024 08:34:55 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 06 Nov 2024 03:33:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8e25aa460872d16c-LHR
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
new_face.min.css
www.k24klik.com/css/
21 KB
6 KB
Stylesheet
General
Full URL
https://www.k24klik.com/css/new_face.min.css
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47be , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"672ae399-52fd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVx%2FXjheR6G4zsfCs83eVhw7bZ875Oyf%2BESeQb0EJ%2FXTgw2YDdL%2BfhRBPpI5JCYjGcNkUz2BfG%2BPsXr6UrL1DEtTVl8DjaEppdyaaIWLGHP7p34tEse%2BXJMCXus1JKnVNv06A8C138yoQsvF7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 08:34:55 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=5477&sent=63&recv=20&lost=0&retrans=0&sent_bytes=46723&recv_bytes=2650&delivery_rate=3350705&cwnd=258&unsent_bytes=0&cid=ccece3eb50c8eeca&ts=807&x=0"
date
Thu, 14 Nov 2024 08:34:55 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 06 Nov 2024 03:33:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8e25aa4668e6d16c-LHR
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
bootstrap5.critical.css
www.k24klik.com/css/pageOptimations/
0
0

k24.css
www.k24klik.com/css/k24-2022/
20 KB
5 KB
Stylesheet
General
Full URL
https://www.k24klik.com/css/k24-2022/k24.css
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47be , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.pn-muaraenim.go.id/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672ae399-4f05"
age
4986
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vIwYVwhPGbjqDuHDO07ItFSW3nTal8j11g9xdlc4o4JXMXPul1kADFkvG2sXDXDIZ0OPPozq3Yf%2FFErZql%2BfJITeNlQEjw6z28OKLnKfB%2FhbkDebE5hJkPk%2BpbEPytBE0lPE2Vs%2BnmCyp6zKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 07:11:49 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=4631&sent=77&recv=25&lost=0&retrans=0&sent_bytes=56205&recv_bytes=2795&delivery_rate=3350705&cwnd=258&unsent_bytes=0&cid=ccece3eb50c8eeca&ts=852&x=0"
date
Thu, 14 Nov 2024 08:34:55 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 06 Nov 2024 03:33:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8e25aa4b0ef2d16c-LHR
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=()
x-xss-protection
1; mode=block
server
cloudflare
font-awesome.critical.css
www.k24klik.com/css/pageOptimations/
0
0

Sy0WM.jpg
s1.gifyu.com/images/
0
0

icon_share.svg
www.k24klik.com/redesign/icon/
0
0

mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/
0
0

swipper.min.js
www.k24klik.com/assets/f5681ca0/
0
0

lazyload.min.js
www.k24klik.com/js/
0
0

ic_live_chat_3_3.webp
www.k24klik.com/icon/
0
0

OJK_Logo.png
upload.wikimedia.org/wikipedia/commons/8/83/
0
0

vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
0
0

js
www.googletagmanager.com/gtag/
0
0

sweetalert.min.js
www.k24klik.com/js/
0
0

bootstrap.min.js
www.k24klik.com/js/
0
0

Primary Request register
replay79vipp.site/
Redirect Chain
  • https://chromakopia.site/2
  • https://kuehpancong.site/
  • https://replay79vipp.site/register?ref=7012346314
4 KB
2 KB
Document
General
Full URL
https://replay79vipp.site/register?ref=7012346314
Requested by
Host: www.pn-muaraenim.go.id
URL: https://www.pn-muaraenim.go.id/jadwal/asentogel
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f2a , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a666f5a07421c36098976eec2040bc952beadf2aec1baf235bfe2dff943baddc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.pn-muaraenim.go.id/jadwal/asentogel
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=15
cf-ray
8e25aa4ead2a76f6-LHR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 14 Nov 2024 08:34:56 GMT
expires
Thu, 14 Nov 2024 08:35:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Y5wKboPX4m82sgTXvCCl9UD56oEIddUzhYXzuIN1fzG1iuhoX78h3Uc4KQ8F4m2jB1tLlCXiQkcTNvO4UQCQP%2FcsIy46KK65vB86HLPD%2BF09zbqBc%2FjqvRtqGuJowQLLrDOzXgmd%2FvkT1P8hmJDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=25506&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4095&recv_bytes=4352&delivery_rate=109389&cwnd=12000&unsent_bytes=0&cid=5f5ebf76326b9736&ts=43&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e25aa4bd8d36343-LHR
content-type
text/html; charset=iso-8859-1
date
Thu, 14 Nov 2024 08:34:56 GMT
location
https://replay79vipp.site/register?ref=7012346314
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYpfRKL%2BXAU5m%2BKVcy9c5EoRMfqeuo2gNdch1nGsO7NJjozp8j6udToJmY9Sk%2FdIChmveU6cUlths4IT7MnhP4SiWC1uX%2Fco5cprB7FSiNwjdmZaQvEc6UkSaiXoUkk5NWTcL5BAGj5ywr0yLLhr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=26027&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4467&delivery_rate=527&cwnd=12000&unsent_bytes=0&cid=6af02fc033bbef1b&ts=333&x=1" cfHdrFlush;dur=0
cf.errors.css
replay79vipp.site/cdn-cgi/styles/
23 KB
5 KB
Stylesheet
General
Full URL
https://replay79vipp.site/cdn-cgi/styles/cf.errors.css
Requested by
Host: replay79vipp.site
URL: https://replay79vipp.site/register?ref=7012346314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f2a , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://replay79vipp.site/register?ref=7012346314

