payment.rumah-yatim.org Open in urlscan Pro
172.104.183.224  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response payment.rumah-yatim.org/	1 KB 613 B	542ms 10ms	Document text/html	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 69ed30ff36f1249ce8b6f02bec362c9e1301c8ed9feabfd40f900aa3d3c9d23e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Sat, 26 Apr 2025 01:30:42 GMT etag W/"67e64178-431" last-modified Fri, 28 Mar 2025 06:28:08 GMT server nginx
GET H2	200	env.js Show response payment.rumah-yatim.org/	16 B 144 B	52ms 50ms	Script application/javascript	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://payment.rumah-yatim.org/env.js Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 514c8773a3d9f6ccb3e015b82110a22b9d35883c3f73b185192675e41bd3f4e1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 16 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-10" content-type application/javascript last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	react.production.min.js Show response cdn.jsdelivr.net/npm/react/umd/	10 KB 5 KB	32ms 11ms	Script application/javascript	104.16.174.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/react/umd/react.production.min.js Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.174.226 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Origin https://payment.rumah-yatim.org Referer https://payment.rumah-yatim.org/ Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"29ff-qneuTEn1Jbwh3h0E8Ipdc5YsfM4" age 21540 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtJ83nJ3z70FjWq%2FbBkKHac7lVClBUKUhhWAWPe3kbTw56fKnSKwI924gxPay4ieQ%2F2oCWqr6SIYldDa1pOQbW3q%2FxUK9kHqzU%2F0DchAD4scUWMRzGcaD7Yqa3sAseRwjPM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT, HIT date Sat, 26 Apr 2025 01:30:42 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230081-FRA, cache-lga21932-LGA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 936250ff4819a0bc-SIN accept-ranges bytes access-control-allow-origin * content-length 4114 server cloudflare x-jsd-version 18.3.1
GET H2	200	react-dom.production.min.js Show response cdn.jsdelivr.net/npm/react-dom/umd/	129 KB 44 KB	34ms 14ms	Script application/javascript	104.16.174.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/react-dom/umd/react-dom.production.min.js Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.174.226 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Origin https://payment.rumah-yatim.org Referer https://payment.rumah-yatim.org/ Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"202fb-/rjdydBWak+glxpuEThlhhjNrP4" age 28317 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jt%2BBx%2FDw0FZY6A7K5erFPrY%2BQpLex7Hs3hIky5DX7%2FKXlPeRG9cQR%2FkH2PLWPEr4daUxA4vYavp0pjv8lB6Vw1n%2FB3tT8%2BkGHD%2FKFxKOFHgWJlSA72VqX7nsOi%2FpHIA9F7g%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT, HIT date Sat, 26 Apr 2025 01:30:42 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230096-FRA, cache-lga21991-LGA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 936250ff481aa0bc-SIN accept-ranges bytes access-control-allow-origin * content-length 44549 server cloudflare x-jsd-version 18.3.1
GET H2	200	react-bootstrap.min.js Show response cdn.jsdelivr.net/npm/react-bootstrap@next/dist/	116 KB 40 KB	32ms 12ms	Script application/javascript	104.16.174.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/react-bootstrap@next/dist/react-bootstrap.min.js Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.174.226 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Origin https://payment.rumah-yatim.org Referer https://payment.rumah-yatim.org/ Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"1d187-o2+OYezMEsMzpEcT3E+ubsFUj8Q" age 4781 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nG2L6bOSbPeZGxCCBvWzTl7nhEzlQ%2F2AmcgmX0dOKen5pr%2FunwSlOrdCu8UkaKWAgxeS%2BrUtFqRN%2FryZ49NcYPLNtMbajGHAd1lHjRyq4lFNJMyIq%2FZ8DINQyy8vLcI8nWg%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT, HIT date Sat, 26 Apr 2025 01:30:42 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230077-FRA, cache-lga21937-LGA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 936250ff4817a0bc-SIN accept-ranges bytes access-control-allow-origin * content-length 40369 server cloudflare x-jsd-version 2.9.0-beta.1
GET H2	200	main.bc6cb930.js Show response payment.rumah-yatim.org/static/js/	840 KB 226 KB	9ms 8ms	Script application/javascript	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://payment.rumah-yatim.org/static/js/main.bc6cb930.js Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 8cac7f6a6913f268564c1dbd3af3422ca47d46eb5eb9134861cc2136800766cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding gzip date Sat, 26 Apr 2025 01:30:42 GMT etag W/"67e64178-d1ec2" content-type application/javascript last-modified Fri, 28 Mar 2025 06:28:08 GMT server nginx
