auth.online-pajak.com Open in urlscan Pro
147.139.167.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ebupot-ctas-uni.online-pajak.com/
Effective URL:
https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Submission: On May 26 via api (May 26th 2025, 9:27:12 pm UTC) from TW — Scanned from TW

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 23 domains to perform 81 HTTP transactions. The main IP is 147.139.167.179, located in Jakarta, Indonesia and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is auth.online-pajak.com.
TLS certificate: Issued by R10 on April 14th 2025. Valid for: 3 months.

This is the only time auth.online-pajak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	147.139.167.179 147.139.167.179	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	172.67.68.34 172.67.68.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.8.84 142.251.8.84	15169 (GOOGLE) (GOOGLE)
4	216.58.220.138 216.58.220.138	15169 (GOOGLE) (GOOGLE)
6	172.217.26.232 172.217.26.232	15169 (GOOGLE) (GOOGLE)
3	142.251.222.4 142.251.222.4	15169 (GOOGLE) (GOOGLE)
1	23.220.70.142 23.220.70.142	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
1	104.16.140.209 104.16.140.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.20.39.213 104.20.39.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.7.130 104.21.7.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	64.233.187.155 64.233.187.155	15169 (GOOGLE) (GOOGLE)
3	142.250.207.3 142.250.207.3	15169 (GOOGLE) (GOOGLE)
2	172.217.175.110 172.217.175.110	15169 (GOOGLE) (GOOGLE)
9 16	150.171.22.12 150.171.22.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.207.34 142.250.207.34	15169 (GOOGLE) (GOOGLE)
2	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
2	172.217.161.67 172.217.161.67	15169 (GOOGLE) (GOOGLE)
3	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
7	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.175.201 104.17.175.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.77.142 104.16.77.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.147.16 172.64.147.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.128.172 104.17.128.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.240.108 104.18.240.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.17.176.91 104.17.176.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.118.116 104.16.118.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
81	28

11 147.139.167.179 (Jakarta, Indonesia) 2 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

ebupot-ctas-uni.online-pajak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.online-pajak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
labels.online-pajak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home.online-pajak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.34 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.online-pajak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.8.84 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.220.138 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s17-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.26.232 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.222.4 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.70.142 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-220-70-142.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.140.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.39.213 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.apollo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.7.130 (None, )

ASN13335 (CLOUDFLARENET, US)

aplo-evnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.187.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.207.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f3.1e100.net

www.google.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.110 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 150.171.22.12 (United States) 9 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.161.67 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.175.201 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.77.142 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.128.172 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.240.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.176.91 (None, )

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)

exceptions.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	linkedin.com 9 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 344 www.linkedin.com — Cisco Umbrella Rank: 698	10 KB
12	online-pajak.com 3 redirects ebupot-ctas-uni.online-pajak.com www.online-pajak.com auth.online-pajak.com labels.online-pajak.com home.online-pajak.com	249 KB
10	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6307	367 KB
9	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3184 api.hubspot.com — Cisco Umbrella Rank: 5000 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3229 app.hubspot.com — Cisco Umbrella Rank: 5416 exceptions.hubspot.com — Cisco Umbrella Rank: 9226 track.hubspot.com — Cisco Umbrella Rank: 2285	44 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 164	88 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	709 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 168 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 td.doubleclick.net — Cisco Umbrella Rank: 310	5 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	4 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	216 B
3	google.com.tw www.google.com.tw — Cisco Umbrella Rank: 22274	626 B
2	gstatic.com fonts.gstatic.com	164 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62
2	aplo-evnt.com aplo-evnt.com — Cisco Umbrella Rank: 25907	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 219	85 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3616	1015 B
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3371	974 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3253	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2160	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5118	27 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2182	26 KB
1	apollo.io assets.apollo.io — Cisco Umbrella Rank: 25032	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2378	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 920	15 KB
81	23

	Domain	Requested by
13	px.ads.linkedin.com	6 redirects snap.licdn.com auth.online-pajak.com
10	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
7	auth.online-pajak.com	auth.online-pajak.com
6	www.googletagmanager.com	auth.online-pajak.com www.googletagmanager.com js.hsadspixel.net
4	fonts.googleapis.com	auth.online-pajak.com
3	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	www.facebook.com	connect.facebook.net auth.online-pajak.com
3	www.linkedin.com	3 redirects
3	www.google.com.tw	auth.online-pajak.com
3	www.google.com	www.googletagmanager.com auth.online-pajak.com
3	accounts.google.com	auth.online-pajak.com accounts.google.com
2	api.hubspot.com	js.usemessages.com
2	fonts.gstatic.com	fonts.googleapis.com
2	td.doubleclick.net	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	aplo-evnt.com	assets.apollo.io
2	connect.facebook.net	auth.online-pajak.com connect.facebook.net
2	labels.online-pajak.com	1 redirects auth.online-pajak.com
1	track.hubspot.com
1	exceptions.hubspot.com	static.hsappstatic.net
1	api.hubapi.com	js.hsadspixel.net
1	perf-na1.hsforms.com	auth.online-pajak.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	assets.apollo.io	auth.online-pajak.com
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	home.online-pajak.com	auth.online-pajak.com
1	www.online-pajak.com	1 redirects
1	ebupot-ctas-uni.online-pajak.com	1 redirects
81	37

This site contains links to these domains. Also see Links.

Domain
www.online-pajak.com

Subject Issuer	Validity	Valid
*.online-pajak.com R10	`2025-04-14` - `2025-07-13`	3 months	crt.sh
accounts.google.com WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
upload.video.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google-analytics.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-13` - `2025-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-03-05` - `2025-06-03`	3 months	crt.sh
hs-scripts.com WE1	`2025-05-20` - `2025-08-18`	3 months	crt.sh
apollo.io E5	`2025-04-25` - `2025-07-24`	3 months	crt.sh
aplo-evnt.com WE1	`2025-04-10` - `2025-07-09`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.google.com.tw WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2025-03-16` - `2025-09-16`	6 months	crt.sh
*.doubleclick.net WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
*.gstatic.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
hubspot.com WE1	`2025-05-26` - `2025-08-24`	3 months	crt.sh
hs-analytics.net WE1	`2025-04-02` - `2025-07-01`	3 months	crt.sh
usemessages.com WE1	`2025-04-01` - `2025-06-30`	3 months	crt.sh
hs-banner.com WE1	`2025-05-18` - `2025-08-16`	3 months	crt.sh
hsadspixel.net WE1	`2025-04-05` - `2025-07-04`	3 months	crt.sh
hsforms.com WE1	`2025-05-08` - `2025-08-06`	3 months	crt.sh
hubapi.com WE1	`2025-05-03` - `2025-08-01`	3 months	crt.sh
hsappstatic.net WE1	`2025-04-30` - `2025-07-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Frame ID: 3203263D8E1911179EFB590799E2423C
Requests: 61 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&shape=pill&logo_alignment=left&text=continue_with&width=360px&is_fedcm_supported=true&client_id=987811989858-b3b9gfpou7e3qst7b51k5u9i13r279v3.apps.googleusercontent.com&iframe_id=gsi_834561_918031&cas=tMiX9%2F6IqB9gGplioKyavTCCt%2FoaT1XdaDHWvMhT%2BXI&hl=id_ID
Frame ID: 24E71EB322045B66BAD4BE3BC214786C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fauth.online-pajak.com
Frame ID: 382BD894596A2403B8AAF9F324F7CBF5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/713396254?random=1748294835789&cv=11&fst=1748294835789&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746z871303748za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg
Frame ID: EB07EF3A2A99CA13004E2C4544E0D3B5
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/7041177/threads/utk/00922238e0db44af8cde5ba9c36c05fa?uuid=ac0207dbd7374fcab810d2fd22fcf639&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.online-pajak.com&inApp53=false&messagesUtk=00922238e0db44af8cde5ba9c36c05fa&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false
Frame ID: F040141693238A73A586995103F3723C
Requests: 14 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/713396254?random=1748294837659&cv=11&fst=1748294837659&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 9057DBE94CC285721B1EFE47AA51B838
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in - OnlinePajak