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"672e2352-5df3"
x-content-type-options
nosniff
cf-ray
8e25aa4efd8e76f6-LHR
expires
Thu, 14 Nov 2024 10:34:56 GMT
date
Thu, 14 Nov 2024 08:34:56 GMT
content-type
text/css
last-modified
Fri, 08 Nov 2024 14:42:26 GMT
server
cloudflare
x-frame-options
DENY
browser-bar.png
replay79vipp.site/cdn-cgi/images/
715 B
899 B
Image
General
Full URL
https://replay79vipp.site/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: replay79vipp.site
URL: https://replay79vipp.site/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f2a , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://replay79vipp.site/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672e2352-2cb"
x-content-type-options
nosniff
cf-ray
8e25aa4f2dbf76f6-LHR
expires
Thu, 14 Nov 2024 10:34:56 GMT
accept-ranges
bytes
content-length
715
date
Thu, 14 Nov 2024 08:34:56 GMT
content-type
image/png
last-modified
Fri, 08 Nov 2024 14:42:26 GMT
server
cloudflare
x-frame-options
DENY
cf-no-screenshot-error.png
replay79vipp.site/cdn-cgi/images/
3 KB
3 KB
Image
General
Full URL
https://replay79vipp.site/cdn-cgi/images/cf-no-screenshot-error.png
Requested by
Host: replay79vipp.site
URL: https://replay79vipp.site/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f2a , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://replay79vipp.site/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672e2352-c8d"
x-content-type-options
nosniff
cf-ray
8e25aa4f2dc076f6-LHR
expires
Thu, 14 Nov 2024 10:34:56 GMT
accept-ranges
bytes
content-length
3213
date
Thu, 14 Nov 2024 08:34:56 GMT
content-type
image/png
last-modified
Fri, 08 Nov 2024 14:42:26 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
replay79vipp.site/
4 KB
2 KB
Other
General
Full URL
https://replay79vipp.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f2a , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
79e3f4a314e93dcd39ed056180bbeca80dfdd24dc7cdec9c770de8965fd5b4f0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://replay79vipp.site/register?ref=7012346314

Response headers

cache-control
max-age=15
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITfcUEUhuRseGbJTPGHm%2FyPDXyS%2FuVjGCdh%2BWeayVrF90C7yjiaaykokUiSuzd9lQWD2ih8go%2FACjfjvipWQgMmyrmQ9Nb3n%2F0GHoYF3Z8uiRwaELFqIDXnwHYWqeMcKV9VE9MK8E87sZAGB%2Fr20NA%3D%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e25aa4f6e0276f6-LHR
expires
Thu, 14 Nov 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27000&sent=25&recv=19&lost=0&retrans=0&sent_bytes=15994&recv_bytes=6271&delivery_rate=162359&cwnd=12000&unsent_bytes=0&cid=5f5ebf76326b9736&ts=159&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 08:34:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.k24klik.com
URL
https://www.k24klik.com/css/pageOptimations/bootstrap5.critical.css
Domain
www.k24klik.com
URL
https://www.k24klik.com/css/pageOptimations/font-awesome.critical.css
Domain
s1.gifyu.com
URL
https://s1.gifyu.com/images/Sy0WM.jpg
Domain
www.k24klik.com
URL
https://www.k24klik.com/redesign/icon/icon_share.svg
Domain
ajax.cloudflare.com
URL
https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js
Domain
www.k24klik.com
URL
https://www.k24klik.com/assets/f5681ca0/swipper.min.js
Domain
www.k24klik.com
URL
https://www.k24klik.com/js/lazyload.min.js
Domain
www.k24klik.com
URL
https://www.k24klik.com/icon/ic_live_chat_3_3.webp
Domain
upload.wikimedia.org
URL
https://upload.wikimedia.org/wikipedia/commons/8/83/OJK_Logo.png
Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-B1X2VHE3TK
Domain
www.k24klik.com
URL
https://www.k24klik.com/js/sweetalert.min.js
Domain
www.k24klik.com
URL
https://www.k24klik.com/js/bootstrap.min.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_translation

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://replay79vipp.site/register?ref=7012346314
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://replay79vipp.site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()