GET H2	200	main.f6c0dbd4.css payment.rumah-yatim.org/static/css/	545 KB 70 KB	43ms 42ms	Stylesheet text/css	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://payment.rumah-yatim.org/static/css/main.f6c0dbd4.css Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash b658254628fdb33e90781dbfb94c5ce6223fb5dfe49d998dc892a7a348b362c0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding gzip date Sat, 26 Apr 2025 01:30:42 GMT etag W/"67e64178-882b3" content-type text/css last-modified Fri, 28 Mar 2025 06:28:08 GMT server nginx
GET H2	200	css2 fonts.googleapis.com/	3 KB 1 KB	20ms 6ms	Stylesheet text/css	74.125.68.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/static/css/main.f6c0dbd4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f95.1e100.net Software ESF / Resource Hash 8f8c95c84b3f9793c2b8efd2c727e32b930c15ec4f70fb578f7d6aac939f5f1f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 26 Apr 2025 01:30:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 26 Apr 2025 01:30:42 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sat, 26 Apr 2025 00:27:17 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	12ms 3ms	Font font/woff2	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Origin https://payment.rumah-yatim.org Referer https://fonts.googleapis.com/ Response headers age 221893 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 23 Apr 2026 11:52:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Apr 2025 11:52:29 GMT last-modified Thu, 01 Jun 2023 22:52:56 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14892 x-xss-protection 0 server sffe
GET H2	200	payments Show response program-api.universa.vip/api/v1/public/	8 KB 1 KB	33ms 16ms	XHR application/json	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://program-api.universa.vip/api/v1/public/payments?company_id=c719ac4a-dedb-4102-8be0-f78898f7cd35&is_active=true&size=1000&page=0&sort=created_at Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/static/js/main.bc6cb930.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 8e9fd1fa62b848a77009ee0d88c7c3960e359a24e84839846c7bfebf26074f0d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Accept application/json Referer https://payment.rumah-yatim.org/ Response headers access-control-allow-origin * content-encoding gzip date Sat, 26 Apr 2025 01:30:42 GMT content-type application/json; charset=utf-8 server nginx
GET H2	200	c719ac4a-dedb-4102-8be0-f78898f7cd35 Show response auth-api.universa.vip/api/v1/public/companies/	2 KB 975 B	47ms 5ms	XHR application/json	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://auth-api.universa.vip/api/v1/public/companies/c719ac4a-dedb-4102-8be0-f78898f7cd35 Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/static/js/main.bc6cb930.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash fe2b102456fb831f357079305d3d21b2566b408ae9ac5778bcd753457e36040e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://payment.rumah-yatim.org/ Response headers access-control-allow-origin * content-encoding gzip date Sat, 26 Apr 2025 01:30:42 GMT content-type application/json; charset=utf-8 server nginx
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	271 KB 68 KB	14ms 4ms	Script application/x-javascript	57.144.160.128 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/static/js/main.bc6cb930.js Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.160.128 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-sin2.fbcdn.net Software / Resource Hash c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7 Security Headers Name Value Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-gPlleh11' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 26 Apr 2025 01:30:42 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' blob: *;script-src data: 'nonce-gPlleh11' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4819, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug XicOVSxhgc7tnnep3zbB0VdejhGlJTw6BypwszyF0eg+x27Gy690yyqg7tVimLoMd2v3MTOg/HQtnXmNjlwwlA== cross-origin-resource-policy cross-origin content-security-policy-report-only default-src 'self' blob: *;script-src 'nonce-gPlleh11' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 69961 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	lgbsi.png payment.rumah-yatim.org/assets/	73 KB 73 KB	9ms 6ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/lgbsi.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash f77b0077f8d978318a8986bc4320420c3e5615d82454e6e528917dc1bf1f9edd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 74319 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-1224f" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	bca.png payment.rumah-yatim.org/assets/	1 KB 2 KB	10ms 7ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/bca.