Page URL History Show full URLs

https://ebupot-ctas-uni.online-pajak.com/ HTTP 302
https://www.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F HTTP 301
https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

81
Requests

95 %
HTTPS

0 %
IPv6

23
Domains

37
Subdomains

28
IPs

4
Countries

1821 kB
Transfer

5520 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.online-pajak.com/
Title: arrow_back Kembali ke beranda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ebupot-ctas-uni.online-pajak.com/ HTTP 302
https://www.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F HTTP 301
https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://labels.online-pajak.com/header-logo.svg HTTP 302
https://labels.online-pajak.com/assets/header-logo.svg

Request Chain 35

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D794011%26time%3D1748294835459%26li_adsId%3Db56c487d-1d4d-419e-8ea0-27048e6ffaba%26conversionId%3D10644833%26url%3Dhttps%253A%252F%252Fauth.online-pajak.com%252Flogin-page%253Fredirect_url%253Dhttp%25253A%25252F%25252Febupot-ctas-uni.online-pajak.com%25252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true

Request Chain 36

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D794011%26time%3D1748294835461%26li_adsId%3Db56c487d-1d4d-419e-8ea0-27048e6ffaba%26conversionId%3D10644841%26url%3Dhttps%253A%252F%252Fauth.online-pajak.com%252Flogin-page%253Fredirect_url%253Dhttp%25253A%25252F%25252Febupot-ctas-uni.online-pajak.com%25252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true

Request Chain 37

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D794011%26time%3D1748294835461%26li_adsId%3Db56c487d-1d4d-419e-8ea0-27048e6ffaba%26conversionId%3D13618817%26url%3Dhttps%253A%252F%252Fauth.online-pajak.com%252Flogin-page%253Fredirect_url%253Dhttp%25253A%25252F%25252Febupot-ctas-uni.online-pajak.com%25252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login-page Show response
auth.online-pajak.com/
Redirect Chain

https://ebupot-ctas-uni.online-pajak.com/
https://www.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

2 KB
1 KB

151ms
139ms

Document
text/html

147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to

Full URL

https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

7a40f50c9949e0cd8db835bc0a77ca29d5be5aaed7714d88617bee5be276315f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 26 May 2025 21:27:13 GMT
etag: W/"67da6682-84f"
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
strict-transport-security: max-age=15724800
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

cache-control: max-age=3600
cf-ray: 94605af47b2508ed-HKG
content-length: 167
content-type: text/html
date: Mon, 26 May 2025 21:27:13 GMT
expires: Mon, 26 May 2025 22:27:13 GMT
location: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARRNRaBq22YHG31tZw5v80tfKrUzHciWrYY%2FpxpMVwBz4AuHO1%2FuKaQnrmJpZib2J%2FmZHkNFQi6ZtknFFv5T7UPIk7hGIZz78hBwmrT2WZvzz%2BBy3nqBh3MrA3t5pReKLztzE0bf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=87256&min_rtt=87180&rtt_var=18437&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4008&recv_bytes=2450&delivery_rate=47696&cwnd=252&unsent_bytes=0&cid=9eb9b1b2e53f5c42&ts=100&x=0"
vary: Accept-Encoding

GET
H2 200 client Show response
accounts.google.com/gsi/ 230 KB
87 KB 249ms
81ms Script
application/javascript 142.251.8.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.84 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f84.1e100.net

Software

ESF /

Resource Hash

a55feb6bafb3933c5f035c20bdca6a6985a25b0c9d708cf0871cf61e90982bc6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-AogOpCbFPZJR0HfrMaB_kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-AogOpCbFPZJR0HfrMaB_kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:27:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 26 May 2025 21:27:13 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
706 B 432ms
154ms Stylesheet
text/css 216.58.220.138
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f10.1e100.net

Software

ESF /

Resource Hash

8f8c95c84b3f9793c2b8efd2c727e32b930c15ec4f70fb578f7d6aac939f5f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:27:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 21:27:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
970 B 428ms
152ms Stylesheet
text/css 216.58.220.138
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend:wght@300;400;500&display=swap

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f10.1e100.net

Software

ESF /

Resource Hash

b0c137e5755d1e5de0de924e814fae88b6be8dd953773cddcdff82ac3f7338e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:27:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 21:23:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 569 B
440 B 428ms
152ms Stylesheet
text/css 216.58.220.138
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f10.1e100.net

Software

ESF /

Resource Hash

cc0bc2cbaca383e1600d349e580513f188e4d745bf269b63ffaff46a091fd196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:27:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 21:27:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 431ms
155ms Stylesheet
text/css 216.58.220.138
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f10.1e100.net

Software

ESF /

Resource Hash

bb125b35229fd1caaeed80f61895696c448d55487e091e95513a154628d5604e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:27:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:13 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 26 May 2025 19:46:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 chunk-vendors.js Show response
auth.online-pajak.com/js/ 418 KB
140 KB 140ms
138ms Script
application/javascript 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to

Full URL

https://auth.online-pajak.com/js/chunk-vendors.js

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

89b965a155db4ffe860afa282a05c6300df625a37dbe7548b692d4d0a031608d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Response headers

strict-transport-security: max-age=15724800
content-encoding: gzip
etag: W/"67da6682-68604"
x-content-type-options: nosniff
x-xss-protection: 1
date: Mon, 26 May 2025 21:27:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 app.js Show response
auth.online-pajak.com/js/ 80 KB
21 KB 137ms
135ms Script
application/javascript 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to

Full URL

https://auth.online-pajak.com/js/app.js

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

a836d7771f3555c6d867500b4bec3d9f0d37dbee0b9fae0efae2614f43b2c577

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Response headers

strict-transport-security: max-age=15724800
content-encoding: gzip
etag: W/"67da6682-141d5"
x-content-type-options: nosniff
x-xss-protection: 1
date: Mon, 26 May 2025 21:27:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 chunk-vendors.css
auth.online-pajak.com/css/ 347 KB
43 KB 150ms
148ms Stylesheet
text/css 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to

Full URL

https://auth.online-pajak.com/css/chunk-vendors.css

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

a3473013d78fb797695e79523b15a15592dbf8b948ecc87e000488a9341fd53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Response headers

strict-transport-security: max-age=15724800
content-encoding: gzip
etag: W/"67da6682-56d99"
x-content-type-options: nosniff
x-xss-protection: 1
date: Mon, 26 May 2025 21:27:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 app.css
auth.online-pajak.com/css/ 15 KB
3 KB 137ms
135ms Stylesheet
text/css 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to

Full URL

https://auth.online-pajak.com/css/app.css

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

48a4bef47b3846b034930d66251eb4115255802b94fc1d1abb057e4b1fb9f4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Response headers

strict-transport-security: max-age=15724800
content-encoding: gzip
etag: W/"67da6682-3a2f"
x-content-type-options: nosniff
x-xss-protection: 1
date: Mon, 26 May 2025 21:27:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 597 KB
175 KB 451ms
182ms Script
application/javascript 172.217.26.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

23355871af032ec10f7602599b86f498d2662c7c08100239a78b33c348fc1c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
report-to: {"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires: Mon, 26 May 2025 21:27:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1317:0
content-length: 177894
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 79ms
79ms Stylesheet
text/css 142.251.8.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.84 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f84.1e100.net

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BG9Bkdkq2moj61BkJWvd0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BG9Bkdkq2moj61BkJWvd0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:27:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Mon, 26 May 2025 21:27:14 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 button
accounts.google.com/gsi/ Frame 24E7 0
0 275ms
124ms Document
text/html 142.251.8.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&shape=pill&logo_alignment=left&text=continue_with&width=360px&is_fedcm_supported=true&client_id=987811989858-b3b9gfpou7e3qst7b51k5u9i13r279v3.apps.googleusercontent.com&iframe_id=gsi_834561_918031&cas=tMiX9%2F6IqB9gGplioKyavTCCt%2FoaT1XdaDHWvMhT%2BXI&hl=id_ID

