urlscan.io logo urlscan.io
SecurityTrails logo

employee-api.caliana.id Open in urlscan Pro
103.152.234.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://employee-api.caliana.id/
Effective URL: https://employee-api.caliana.id/auth
Submission: On August 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 103.152.234.136, located in Tanjung Pinang, Indonesia and belongs to SDI-AS-ID PT Sumber Data Indonesia, ID. The main domain is employee-api.caliana.id.
TLS certificate: Issued by E6 on August 16th 2024. Valid for: 3 months.
This is the only time employee-api.caliana.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 103.152.234.136 56246 (SDI-AS-ID...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.165.183.49 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 3.165.190.54 16509 (AMAZON-02)
1 18.239.36.61 16509 (AMAZON-02)
19 6
13    103.152.234.136 (Tanjung Pinang, Indonesia)

ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID)
employee-api.caliana.id
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.165.183.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-49.zrh55.r.cloudfront.net
static.hotjar.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.165.190.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-190-54.zrh55.r.cloudfront.net
script.hotjar.com
1    18.239.36.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-61.ams58.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
13 caliana.id
employee-api.caliana.id
5 MB
3 gstatic.com
fonts.gstatic.com
24 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
232 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
872 B
19 5
Domain Requested by
13 employee-api.caliana.id 1 redirects employee-api.caliana.id
3 fonts.gstatic.com fonts.googleapis.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com employee-api.caliana.id
1 fonts.googleapis.com employee-api.caliana.id
19 6

This site contains links to these domains. Also see Links.

Domain
terms.caliana.id
www.caliana.id
Subject Issuer Validity Valid
sdi.web.acs.caliana.id
E6		 2024-08-16 -
2024-11-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://employee-api.caliana.id/auth
Frame ID: AE9855F3F9079B6AF971A639BB4751DD
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Page | Caliana

Page URL History Show full URLs

  1. https://employee-api.caliana.id/ HTTP 307
    https://employee-api.caliana.id/auth Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