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 3f32374c49a47d929e76d8a471bc4350dd2b93739ce13cc37d58f5f79e3e9e9e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 1505 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-5e1" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	mandiri.png payment.rumah-yatim.org/assets/	16 KB 16 KB	12ms 9ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/mandiri.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 540c207db39bcd02e433f2ee624f97418a0bb13ac34735948d2601c6a8038d20 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 16605 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-40dd" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	bni.png payment.rumah-yatim.org/assets/	17 KB 17 KB	13ms 11ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/bni.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash d1fa71c18a53352b8ddaed60acc8a518dad59cca7997ada872e680b6d1a345aa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 17199 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-432f" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	cimbs2.png payment.rumah-yatim.org/assets/	49 KB 50 KB	15ms 12ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/cimbs2.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash ea16e3e211cd807d534614f050db75eadcba11700fae05b7a8dab1d9bc43a618 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 50644 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-c5d4" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	bankbriva.png payment.rumah-yatim.org/assets/	21 KB 21 KB	16ms 14ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/bankbriva.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 26967fa215925bba5f848c95a22cf4b8864f794f226c4e2df58974d10dc27e9d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 21532 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-541c" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	danamon.png payment.rumah-yatim.org/assets/	60 KB 60 KB	18ms 16ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/danamon.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 4cf2239880405462a9617eff5b2b1de27619e04a5e63739fb243073a7787bcab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 60930 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-ee02" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	permata.png payment.rumah-yatim.org/assets/	70 KB 70 KB	19ms 17ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/permata.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 8a7cd43f65909eef2f1b560ba5bc2773e16f41f42ca5b0e0bda534db9f9ba16f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 71525 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-11765" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	lgovo2.png payment.rumah-yatim.org/assets/	261 KB 261 KB	21ms 19ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/lgovo2.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 97bfd1f515d57dfed6fc19c3af2a8ca7cb4ad9659517f3b467521e7195191a61 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 267010 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-41302" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	lgdana2.png payment.rumah-yatim.org/assets/	9 KB 9 KB	27ms 25ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/lgdana2.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash adbf7c83d17704d66bd42e1d6fda4f89089b153888af62be27dc1fe9c37a797d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 9426 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-24d2" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	shopeepay.jpg payment.rumah-yatim.org/assets/	24 KB 24 KB	27ms 26ms	Image image/jpeg	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/shopeepay.jpg Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 9fd99a81924c30326943bd266f31e36c5a3ccbc684820414693a9ecf13e67fd5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 24144 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-5e50" content-type image/jpeg last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	qris.png payment.rumah-yatim.org/assets/	13 KB 13 KB	28ms 26ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/qris.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash ee72179e0077739288c02bf4ea1f2d622212718cd75ad79cba065bc1c04e7373 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 13664 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-3560" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	doku.png payment.rumah-yatim.org/assets/	16 KB 16 KB	28ms 26ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/assets/doku.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash ced5519fe3b2c0196aaa5124a6f16a148c47c58a9fc95b1d2314cfe604e33f8d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 15973 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64155-3e65" content-type image/png last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx
GET H2	200	sprite.631447a33950530edbf9.png payment.rumah-yatim.org/static/media/	267 KB 268 KB	28ms 27ms	Image image/png	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://payment.rumah-yatim.org/static/media/sprite.631447a33950530edbf9.png Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/static/css/main.f6c0dbd4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash cd48b1ce07476346e8358b741f08d413bc3e936a119683fc2adaf52651366aab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/static/css/main.f6c0dbd4.css Response headers accept-ranges bytes content-length 273662 date Sat, 26 Apr 2025 01:30:42 GMT etag "67e64178-42cfe" content-type image/png last-modified Fri, 28 Mar 2025 06:28:08 GMT server nginx
GET H2	200	gtm.js Show response www.googletagmanager.com/	313 KB 109 KB	45ms 26ms	Script application/javascript	64.233.170.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NQN6ZBCM Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f97.1e100.net Software Google Tag Manager / Resource Hash 4a3e6acb34282e0ca131ccb320ccdb6ee44f1204ebc2977144a7139ab85828e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding br report-to {"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],} expires Sat, 26 Apr 2025 01:30:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 26 Apr 2025 01:30:42 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 26 Apr 2025 00:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascgcycc:1310:0 content-length 110733 x-xss-protection 0 server Google Tag Manager
GET H3	200	1166667048166797 Show response connect.facebook.net/signals/config/	84 KB 18 KB	221ms 221ms	Script application/x-javascript	57.144.160.128 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1166667048166797?v=2.9.199&r=stable&domain=payment.rumah-yatim.org&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.160.128 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-sin2.fbcdn.net Software / Resource Hash 2eaa5a8787aeebd71e0a5798efef9b9221e1fe373dfeedf279d85dbfcdc60cbb Security Headers Name Value Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-euBAFZs1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 26 Apr 2025 01:30:42 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' blob: *;script-src data: 'nonce-euBAFZs1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=78, mss=1232, tbw=79595, tp=74, tpl=0, uplat=217, ullat=0 pragma public x-fb-debug wavSP23CQJgdk/iavHQlZ176U5udevUKGhSC4bMzh0Di796IMLU+3kUDESNjP2+0BANfLrGVoy1X+tU+PwApFw== cross-origin-resource-policy cross-origin content-security-policy-report-only default-src 'self' blob: *;script-src 'nonce-euBAFZs1' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?1
POST H3	200	collect www.google.com/ccm/	0 0	16ms 7ms	Ping text/plain	74.125.200.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpayment.rumah-yatim.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1925927695.1745631043&dt=Payment%20Gateway&auid=696708843.1745631043&navt=n&npa=0&gtm=45He54n0v9206645510za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&tft=1745631042869&tfd=997&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQN6ZBCM Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f99.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers
GET H2	200	sw_iframe.html Show response www.googletagmanager.com/static/service_worker/54l0/ Frame 5477	3 KB 2 KB	11ms 4ms	Document text/html	142.251.12.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fpayment.rumah-yatim.org Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQN6ZBCM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.97 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f97.1e100.net Software sffe / Resource Hash d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 35478 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1482 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Fri, 25 Apr 2025 15:39:24 GMT expires Sat, 25 Apr 2026 15:39:24 GMT last-modified Mon, 21 Apr 2025 09:28:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.facebook.com/privacy_sandbox/topics/registration/	67 B 0	191ms 180ms	Fetch image/png	57.144.186.