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.84 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f84.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05kE89makAxaOWv5aOBPsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.online-pajak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-05kE89makAxaOWv5aOBPsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Mon, 26 May 2025 21:27:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

header-logo.svg
labels.online-pajak.com/assets/
Redirect Chain

https://labels.online-pajak.com/header-logo.svg
https://labels.online-pajak.com/assets/header-logo.svg

2 KB
1 KB

139ms
138ms

Image
image/svg+xml

147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to Show image

Full URL

https://labels.online-pajak.com/assets/header-logo.svg

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

/ Express

Resource Hash

f6e3fa8877c3face12ddc22c480086c9588386513b408dac348301c695053e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

strict-transport-security: max-age=15724800
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"743-19535f58248"
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 26 May 2025 21:27:14 GMT
x-xss-protection: 1
content-type: image/svg+xml
x-powered-by: Express
last-modified: Mon, 24 Feb 2025 03:17:17 GMT
x-frame-options: SAMEORIGIN

Redirect headers

strict-transport-security: max-age=15724800
cache-control: no-cache, no-store, must-revalidate
location: /assets/header-logo.svg
pragma: no-cache
x-content-type-options: nosniff
content-length: 45
date: Mon, 26 May 2025 21:27:14 GMT
x-xss-protection: 1
content-type: text/plain; charset=utf-8
x-powered-by: Express
vary: Accept
x-frame-options: SAMEORIGIN

GET
H2 200 flag_id.svg
auth.online-pajak.com/img/ 1 KB
911 B 135ms
135ms Image
image/svg+xml 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to Show image

Full URL

https://auth.online-pajak.com/img/flag_id.svg

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

c128a06c8e3caa237cd34bd6774bc2f0d6e5e9f721474a32050e9f9c427b8e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Response headers

strict-transport-security: max-age=15724800
content-encoding: gzip
etag: W/"67da6682-523"
x-content-type-options: nosniff
x-xss-protection: 1
date: Mon, 26 May 2025 21:27:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 op_logo.svg
home.online-pajak.com/public/img/ 8 KB
4 KB 247ms
236ms Image
image/svg+xml 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to Show image

Full URL

https://home.online-pajak.com/public/img/op_logo.svg

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/css/app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

a28a02f731701009865ce0c09e45d0e0e0827916bdcb8b61eef552336439eeac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

strict-transport-security: max-age=15724800
cache-control: public, max-age=0
content-encoding: gzip
etag: W/"1fbe-196ce100ac0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 26 May 2025 21:27:14 GMT
x-xss-protection: 1
last-modified: Wed, 14 May 2025 09:11:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

POST
H3 200 collect
www.google.com/ccm/ 0
0 376ms
151ms Fetch
text/plain 142.251.222.4
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page&scrsrc=www.googletagmanager.com&frm=0&rnd=2054057132.1748294835&dt=Log%20in%20-%20OnlinePajak&auid=2061786393.1748294835&navt=n&npa=0&gtm=45He55m0h2v71303748za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&tft=1748294834841&tfd=2152&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.222.4 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s71-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 476 KB
150 KB 175ms
174ms Script
application/javascript 172.217.26.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDXQQPMD40&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8558d17086c5f639b95236d80240b71e89d883cc3d498b2616d829e9f01ec6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 21:27:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 153552
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 473 KB
149 KB 168ms
168ms Script
application/javascript 172.217.26.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-39W2Q4H7C4&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7d3017e070ff9189ae6f532148a00b64638c87d6450413a86f482a6adc418941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 21:27:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 151720
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
15 KB 448ms
140ms Script
application/javascript 23.220.70.142
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.70.142 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-220-70-142.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3aa63b9438e4a02c286789b669c42215a3dabcd2ab623d2f599124d37ee8496

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
x-cdn-proto: HTTP2
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
content-length: 14695
date: Mon, 26 May 2025 21:27:15 GMT
last-modified: Tue, 20 May 2025 09:23:57 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 275 KB
69 KB 272ms
136ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-RCJlMxOq' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-RCJlMxOq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=130, rtx=0, c=24, mss=1232, tbw=8713, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: uOgdiNsG7LV1pJdYwZf7DaMNteTXFAHPHqih/JQuwAM5rznnaApJEt2KfdPZNaisUEUdDq1A2KD6YpY1mTa2eA==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-RCJlMxOq' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 70852
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 7041177.js Show response
js.hs-scripts.com/ 2 KB
1 KB 1229ms
1038ms Script
application/javascript 104.16.140.209
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://js.hs-scripts.com/7041177.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.140.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc4ebff635cc77df319b664647432c5697d865e3bd2f2c0cd2ff64ab743b8ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Mon, 26 May 2025 21:28:46 GMT
date: Mon, 26 May 2025 21:27:16 GMT
x-hubspot-correlation-id: 2817039f-2a9c-4ebf-98fb-896aa62c975c
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Mon, 26 May 2025 21:27:16 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 94605aff4e4e850a-HKG
accept-ranges: bytes
access-control-allow-origin: https://auth.online-pajak.com
content-length: 673
server: cloudflare

GET
H2 200 tracker.iife.js Show response
assets.apollo.io/micro/website-tracker/ 3 KB
2 KB 289ms
104ms Script
application/javascript 104.20.39.213
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=9rk01
Requested by: Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.39.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=MY6wfg==, md5=hthBoodcqITOwlOMWg5w7g==
etag: "86d841a2875ca884cec2538c5a0e70ee"
age: 76363
cf-cache-status: HIT
x-goog-stored-content-encoding: gzip
expires: Mon, 25 May 2026 01:04:50 GMT
x-goog-stored-content-length: 1168
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/javascript
last-modified: Mon, 13 Jan 2025 12:58:37 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgR0GWTH0sbOD7lXmGqE8t7L9_WJGwJdwoxHi8sbYRAR8-RKR9xXfZuVRio2_Hu8o0zdn6bcVp4
cache-control: public, max-age=31376255
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 94605aff4d31854e-HKG
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736773117067886
content-length: 1168
server: cloudflare

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/55j0/ Frame 382B 3 KB
2 KB 373ms
110ms Document
text/html 172.217.26.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fauth.online-pajak.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL8R94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f8.1e100.net

Software

sffe /

Resource Hash

d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 49932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1482
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 07:35:03 GMT
expires: Tue, 26 May 2026 07:35:03 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 track_request
aplo-evnt.com/api/v1/intent_pixel/ Frame 0
0 742ms
644ms Preflight 104.21.7.130
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=66a9ba73bd777702d246c4bd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.7.130 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://auth.online-pajak.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 94605b0098275de6-HKG
content-length: 0
date: Mon, 26 May 2025 21:27:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOaBmcoO8UjMPw3yq8%2BhBJZGy2646PX3BzlXFZjy%2BcrtrMO6Ci8Tt5m2Ox8N4MvM0jzjEvzP5k7I98tI8xs34HcambbSKwPQQpw7u3PckkzzshEO7bnSo0Hwn1kfcw%2Fa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=85074&min_rtt=84951&rtt_var=10263&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3645&recv_bytes=3316&delivery_rate=1228362&cwnd=15470&unsent_bytes=0&cid=af1b17fd7aae5054&ts=648&x=92"
x-request-id: 8e000f74-375b-4e6e-9fe0-fd2c4222d183
x-runtime: 0.001314

POST
H3 400 track_request Show response
aplo-evnt.com/api/v1/intent_pixel/ 142 B
2 KB 312ms
311ms Fetch
application/json 104.21.7.130
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=66a9ba73bd777702d246c4bd

Requested by

Host: assets.apollo.io
URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=9rk01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.7.130 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14705c4ce639ad62267ee6dbe08c73d6890631d0d1e2ba4b836571c04cf050d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn .salesforce.com .lightning.force.com; report-uri https://o101058.ingest.us.sentry.io/api/222018/security/?sentry_key=86bb17dd8c2449719dd6b498f3431191&sentry_environment=production&sentry_release=0aa6a5d57b12ad9279f20e031c7f324eb71c3ee1
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://auth.online-pajak.com/