19
Requests

37 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

5154 kB
Transfer

5339 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://employee-api.caliana.id/ HTTP 307
    https://employee-api.caliana.id/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
employee-api.caliana.id/
Redirect Chain
  • https://employee-api.caliana.id/
  • https://employee-api.caliana.id/auth
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
75c9f34ddc8d6c85c1a51f334ceee6cfb3fd90c6fa8ce758d9a6bc548aa70ef5
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Aug 2024 23:27:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Aug 2024 23:27:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://employee-api.caliana.id/auth
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		4 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://employee-api.caliana.id/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 23:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 23:23:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Aug 2024 23:27:22 GMT
login-115aa.css
employee-api.caliana.id/assets/css/pages/login/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/css/pages/login/login-115aa.css?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a2163bfb5f4ae6d1fb2fb944e2225752a6ea1153ef7b3960f756af6d7f627f76
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:22 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-4f1"
X-Frame-Options
sameorigin
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1265
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:22 GMT
plugins.bundle15aa.css
employee-api.caliana.id/assets/plugins/global/ 		456 KB
456 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/plugins/global/plugins.bundle15aa.css?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dfc2c38bf689b09cd41c1592960fd4105cdc29a36fc66e129493dc45ed89be6c
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:22 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-71ffd"
X-Frame-Options
sameorigin
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
466941
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:22 GMT
prismjs.bundle15aa.css
employee-api.caliana.id/assets/plugins/custom/prismjs/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/plugins/custom/prismjs/prismjs.bundle15aa.css?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cbf66edc4f8e381865c3b864dccb1c1ed1c36fb45c1ecfc0f404014d1a094bc7
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:23 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-7b0"
X-Frame-Options
sameorigin
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1968
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:23 GMT
style.bundle15aa.css
employee-api.caliana.id/assets/css/ 		2 MB
2 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/css/style.bundle15aa.css?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bdf5eaaed0d3999f3d136ff64dd3d480a8f45800ac69a5bbd9eacccd750a02f9
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:23 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-1cc8c2"
X-Frame-Options
sameorigin
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1886402
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:23 GMT
icon%20caliana%20white.png
employee-api.caliana.id/assets/addon-media/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee-api.caliana.id/assets/addon-media/icon%20caliana%20white.png
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7bc2660c535b16a587bb0a296db7297977444789611c938d36f92893afafc739
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:23 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-258d"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9613
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:23 GMT
plugins.bundle15aa.js
employee-api.caliana.id/assets/plugins/global/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/plugins/global/plugins.bundle15aa.js?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce781fca0b08ea8f4ddcf4b3ded145baea7d028cf47a820f3dfac90861ffdd85
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:23 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-25182c"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2431020
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:23 GMT
prismjs.bundle15aa.js
employee-api.caliana.id/assets/plugins/custom/prismjs/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/plugins/custom/prismjs/prismjs.bundle15aa.js?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69ae8f4d3cc1c18b9300a452b0a7510eaf5d74d0314aca41ad00daaab301cf63
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:23 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-4c77"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19575
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:23 GMT
scripts.bundle15aa.js
employee-api.caliana.id/assets/js/ 		133 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/js/scripts.bundle15aa.js?v=7.2.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
88e4a487a1fed80ec48f6861fb3ace68a8fdef754cec546488b24f7630c54dc2
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:23 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-21535"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136501
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:23 GMT
auth.js
employee-api.caliana.id/assets/addon-js/auth/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/addon-js/auth/auth.js?v=7.3.2
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
016ebba222a6781f68ed2fffb4ed76c3ee2f0b2d60997b276eb8ee2cafd481f9
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:24 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-7019"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28697
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:24 GMT
hotjar-1070954.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1070954.js?sv=6
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-49.zrh55.r.cloudfront.net
Software
/
Resource Hash
270581d4fdd01bdcdad70cdd9df581f25a52922565bb4341a4a4e959c633a737
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://employee-api.caliana.id/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 23:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
etag
W/3f85effa03369ed0215a5275c42e7489
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
GG-OjnJpWry0Thjk6NwPgipkat7Nh5dU5rx_9KTXbdpXvXjeQLdiwQ==
loginbg.png
employee-api.caliana.id/assets/addon-media/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://employee-api.caliana.id/assets/addon-media/loginbg.png
Requested by
Host: employee-api.caliana.id
URL: https://employee-api.caliana.id/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fee6e152b767c452bc0d3d73267e62816348ad345feb9b3d377389c73f46032c
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:24 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-15a06"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88582
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:24 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employee-api.caliana.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:37:56 GMT
x-content-type-options
nosniff
age
118168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:37:56 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employee-api.caliana.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:10:50 GMT
x-content-type-options
nosniff
age
119794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:10:50 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://employee-api.caliana.id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:40:56 GMT
x-content-type-options
nosniff
age
117988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:40:56 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1070954.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.190.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-190-54.zrh55.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://employee-api.caliana.id/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3dd5e0573f9c21c9cebfb7ce9a899574.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P2
age
1933458
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
fZJ9iEG2YwsiIeJsRQqbVCl637dn_mE2244grmcYug3X9OhylWoqqw==
1070954
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1070954?s=0.25&r=0.01599566359732374
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-61.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://employee-api.caliana.id/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 21 Aug 2024 23:27:25 GMT
cache-control
no-store
via
1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
f-yB4HqINbsnpH66IHt5gNEGj59QyEhx4YvlPqyF7rpHdl9nODQcew==
x-cache
Miss from cloudfront
icon%20caliana.ico
employee-api.caliana.id/assets/addon-media/ 		107 KB
108 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://employee-api.caliana.id/assets/addon-media/icon%20caliana.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.152.234.136 Tanjung Pinang, Indonesia, ASN56246 (SDI-AS-ID PT Sumber Data Indonesia, ID),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0d80dd688ef5f9f5498df3897ed70e083865417c87bd67f092e26b2dd875d64c
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://employee-api.caliana.id/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 23:27:25 GMT
Last-Modified
Thu, 22 Jun 2023 04:09:34 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6493c97e-1acbd"
X-Frame-Options
sameorigin
Content-Type
image/x-icon
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109757
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 23:27:25 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings string| base_url object| KTAppSettings object| version function| _typeof function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ function| Sticky function| identity function| isArray function| isObject function| isNumber function| isFunction function| indexOf function| inArray function| foreach function| last function| argumentsToArray function| extend function| mapToArray function| mapToObject function| map function| pluck function| filter function| call function| throttle function| mixinPubSub function| $ function| jQuery function| Popper object| bootstrap function| moment function| PerfectScrollbar function| wNumb object| returnExports object| FormValidation function| daterangepicker function| SearchIndex function| Bloodhound object| Handlebars function| Inputmask function| default object| noUiSlider function| autosize function| ClipboardJS function| Quill function| Tagify object| markdown object| toastr function| DualListbox object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| Waypoint function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| _self object| Prism object| KTApp function| KTCard object| KTCookie function| KTDialog function| KTHeader function| KTImageInput function| KTMenu function| KTOffcanvas function| KTScrolltop function| KTToggle object| KTUtil function| KTWizard object| defaults object| KTLayoutAsideMenu object| KTLayoutAside object| KTLayoutContent object| KTLayoutFooter object| KTLayoutHeaderMenu object| KTLayoutHeaderTopbar object| KTLayoutHeader object| KTLayoutStickyCard object| KTLayoutStretchedCard object| KTLayoutSubheader object| KTLayoutChat object| KTLayoutDemoPanel object| KTLayoutExamples object| KTLayoutQuickActions object| KTLayoutQuickCartPanel object| KTLayoutQuickNotifications object| KTLayoutQuickPanel object| KTLayoutQuickSearch object| KTLayoutQuickUser object| KTLayoutScrolltop function| KTLayoutSearch function| KTLayoutSearchInline function| KTLayoutSearchOffcanvas object| KTUtilElementDataStore object| KTUtilDelegatedEventHandlers string| url_string object| url object| KTLogin object| KTWithoutLogin object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