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/privacy_sandbox/topics/registration/?id=1166667048166797 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/signals/config/1166667048166797?v=2.9.199&r=stable&domain=payment.rumah-yatim.org&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119 Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.186.1 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin2.facebook.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-uQ748ECt' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers access-control-expose-headers X-FB-Debug, X-Loader-Length, X-Stack, Error-MID content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497428241463723748&cpp=C3&cv=1022255694&st=1745631043063"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff observe-browsing-topics ?1 expires Sat, 01 Jan 2000 00:00:00 GMT access-control-allow-methods OPTIONS alt-svc h3=":443"; ma=86400 date Sat, 26 Apr 2025 01:30:43 GMT content-type image/png vary Origin, Accept-Encoding x-fb-debug iIACdHYKq5R6j8qgHVjRGBkR2kmrKF3esX+yDbhlyLs0SbiDya4SB5t3QeAFey6jFi9vfCeFRGknmBdjKawjkw== priority u=1,i strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497428241463723748&cpp=C3&cv=1022255694&st=1745631043063", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-uQ748ECt' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5114, tp=11, tpl=0, uplat=176, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy same-origin access-control-allow-credentials true permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 19 B	12ms 5ms	Image text/plain	57.144.186.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1166667048166797&ev=PageView&dl=https%3A%2F%2Fpayment.rumah-yatim.org&rl=&if=false&ts=1745631042959&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4124&fbp=fb.1.1745631042954.233028994660586132&cs_est=true&pm=1&hrl=55bed4&ler=empty&cdl=API_unavailable&it=1745631042658&coo=false&cs_cc=1&cas=24077311955204195%2C10051831014867148%2C9204554026334658%2C9875912829086439%2C9847626125267510%2C9277716402346905%2C28961587996822652%2C9387970254585762%2C9341321875944381%2C8909704419134279%2C23925944817007941&exp=k0&rqm=GET Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.186.1 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4964, tp=12, tpl=0, uplat=1, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 26 Apr 2025 01:30:42 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 193 B	235ms 228ms	Image image/png	57.144.186.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1166667048166797&ev=PageView&dl=https%3A%2F%2Fpayment.rumah-yatim.org&rl=&if=false&ts=1745631042959&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=4124&fbp=fb.1.1745631042954.233028994660586132&cs_est=true&pm=1&hrl=55bed4&ler=empty&cdl=API_unavailable&it=1745631042658&coo=false&cs_cc=1&cas=24077311955204195%2C10051831014867148%2C9204554026334658%2C9875912829086439%2C9847626125267510%2C9277716402346905%2C28961587996822652%2C9387970254585762%2C9341321875944381%2C8909704419134279%2C23925944817007941&exp=k0&rqm=FGET Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.186.1 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin2.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-8oL6mv73' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497428242614206232&cpp=C3&cv=1022255694&st=1745631043067"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 26 Apr 2025 01:30:43 GMT content-type image/png vary Accept-Encoding x-fb-debug ehiJsn/Gv2ZkrlciaelRcmbRXzf3HIXtuGXRoVxlAFjgZwTPnnZVEY6fpioV9tjNgebeYsH6ejpNEmPs7XQWfg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497428242614206232&cpp=C3&cv=1022255694&st=1745631043067", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-8oL6mv73' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=24, mss=1232, tbw=5524, tp=17, tpl=0, uplat=222, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	12ms 6ms	Image text/plain	57.144.186.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1166667048166797&ev=AddPaymentInfo&dl=https%3A%2F%2Fpayment.rumah-yatim.org&rl=&if=false&ts=1745631042964&sw=1600&sh=1200&v=2.9.199&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1745631042954.233028994660586132&pm=1&hrl=c56f03&ler=empty&cdl=API_unavailable&it=1745631042658&coo=false&tm=1&cs_cc=1&cas=10051831014867148%2C9288778957873791&exp=k0&rqm=GET Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.186.1 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5284, tp=14, tpl=0, uplat=1, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 26 Apr 2025 01:30:42 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 195 B	234ms 227ms	Image image/png	57.144.186.