Response headers

access-control-max-age: 7200
x-request-id: 74cbc77b-73b5-40ed-9797-c25f7d3cc736
access-control-expose-headers
x-transaction-id: a0b6a310-823a-42f0-94c2-d1010f289990
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piAht9gqHJMthYZd1%2BNFRlHjYDfhw1AOJ7GQz%2Fipxe1iWvpmeJzRToXsih07HvQZ5JmRq7NXTOA7tjsn1FGRzRu1dytAMllmHDzus%2Fdwalu5aAOgwCshnywoFZijNoDZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=85072&min_rtt=84951&rtt_var=7701&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4383&recv_bytes=3927&delivery_rate=1228362&cwnd=16185&unsent_bytes=0&cid=af1b17fd7aae5054&ts=950&x=92"
date: Mon, 26 May 2025 21:27:16 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.016276
x-frame-options: ALLOWALL
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com; report-uri https://o101058.ingest.us.sentry.io/api/222018/security/?sentry_key=86bb17dd8c2449719dd6b498f3431191&sentry_environment=production&sentry_release=0aa6a5d57b12ad9279f20e031c7f324eb71c3ee1
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 94605b0498465de6-HKG
access-control-allow-origin: *
content-length: 142
server: cloudflare

POST
H2 204 collect
analytics.google.com/g/ 0
0 236ms
76ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZDXQQPMD40&gtm=45je55m0h2v879527744z871303748za200zb71303748&_p=1748294833619&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~102938614~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1764229386.1748294835&ul=zh-tw&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&sid=1748294835&sct=1&seg=0&dt=Log%20in%20-%20OnlinePajak&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clean_url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tfd=2550
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDXQQPMD40&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://auth.online-pajak.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
552 B 233ms
75ms Ping
text/plain 64.233.187.155
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZDXQQPMD40&cid=1764229386.1748294835&gtm=45je55m0h2v879527744z871303748za200zb71303748&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~102938614~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDXQQPMD40&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.187.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to: {"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://auth.online-pajak.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:124:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.com.tw/ads/ 42 B
408 B 381ms
115ms Image
image/gif 142.250.207.3
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.tw/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZDXQQPMD40&cid=1764229386.1748294835&gtm=45je55m0h2v879527744z871303748za200zb71303748&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~102938614~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&tag_exp=101509157~102938614~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&z=652796602

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 21:27:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 343 KB
117 KB 165ms
164ms Script
application/javascript 172.217.26.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-713396254&cx=c&gtm=45je55m0h2v9104031721za200zb71303748&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39W2Q4H7C4&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f78a44eccbd07988c6b634c7f01417254ce9fa5dfa8a032ff667ec4cd180a3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 26 May 2025 21:27:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcysghrgc:42:0
content-length: 119770
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 422ms
151ms Fetch
text/plain 172.217.175.110
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-39W2Q4H7C4&gtm=45je55m0h2v9104031721z871303748za200zb71303748&_p=1748294833619&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1764229386.1748294835&ul=zh-tw&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&sid=1748294835&sct=1&seg=0&dt=Log%20in%20-%20OnlinePajak&en=page_view&_fv=1&_ss=1&tfd=2683
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39W2Q4H7C4&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.175.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s21-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://auth.online-pajak.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:15 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 1580397249074984 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 337ms
337ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/1580397249074984?v=2.9.203&r=stable&domain=auth.online-pajak.com&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

43dedd4aab98e77487a7303dd61316f085f0f12953881e825edd30e9a35c254e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src data: 'nonce-pCQPePWz' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src data: 'nonce-pCQPePWz' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=130, rtx=0, c=88, mss=1232, tbw=84461, tp=80, tpl=0, uplat=204, ullat=0
pragma: public
x-fb-debug: g1GmB9gHRDXC9Avic5Hi7jO86LZS7NDTabb2uV2dVy6YxqKF7smthyCWMR2b6HeWvde2w5tyodlCDr7VlWNz2w==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' blob: *;script-src 'nonce-pCQPePWz' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
788 B 683ms
332ms XHR
text/plain 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth.online-pajak.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref: Ref A: 5EC69B8345F5473A9B89473A1D7B704E Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:15Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAY2EJypJjGrXpqqTd7Ayg==
x-li-proto: http/2
access-control-allow-origin: https://auth.online-pajak.com
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:15 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
508 B 684ms
331ms XHR
application/json 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=794011&time=1748294835459&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&conversionId=10644833&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: *
Referer: https://auth.online-pajak.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000636109ca9354c8dce0a4601518632
x-msedge-ref: Ref A: E3861199859A4E09B0AD799DF5779E63 Ref B: MNL30EDGE0508 Ref C: 2025-05-26T21:27:15Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAY2EJypNUyNzgpGAVGGMg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
590 B 724ms
372ms XHR
application/json 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=794011&time=1748294835461&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&conversionId=10644841&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: *
Referer: https://auth.online-pajak.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000636109ca97024bdd0efc6a141ddef
x-msedge-ref: Ref A: A77209584E434F9896FBD4B1ECD25928 Ref B: MNL30EDGE0508 Ref C: 2025-05-26T21:27:15Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAY2EJypcCS90O/GoUHd7w==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
764 B 642ms
291ms XHR
application/json 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=794011&time=1748294835461&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&conversionId=13618817&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: *
Referer: https://auth.online-pajak.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000636109ca8cbf094d4e4ac124bc7a5
x-msedge-ref: Ref A: 2A754B4320564AD78C17C44478C8A5AC Ref B: MNL30EDGE0508 Ref C: 2025-05-26T21:27:15Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAY2EJyoy/CU1OSsEkvHpQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:15 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D794011%26time%3D1748294835459%26li_adsId%3Db56c487d-1d4d-419e-8ea0-27048e6ffaba%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...

0
145 B

399ms
398ms

Image
application/javascript

150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true
Requested by: Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Protocol: H2
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5A18F5D158C747EDBDA48A2484942A61 Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:17Z
x-li-fabric: prod-lva1
x-li-uuid: AAY2EJy8ikKjxpVR2v1Gew==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 26 May 2025 21:27:16 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:16 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000
x-li-pop: afd-prod-lva1-x
content-security-policy: frame-ancestors 'self'
cache-control: no-cache, no-store
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835459&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644833&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true
pragma: no-cache
x-msedge-ref: Ref A: 95C3A7A21B9D4B878B283F146224E491 Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:16Z
x-li-uuid: AAY2EJy1YiL07iOclj6PEg==
content-length: 0

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D794011%26time%3D1748294835461%26li_adsId%3Db56c487d-1d4d-419e-8ea0-27048e6ffaba%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...

0
145 B

395ms
394ms

Image
application/javascript

150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true
Requested by: Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Protocol: H2
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EAF1866B9A244E3DA5056035751D4ADB Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:17Z
x-li-fabric: prod-lva1
x-li-uuid: AAY2EJy8i80hvtsoCYVNmA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 26 May 2025 21:27:16 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:16 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000
x-li-pop: afd-prod-lva1-x
content-security-policy: frame-ancestors 'self'
cache-control: no-cache, no-store
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=10644841&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true
pragma: no-cache
x-msedge-ref: Ref A: 03C17CE9D583448589D03AB499D92983 Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:16Z
x-li-uuid: AAY2EJy1ZfCRk1Eem/t8gw==
content-length: 0

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D794011%26time%3D1748294835461%26li_adsId%3Db56c487d-1d4d-419e-8ea0-27048e6ffaba%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page...