3 Cookies

Domain/Path Name / Value
employee-api.caliana.id/ Name: caliana_session
Value: 9pm7k9bctqnt7n7f0tuq0e78uqngjt8s
.caliana.id/ Name: _hjSessionUser_1070954
Value: eyJpZCI6IjdiZThiMzdiLTgyZGQtNTU4OC04NzIwLTM4ODUxNDRjNTlhNyIsImNyZWF0ZWQiOjE3MjQyODI4NDUwNjcsImV4aXN0aW5nIjpmYWxzZX0=
.caliana.id/ Name: _hjSession_1070954
Value: eyJpZCI6Ijc2N2UxMmViLWVjNzItNDY2My04ZjE0LWE2NTdmNWE3MjEzNCIsImMiOjE3MjQyODI4NDUwNjgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

employee-api.caliana.id
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
103.152.234.136
18.165.183.49
18.239.36.61
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
3.165.190.54
016ebba222a6781f68ed2fffb4ed76c3ee2f0b2d60997b276eb8ee2cafd481f9
0d80dd688ef5f9f5498df3897ed70e083865417c87bd67f092e26b2dd875d64c
270581d4fdd01bdcdad70cdd9df581f25a52922565bb4341a4a4e959c633a737
69ae8f4d3cc1c18b9300a452b0a7510eaf5d74d0314aca41ad00daaab301cf63
75c9f34ddc8d6c85c1a51f334ceee6cfb3fd90c6fa8ce758d9a6bc548aa70ef5
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7bc2660c535b16a587bb0a296db7297977444789611c938d36f92893afafc739
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88e4a487a1fed80ec48f6861fb3ace68a8fdef754cec546488b24f7630c54dc2
a2163bfb5f4ae6d1fb2fb944e2225752a6ea1153ef7b3960f756af6d7f627f76
bdf5eaaed0d3999f3d136ff64dd3d480a8f45800ac69a5bbd9eacccd750a02f9
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
cbf66edc4f8e381865c3b864dccb1c1ed1c36fb45c1ecfc0f404014d1a094bc7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce781fca0b08ea8f4ddcf4b3ded145baea7d028cf47a820f3dfac90861ffdd85
dfc2c38bf689b09cd41c1592960fd4105cdc29a36fc66e129493dc45ed89be6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fee6e152b767c452bc0d3d73267e62816348ad345feb9b3d377389c73f46032c