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1166667048166797&ev=AddPaymentInfo&dl=https%3A%2F%2Fpayment.rumah-yatim.org&rl=&if=false&ts=1745631042964&sw=1600&sh=1200&v=2.9.199&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4124&fbp=fb.1.1745631042954.233028994660586132&pm=1&hrl=c56f03&ler=empty&cdl=API_unavailable&it=1745631042658&coo=false&tm=1&cs_cc=1&cas=10051831014867148%2C9288778957873791&exp=k0&rqm=FGET Requested by Host: payment.rumah-yatim.org URL: https://payment.rumah-yatim.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 57.144.186.1 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin2.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-vGx3Z9cR' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497428241219902586&cpp=C3&cv=1022255694&st=1745631043070"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[],"aggregatable_values":{},"aggregatable_source_registration_time":"exclude","filters":{"3":["9395360783863996"]},"debug_reporting":true,"debug_key":"3606391206402699737"} date Sat, 26 Apr 2025 01:30:43 GMT content-type image/png vary Accept-Encoding x-fb-debug gfMiZnJxy6NTJqJJipegSlsP3mzcRD+/oPP6xy6345pXZDp6W8Z6OEsxPXabpaFVHEUTN2WxEfx0yBjueEkMPQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497428241219902586&cpp=C3&cv=1022255694&st=1745631043070", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-vGx3Z9cR' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=24, mss=1232, tbw=8964, tp=20, tpl=0, uplat=221, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	favicon.ico payment.rumah-yatim.org/	4 KB 4 KB	15ms 15ms	Other image/x-icon	172.104.183.224 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://payment.rumah-yatim.org/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.183.224 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-183-224.ip.linodeusercontent.com Software nginx / Resource Hash 3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 Referer https://payment.rumah-yatim.org/ Response headers accept-ranges bytes content-length 3870 date Sat, 26 Apr 2025 01:30:43 GMT etag "67e64155-f1e" content-type image/x-icon last-modified Fri, 28 Mar 2025 06:27:33 GMT server nginx

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| env object| React object| ReactDOM object| ReactBootstrap object| Alert object| webpackChunkmidtrans_payment function| fbq function| _fbq object| dataLayer object| google_tag_manager object| google_tag_data object| _fbq_gtm_ids

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rumah-yatim.org/	1970-01-21 07:03:27	Name: _gcl_au Value: 1.1.696708843.1745631043
			.rumah-yatim.org/	1970-01-21 07:03:27	Name: _fbp Value: fb.1.1745631042954.233028994660586132

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-api.universa.vip
cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
payment.rumah-yatim.org
program-api.universa.vip
www.facebook.com
www.google.com
www.googletagmanager.com
104.16.174.226
142.251.12.97
172.104.183.224
172.253.118.94
57.144.160.128
57.144.186.1
64.233.170.97
74.125.200.99
74.125.68.95
150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33
26967fa215925bba5f848c95a22cf4b8864f794f226c4e2df58974d10dc27e9d
2eaa5a8787aeebd71e0a5798efef9b9221e1fe373dfeedf279d85dbfcdc60cbb
35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
3f32374c49a47d929e76d8a471bc4350dd2b93739ce13cc37d58f5f79e3e9e9e
4a3e6acb34282e0ca131ccb320ccdb6ee44f1204ebc2977144a7139ab85828e3
4cf2239880405462a9617eff5b2b1de27619e04a5e63739fb243073a7787bcab
514c8773a3d9f6ccb3e015b82110a22b9d35883c3f73b185192675e41bd3f4e1
540c207db39bcd02e433f2ee624f97418a0bb13ac34735948d2601c6a8038d20
69ed30ff36f1249ce8b6f02bec362c9e1301c8ed9feabfd40f900aa3d3c9d23e
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8a7cd43f65909eef2f1b560ba5bc2773e16f41f42ca5b0e0bda534db9f9ba16f
8cac7f6a6913f268564c1dbd3af3422ca47d46eb5eb9134861cc2136800766cc
8e9fd1fa62b848a77009ee0d88c7c3960e359a24e84839846c7bfebf26074f0d
8f8c95c84b3f9793c2b8efd2c727e32b930c15ec4f70fb578f7d6aac939f5f1f
97bfd1f515d57dfed6fc19c3af2a8ca7cb4ad9659517f3b467521e7195191a61
9fd99a81924c30326943bd266f31e36c5a3ccbc684820414693a9ecf13e67fd5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adbf7c83d17704d66bd42e1d6fda4f89089b153888af62be27dc1fe9c37a797d
b658254628fdb33e90781dbfb94c5ce6223fb5dfe49d998dc892a7a348b362c0
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
cd48b1ce07476346e8358b741f08d413bc3e936a119683fc2adaf52651366aab
ced5519fe3b2c0196aaa5124a6f16a148c47c58a9fc95b1d2314cfe604e33f8d
d1fa71c18a53352b8ddaed60acc8a518dad59cca7997ada872e680b6d1a345aa
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea16e3e211cd807d534614f050db75eadcba11700fae05b7a8dab1d9bc43a618
ee72179e0077739288c02bf4ea1f2d622212718cd75ad79cba065bc1c04e7373
f77b0077f8d978318a8986bc4320420c3e5615d82454e6e528917dc1bf1f9edd
fe2b102456fb831f357079305d3d21b2566b408ae9ac5778bcd753457e36040e