0
385 B

355ms
354ms

Image
application/javascript

150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true
Requested by: Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Protocol: H2
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9A59B081BBDE4D1CB64BA6EB8B155E61 Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:17Z
x-li-fabric: prod-lva1
x-li-uuid: AAY2EJy696J6GReTfYPVWg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 26 May 2025 21:27:16 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Mon, 26 May 2025 21:27:16 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=31536000
x-li-pop: afd-prod-lva1-x
content-security-policy: frame-ancestors 'self'
cache-control: no-cache, no-store
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=794011&time=1748294835461&li_adsId=b56c487d-1d4d-419e-8ea0-27048e6ffaba&conversionId=13618817&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&tm=gtmv2&cookiesTest=true&liSync=true
pragma: no-cache
x-msedge-ref: Ref A: 6CD54583F34B4227936E74F74778D989 Ref B: MNL30EDGE0618 Ref C: 2025-05-26T21:27:16Z
x-li-uuid: AAY2EJy1YzwUlgGBoAd+3w==
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/713396254/ 5 KB
2 KB 392ms
168ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/713396254/?random=1748294835789&cv=11&fst=1748294835789&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746z871303748za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-713396254&cx=c&gtm=45je55m0h2v9104031721za200zb71303748&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

fe6ebac0bc042e743f81b117a4a7c720044feeb0220172ce9630de51d0502dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1963
date: Mon, 26 May 2025 21:27:16 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 713396254 Show response
td.doubleclick.net/td/rul/ Frame EB07 13 B
523 B 400ms
119ms Document
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/713396254?random=1748294835789&cv=11&fst=1748294835789&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746z871303748za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.online-pajak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 21:27:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v143/ 125 KB
125 KB 273ms
118ms Font
font/woff2 172.217.161.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://auth.online-pajak.com
Referer: https://fonts.googleapis.com/

Response headers

age: 72620
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 26 May 2026 01:16:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 01:16:56 GMT
last-modified: Wed, 08 Jan 2025 18:24:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

GET
H3 200 wlpwgwvFAVdoq2_v-6QU.woff2
fonts.gstatic.com/s/lexend/v24/ 39 KB
39 KB 269ms
115ms Font
font/woff2 172.217.161.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v24/wlpwgwvFAVdoq2_v-6QU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lexend:wght@300;400;500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f3.1e100.net

Software

sffe /

Resource Hash

5cdfe8f6d3a887cd4c61ffd1541d32cc0540cc3c3342416a617d5a228b95c6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://auth.online-pajak.com
Referer: https://fonts.googleapis.com/

Response headers

age: 388081
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 22 May 2026 09:39:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 22 May 2025 09:39:15 GMT
last-modified: Mon, 17 Mar 2025 23:56:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39728
x-xss-protection: 0
server: sffe

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 393ms
243ms Fetch
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=1580397249074984

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1580397249074984?v=2.9.203&r=stable&domain=auth.online-pajak.com&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-aWztXzQP' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508869145784343355&cpp=C3&cv=1023194496&st=1748294836149"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 21:27:16 GMT
content-type: image/png
vary: Origin, Accept-Encoding
x-fb-debug: wwr9n7X1er7+aEJBpmurqOcp8JQZcw4UJcTqJjj5fW2fVo3YVg3kL3r+uM20Mi45qqqHpe2Zsbs9jiyWjdrbqQ==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508869145784343355&cpp=C3&cv=1023194496&st=1748294836149", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-aWztXzQP' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=142, rtx=0, c=24, mss=1232, tbw=8714, tp=13, tpl=0, uplat=100, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 284ms
134ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1580397249074984&ev=PageView&dl=https%3A%2F%2Fauth.online-pajak.com&rl=&if=false&ts=1748294835866&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4124&fbp=fb.1.1748294835864.600829461928459833&pm=1&hrl=acdc15&ler=empty&cdl=API_unavailable&it=1748294835445&coo=false&cs_cc=1&cas=7414445635342757%2C24786831870931220%2C9377075552363596%2C6398463800196970&exp=k0&rqm=GET

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=133, rtx=0, c=24, mss=1232, tbw=8714, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 26 May 2025 21:27:16 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 418ms
268ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1580397249074984&ev=PageView&dl=https%3A%2F%2Fauth.online-pajak.com&rl=&if=false&ts=1748294835866&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4124&fbp=fb.1.1748294835864.600829461928459833&pm=1&hrl=acdc15&ler=empty&cdl=API_unavailable&it=1748294835445&coo=false&cs_cc=1&cas=7414445635342757%2C24786831870931220%2C9377075552363596%2C6398463800196970&exp=k0&rqm=FGET

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-van3EIL3' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508869144752356217&cpp=C3&cv=1023194496&st=1748294836140"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 26 May 2025 21:27:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 2tWEyqpnz+ETwxc8So4BVUfzMF684NUvneW8hTjjzd5i5FMz/kS/NYNeLg8+WUSRmd2w2mgD6MPC8sLh+z9U+w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508869144752356217&cpp=C3&cv=1023194496&st=1748294836140", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-van3EIL3' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=133, rtx=0, c=27, mss=1232, tbw=9246, tp=19, tpl=0, uplat=134, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 86 KB
25 KB 509ms
312ms Script
application/javascript 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7041177.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a2983623baee265007b497fd1a9119cdd4e7798e332fc5736c749e885b66b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://auth.online-pajak.com
Referer: https://auth.online-pajak.com/

Response headers

x-request-id: 40ae85ff-f39f-4b0e-a56c-74a6fa26c226
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-version-id: wA3cdlx1RqsJGMGWMcife2pvp8C.cbzH
etag: W/"d83bc706ed92c7e8222902641b9b3a53"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xVduLaYAld7jmfNnxYIR7NFN936PSoa3jB%2Ba0R5IT3oYiAf9giYOsGS0yFYPlaeO2MbFDRELuJYpWb9rHY448Lm8fGhC4L0aTIcaeTXiClOtdx5Iwd0wO85ed94skEkK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: j72mfZLiGGZ20ga2DSRbPPvhgSwHxHiJv5zroaWMVY-SDN72umMYCg==
x-hubspot-correlation-id: 40ae85ff-f39f-4b0e-a56c-74a6fa26c226
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Apr 2025 03:05:22 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-mz8np
x-envoy-upstream-service-time: 7
x-hs-target-asset: web-interactives-embed/static-2.3004/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Mon, 26 May 2025 21:27:16 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.3004/bundles/project.js&cfRay=94605b071af78b83-HKG
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-ray: 94605b071af78b83-HKG
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 7041177.js Show response
js.hs-analytics.net/analytics/1748294700000/ 73 KB
26 KB 535ms
348ms Script
text/javascript 104.17.175.201
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://js.hs-analytics.net/analytics/1748294700000/7041177.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7041177.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f89054a53bdd6e3d3eddde7fde938d88b33f92fda19a81e75612ce56eb2d69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 142ce18a-863b-44b1-9ff4-1a65f0d0a5e9
content-encoding: gzip
cf-cache-status: MISS
etag: W/"31c8f2a0a7cd69c95f7725a23bc04bd0"
x-amz-version-id: null
expires: Mon, 26 May 2025 21:32:16 GMT
x-evy-trace-listener: listener_https
date: Mon, 26 May 2025 21:27:16 GMT
x-hubspot-correlation-id: 142ce18a-863b-44b1-9ff4-1a65f0d0a5e9
content-type: text/javascript
last-modified: Fri, 02 May 2025 21:50:35 GMT
vary: origin, Accept-Encoding
x-amz-id-2: /Fu6pHdPhXtX9hYW4MQuBJssvHWy18B9/xNqd1xuz4lZECYUN/hYfADbNzIKseg4EkbUwB1V/4o=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fbbff5ddb-x8pgv
x-envoy-upstream-service-time: 44
access-control-allow-credentials: false
x-amz-request-id: S2DANSQ7MDP5GES3
cf-ray: 94605b070cc004f8-HKG
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 95 KB
27 KB 306ms
100ms Script
application/javascript 104.16.77.142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7041177.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.77.142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96f1ea9147eaab2626e23d9a5691a2f52e8317f867848166b0f307e52fa7aa63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: c4821ea0-fb11-4ec9-9768-5bae895fe802
content-encoding: gzip
cf-cache-status: HIT
etag: W/"b68fa9c6c6ae9b8611c1b244ad54dfdb"
x-amz-version-id: R4CpUIZlQQHiiu6WtB5mVD20DrYiI4DT
age: 538
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: LwiIf05AIFlT6LMSFtnFBpzarJwB-0W65rF5JoFOdMLudQjiY3IkPQ==
date: Mon, 26 May 2025 21:27:16 GMT
x-hubspot-correlation-id: c4821ea0-fb11-4ec9-9768-5bae895fe802
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 14:15:19 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-rvdrk
x-envoy-upstream-service-time: 8
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.22264/bundles/project.js&cfRay=94604de2a84df548-HKG
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-ray: 94605b072a511087-HKG
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.22264/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/7041177/ 68 KB
25 KB 1006ms
802ms Script
text/javascript 172.64.147.16
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://js.hs-banner.com/v2/7041177/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7041177.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 557b7597d91ac62af430f991e0a5e0ca28d9276f151bd0f1d9d7afd1e9a45f94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 291e61f7-1338-4682-8c6b-3e00f63fb541
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"d492f4e6c5d77a8fa49c20716ca36f89"
x-amz-version-id: _LUQMXo3GlzCgWQsbJvrWQD3ChhCISKz
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Mon, 26 May 2025 21:32:16 GMT
x-evy-trace-listener: listener_https
date: Mon, 26 May 2025 21:27:17 GMT
x-hubspot-correlation-id: 291e61f7-1338-4682-8c6b-3e00f63fb541
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 23 Apr 2025 03:11:18 GMT
vary: origin, Accept-Encoding
x-amz-id-2: AerKxt8OO+QDBDyuKXzdGG/58LbMCbN1EB7pMCcUW+4bUXUu+LoxsKHTALXfdsDCxd2URyqG+Bg=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fbbff5ddb-x8pgv
x-envoy-upstream-service-time: 25
access-control-allow-credentials: true
x-amz-request-id: VFRP6Y5JNFSTNE9H
cf-ray: 94605b07287c9b47-HKG
access-control-allow-origin: https://www.online-pajak.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 307ms
104ms Script
application/javascript 104.17.128.172
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7041177.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.128.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e3edf94ccaee43974650eda7296b1c0d9b5cf6664ff37e478c2c787a9380c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: de867a1a-26cf-42e2-b1ef-137678df85f8
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d1a683d61bfa5754c17bb3162d05bf2a"
x-amz-version-id: VlgO0a8.aNt3XkueRUO_sComSw0256Gv
age: 546
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-amz-cf-id: uiq_1zN96uxnPkitndzSTSLE8DpDcH5-2gbrTqZq3-wNvXLZAV2PEg==
date: Mon, 26 May 2025 21:27:16 GMT
x-hubspot-correlation-id: de867a1a-26cf-42e2-b1ef-137678df85f8
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 15:07:28 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-9tjgj
x-envoy-upstream-service-time: 4
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.1961/bundles/pixels-release.js&cfRay=94604db21c4507ad-HKG
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-ray: 94605b072f08dbc4-HKG
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.1961/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.google.com/pagead/1p-user-list/713396254/ 42 B
64 B 121ms
118ms Image
image/gif 142.251.222.4
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/713396254/?random=1748294835789&cv=11&fst=1748293200000&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746z871303748za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzbapLRydhZ0n3IO0G6-tzjcPmMkNgDQ&random=2983684223&rmt_tld=0&ipr=y

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.4 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 21:27:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com.tw/pagead/1p-user-list/713396254/ 42 B
154 B 118ms
116ms Image
image/gif 142.250.207.3
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.tw/pagead/1p-user-list/713396254/?random=1748294835789&cv=11&fst=1748293200000&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746z871303748za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzbapLRydhZ0n3IO0G6-tzjcPmMkNgDQ&random=2983684223&rmt_tld=1&ipr=y

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 21:27:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 324ms
320ms Preflight
text/plain 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7041177&conversations-embed=static-1.22264&mobile=false&messagesUtk=00922238e0db44af8cde5ba9c36c05fa&traceId=00922238e0db44af8cde5ba9c36c05fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://auth.online-pajak.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://auth.online-pajak.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 94605b081b5e8b83-HKG
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 26 May 2025 21:27:16 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbxzVvqMlFGf7ZRQEmGPqLfM9vgQ9qZR6%2BnhfbV0bCN9t2ON%2FB2eK58GOCe5DnBHuAGoicAF8Zga9Dje3Ekw5VwsvuDAlCT0eV8i254R8Qwtl4ewCg%2FXR7feJH1vzl8rEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: 991307d9-4fb1-4f4e-aa15-e0ed485c380a

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 619ms
619ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f16a4d2282ba9a5091993b15e1cfc17ef97c0cc3bca8dd8eb365fb155d3ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toy%2BT64OLtWT2KNDKdwUCKf%2B8yoWA7MwQB%2FxhLEBNydJlLLvi2rdI0Jn7OheETbxY8paqFuoqEP%2FQfxYpLbUv3IeQrKZEvIJ9WnBbX0e%2FAso3cvBuoLBI0MIIPqD4vAOAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Mon, 26 May 2025 21:27:17 GMT
x-hubspot-correlation-id: 1114778b-7ed8-4a89-9cbb-c21251595061
content-type: application/json;charset=utf-8
vary: origin, accept-encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 94605b0a1c198b83-HKG
access-control-allow-origin: https://auth.online-pajak.com
content-length: 1464
server: cloudflare

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1 KB 323ms
316ms Fetch
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7041177&currentUrl=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 73ee6b90-f57f-4022-bbc9-bcfb05ff81a4
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vupFm8r19WwPbn%2BYQel09v0aA9lQpCPyX%2BTURNvqoCw52MifvZrxepDT3cPYn3M%2FkdK4ruqeTAUUnIUuozJFwCDWx6ROCCCL5NJJ4%2BLxI6gmm%2FXY47OEd3H70BcBwi3l5DsqLHZt8ONxM3ODGa4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Mon, 26 May 2025 21:27:16 GMT
x-hubspot-correlation-id: 73ee6b90-f57f-4022-bbc9-bcfb05ff81a4
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5c76648889-z7ccx
x-envoy-upstream-service-time: 9
access-control-allow-credentials: true
cf-ray: 94605b096be38b83-HKG
access-control-allow-origin: https://auth.online-pajak.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
974 B 422ms
315ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-robots-tag: none
x-request-id: d2775ac3-3a18-4ebc-affd-5014326610fb
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Mon, 26 May 2025 21:27:17 GMT
x-hubspot-correlation-id: d2775ac3-3a18-4ebc-affd-5014326610fb
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Mon, 26 May 2025 21:27:17 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-5c76648889-ckhhs
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 94605b0c1eec85b8-HKG
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1015 B 510ms
318ms XHR
application/json 104.18.240.108
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7041177

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.240.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205caa9ea9a824ba9c52e5994a8a65778eb46d5045f1c39e88fdf2efe53da643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iWNDe9%2BlsIDu7f9V250fOAZx8OGH%2Fg0S2e3zjpo4G5vikpLssZwFWPvwSxOYJKumldLHmM0afisrdrkvvb2utFArX%2B9vjRkn8yLtGLf1LGDvLdAXgUkUbew468XcQpH"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Mon, 26 May 2025 21:27:17 GMT
x-hubspot-correlation-id: 41f71dfc-08b7-4780-b294-fdcd2d593324
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 94605b0d9acc852a-HKG
access-control-allow-origin: https://auth.online-pajak.com
server: cloudflare

GET
H2 200 00922238e0db44af8cde5ba9c36c05fa Show response
app.hubspot.com/conversations-visitor/7041177/threads/utk/ Frame F040 23 KB
9 KB 535ms
340ms Document
text/html 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/7041177/threads/utk/00922238e0db44af8cde5ba9c36c05fa?uuid=ac0207dbd7374fcab810d2fd22fcf639&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.online-pajak.com&inApp53=false&messagesUtk=00922238e0db44af8cde5ba9c36c05fa&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c606795d8cf58421f0a9653f30b044bd81fb2a5a0ebea87975fad7cbe7e21a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://auth.online-pajak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 2590
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 94605b0f3ee7e2f1-HKG
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.24708/html/index.html&cfRay=94605b0f3ee7e2f1&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7041177%2Fthreads%2Futk%2F00922238e0db44af8cde5ba9c36c05fa%3Fuuid%3Dac0207dbd7374fcab810d2fd22fcf639%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dauth.online-pajak.com%26inApp53%3Dfalse%26messagesUtk%3D00922238e0db44af8cde5ba9c36c05fa%26url%3Dhttps%253A%252F%252Fauth.online-pajak.com%252Flogin-page%253Fredirect_url%253Dhttp%25253A%25252F%25252Febupot-ctas-uni.online-pajak.com%25252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fauth.online-pajak.com%2F&cfenv=prod&pdt=2025-05-26&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 26 May 2025 21:27:17 GMT
etag: W/"5d0a667539486685e6283c7d147d9035"
last-modified: Thu, 22 May 2025 14:15:19 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=94605b0f3ee7e2f1&resource=conversations-visitor-ui/static-1.24708/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, accept-encoding
via: 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-amz-cf-id: WXTxCbrAF7PDVawfZynfsqa5ufTOM57XKWGJXcYgBprRoLY7LrgmRQ==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 4Mg3_TkPnFNWxtZ0E6M9ihfKt6epQpVd
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-554d564d77-rvdrk
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.24708/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 013f7467-ef8c-48a4-9259-8b6b570ee7b0
x-request-id: 013f7467-ef8c-48a4-9259-8b6b570ee7b0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 343 KB
117 KB 173ms
172ms Script
application/javascript 172.217.26.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-713396254

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

378bf4063507979ac8d95dbd7f8d41e99e9260791d312109d56b539d0946da70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Mon, 26 May 2025 21:27:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 26 May 2025 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 119684
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/713396254/ 5 KB
2 KB 168ms
167ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/713396254/?random=1748294837659&cv=11&fst=1748294837659&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

5a63b3362265bd43542e867cf3d9378352513b861582dd11ec24e005c80076f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 1997
date: Mon, 26 May 2025 21:27:17 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 713396254 Show response
td.doubleclick.net/td/rul/ Frame 9057 13 B
299 B 119ms
119ms Document
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/713396254?random=1748294837659&cv=11&fst=1748294837659&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.online-pajak.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 May 2025 21:27:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/713396254/ 42 B
64 B 116ms
114ms Image
image/gif 142.251.222.4
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/713396254/?random=1748294837659&cv=11&fst=1748293200000&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzZuC2YlfuCc6ptHBjDUHN33E44dv4b_xlWWHXqPlV955Ga73Y&random=4106351745&rmt_tld=0&ipr=y

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.4 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 21:27:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com.tw/pagead/1p-user-list/713396254/ 42 B
64 B 118ms
116ms Image
image/gif 142.250.207.3
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com.tw/pagead/1p-user-list/713396254/?random=1748294837659&cv=11&fst=1748293200000&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2v894801746za200zb71303748&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&hn=www.googleadservices.com&frm=0&tiba=Log%20in%20-%20OnlinePajak&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=2061786393.1748294835&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzZuC2YlfuCc6ptHBjDUHN33E44dv4b_xlWWHXqPlV955Ga73Y&random=4106351745&rmt_tld=1&ipr=y

Requested by

Host: auth.online-pajak.com
URL: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 26 May 2025 21:27:17 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.3106/ Frame F040 48 KB
17 KB 293ms
96ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.3106/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/7041177/threads/utk/00922238e0db44af8cde5ba9c36c05fa?uuid=ac0207dbd7374fcab810d2fd22fcf639&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.online-pajak.com&inApp53=false&messagesUtk=00922238e0db44af8cde5ba9c36c05fa&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68fe191cd68261d68a9e8c764c2f99297af849aefca6dc9af044c82390384829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: GX0ADI95mQl.gwImSlE9OC7zSutLkhED
etag: W/"39b20dcf4c1993afaa97e55e4be85ab6"
age: 526517
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NdJ7Jj2HNXNeRCyQWJ1V7uZJnkQ7HH5fBpQvmOljlI35P7yDZHU%2BJfG%2FBsWHfMNpksC7HBRc6jcNT%2FxamY5Ky1645kZiw7ZL5uA5%2FmcVSVKeFVSSx5NmpnhmZ1S58sSVV5vXBC8AQE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b12bd17dd62-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: 1QWpaeXKfN-dqBeWORX1Le5G1GiWLy-tMi3pdPM-zoc9-0YUT4eehw==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Tue, 20 May 2025 18:18:42 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 6a42c863ffbb5a64a8686b036045eb0c.cloudfront.net (CloudFront)
cf-ray: 94605b12bd17dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: MNL52-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.24690/sass/ Frame F040 20 KB
5 KB 293ms
97ms Stylesheet
text/css 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.24690/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3da0ade0d25b8de66c3121568cf351c128b326b3d1a5f8ea0d8b2ef3bf6248f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://app.hubspot.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"e21eca39960d63f6ad226966465cb98c"
x-amz-version-id: DgrZPj0MUcxCr9Z7wxoPjFqDda0_gpR9
age: 371513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynOJhmozQUExZ0pw%2B%2F%2BRdLUpRFrVq%2BB6xpdMOdP7j7iu5Ng7osaQjh67yY8PC75kBqz2%2Fl2LRIyYmv3l0Cnnfri5I25nOoA4T0sTHb%2BrJQCqF2h2h13A3%2FEX96rdIDoqV7Jvxb5ctVk%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b12bc84858e-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: -eautD5lOH5C3HH_tx8rU-OPAVsN7Bwr8Z--GX2DQjNziUipZf4EVQ==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: text/css
last-modified: Wed, 21 May 2025 15:14:06 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
via: 1.1 d8a1303c7da02e19a558367debc20718.cloudfront.net (CloudFront)
cf-ray: 94605b12bc84858e-HKG
x-amz-cf-pop: NRT20-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-2.778/ Frame F040 165 KB
51 KB 381ms
185ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-2.778/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f14e8e3bfd9c89bb170c2c8b21d69a47500f5f18cfa21542eee18855d72ceb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: A2ijTQfDdkPawrNPFpBz_7cjaY_vuof8
etag: W/"998cb2aa05a1bd37320a6cf9b10bb222"
age: 775994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijmynJzNON9gti%2Fe4kupNPwIlOkXgzhyQBGisv66O4Lxbb9PbhlaS0lqMj3St%2FRlMZIS84aCsDBX1%2Bd1%2BisyOAibG%2BWaSeim%2Ful4Ql4fkF1QnzxWkXxjBsQf87cZTca0O6Pgr%2FFj1r0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b12bd15dd62-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: DK06PM4bMa1o2vXm0juzVlI-nTezq0bZHiKuzu8m4cdaVJawRQIVaA==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Tue, 13 May 2025 19:00:00 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 6dcffcd8c41164384cf753e7b88ccfcc.cloudfront.net (CloudFront)
cf-ray: 94605b12bd15dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: MNL52-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/react-dlb/static-1.45/ Frame F040 142 KB
46 KB 379ms
183ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/react-dlb/static-1.45/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d821eeea4c061fc67db287dd981829ca622813b79e453d457778cec99a0fcde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 5zvbcyc28ZcDz78nE51UNbW2.oEhJFG9
etag: W/"375f3d5590a08421e0a62a33e512f347"
age: 858834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5%2BTPz2ZbsE0iyhsdwK5LlLLZsopQy%2Fh6mSF8hRyST%2FXgAYmNik7njwT1TDJSa%2BBJuMRBgs9lwUW8NSdwkV9HppbENTNZVlujC7%2Bdpkp0ZSCxsek0PmQDqfVuLkVsvLFtIeZetynkR0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b12bd19dd62-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: --3tawuyO24S5nW0OPIQOneTlLLtLGDu3a48Ch5h361NarPacjBSTw==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Sat, 10 May 2025 11:05:09 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 ded1ee0f770839d2b2fb7225385749c6.cloudfront.net (CloudFront)
cf-ray: 94605b12bd19dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: TPE50-C1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/ Frame F040 788 KB
233 KB 290ms
95ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12569263a31e450de9540a0060c178da578e071d97899b60798f797c7cc5ade0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 5zev7RE1XUp_meviXPs8xj0wU83qBwbC
etag: W/"9f6db656bac9e666c141038432d85bdf"
age: 371512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYOP7GuLeTxJSvlErc%2FtX71Aqjq6stAdYus1HqF%2B3dszIGI0HSJJnKQ%2BrIyyY4a88KTDQZU2%2BsmLjZrid%2FQCDSd6WK%2F631AFqsXNP58smluS3gruREYrbDoYTknG0gjOgtPzCJwqR5k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b12bd18dd62-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: R5p10Ybafj6pD0JAZravGzKHxjtEKjTwNkAX46h_9SY1DBPke0INqQ==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Thu, 22 May 2025 01:59:00 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 f8120ff1c76840e4aaeb0da852ec77b8.cloudfront.net (CloudFront)
cf-ray: 94605b12bd18dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: ICN57-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 i18n-data-data-modern-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.24690/ Frame F040 829 B
1 KB 94ms
94ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.24690/i18n-data-data-modern-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5071d3504f094a898a7060d8f2cee0c99c7d80c3a486cc0a5517f7ec7a36fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"dd8559a96e56cb0ec5a40af367701e4f"
x-amz-version-id: LcXWX7_XEoUlc8N1puIZEM4HHOUx_dXc
age: 371511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVsXbUpTdqyWEttUarEYE7hFZJh%2FQrvHBYWTOkUkt3pP1bysoJi2Hq2RbpOANxpc2svaREkUsVjT0ZpYlbhwyx85YWWJWHs15ZhVBgLXDM4vvk1gk9SMR3Nzoz3uDLo5S4oi6A3sHSg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b15eff8dd62-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: nNLhBuQo7-eHBX-7YF12fWovLdDT-HqpjR_TQaHIklf0v9RtbSTa1Q==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 15:14:03 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 6b6a88d75bc3f59b17e48ff6cfb89a6c.cloudfront.net (CloudFront)
cf-ray: 94605b15eff8dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: ICN57-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 206 notification.mp3
static.hsappstatic.net/conversations-visitor-ui/static-1.9449/audio/ Frame F040 5 KB
5 KB 94ms
94ms Media
audio/mpeg 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.9449/audio/notification.mp3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a78f62cf2b2b5233aa4c06e686a69366ff8f5d17e5f3755f274d28e2ea8c0c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: HIT
etag: "3461d03c5348e31076d4bfbfdd5203dd"
x-amz-version-id: on8frpe.Z3jlpN7H5iZlTZN7RfYUNILF
age: 426893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDBL9KVtwbM5thRw%2BQVdmZWQHq6EMqh2nGiVvl7NYp6u1exviWORsxcGQll49evRLsNL2RXVke5pILfGtFH6XHFeuGfNf9dKiTNreXZXuOzXJ4bogjNk5dSRHFp0k78XG7mvU%2FwFiyU%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b160e89858e-HKG
x-cache: Hit from cloudfront
x-amz-cf-id: 4CAnLaPlaM9WNm7UEqFKkLmuj1IaFeWMQUmmoklqASdgKt78O-EMhA==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: audio/mpeg
last-modified: Thu, 16 Jul 2020 13:19:49 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
Content-Range: bytes 0-4744/4745
via: 1.1 6119e41683ed07f8d52bf84a35de56f6.cloudfront.net (CloudFront)
cf-ray: 94605b160e89858e-HKG
Content-Length: 4745
x-amz-cf-pop: HKG1-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 conversations-visitor-ui-lang-id.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.24708/ Frame F040 16 KB
6 KB 95ms
94ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/conversations-visitor-ui-lang-id.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b978711c061959c0755fc01ee53702f24c58c382786940a9961742bb39a4697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: N5cMvjNtrYYjMEgpp4zF1I1Lr0vdSoRw
etag: W/"0e9ee9d7177006b46f526f3803f17e74"
age: 371394
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5keGQrWRkJXAkqj%2FJ810r8Ovq3cp9AKdaP117XY3OFqGq%2B8nhavTqJscMdImKQS1EDddzVBxkjBmbqHc0yfSbEb%2BYdXLQtjY8GGqXwsIqlJm49s%2B3ddTnZZ9Cynq%2FYf7O6Bt9VaBvu0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b16a8b5dd62-HKG
x-cache: Hit from cloudfront
x-amz-cf-id: SzoutxgvGEpxG2zAOXDPVAi4Oj0InkxoC-vhkrFLdNPjwh_6GW-JMQ==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Thu, 22 May 2025 01:59:01 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 2b4afc9aa87e1c567d185069953d85bc.cloudfront.net (CloudFront)
cf-ray: 94605b16a8b5dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: HKG1-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 I18n-lang-id.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.24697/ Frame F040 849 B
1 KB 95ms
95ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.24697/I18n-lang-id.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f9d47b1609fa102234817ac0dd4e4b6dd7e577fc3a2b4063347f3d6cccdf3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"68cf4729a64975dc810df5bd8802ed6c"
x-amz-version-id: Q9swV75y_DIR5.u4mgvXV3_teXEzXnQb
age: 371394
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNUVH%2BgDGc0eF25QSZ97s%2BUT%2BlxZWnUV3QdWuyA85oh5YaiuRc5wLlzmIZ9Kjo980xoPDR411fkhS7Ym8JRR1vFrSQa6N1791CjaIRKubTv5k3UEN2LptVIQ%2F2%2B0kk0Q3Y6ZBso8HCE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b16a8b8dd62-HKG
x-cache: Hit from cloudfront
x-amz-cf-id: uOcMhnd-pGXhsbetX3mYtlyNchyFdq8MRzv55LYyCpFmvKyBM4Xafg==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 21:33:49 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 aeeecbfe839d83f73c414e665186a0d6.cloudfront.net (CloudFront)
cf-ray: 94605b16a8b8dd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: HKG1-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 i18n-data-data-modern-locales-id.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.24690/ Frame F040 616 B
1 KB 94ms
94ms Script
application/javascript 104.17.176.91
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.24690/i18n-data-data-modern-locales-id.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.176.91 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4e338e6c0287177e9f98b04908d416e9f638e632a09d6b399a97fcec588aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"3ffb413bc21975614d59a60dc6060a34"
x-amz-version-id: T6JP2jEpgyaCA.yAJhOMqmiTDHitHqgk
age: 371393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSmoFieMQ50a0IjoK17XnX%2FIikXet8Bh6VpUn8bG9vCJ7MCpI9nCz2qYKRvq9HQzUVFBhDBTx2%2BLq4DM1%2Bc8Q582lPyvAbJ0KBmVz%2Fy7gg7CbPEAf3BNAhT3oNu9%2Fsj%2B0Ojgwr5GaF0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
expires: Tue, 26 May 2026 21:27:18 GMT
server-timing: cfr;desc=94605b16a8badd62-HKG
x-cache: Miss from cloudfront
x-amz-cf-id: BfgUOjwAMCSbpBZyyOR20MBPH9gw9xOwA_hThb6YNKobbXlbTw8p7A==
date: Mon, 26 May 2025 21:27:18 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 15:14:03 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 d8a1303c7da02e19a558367debc20718.cloudfront.net (CloudFront)
cf-ray: 94605b16a8badd62-HKG
access-control-allow-origin: https://app.hubspot.com
x-amz-cf-pop: NRT20-P7
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 / Show response
exceptions.hubspot.com/frontend/observability/page-tracking/store/ Frame F040 0
2 KB 507ms
313ms XHR
text/plain 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://exceptions.hubspot.com/frontend/observability/page-tracking/store/?sentry_version=7&sentry_client=raven-js%2F3.19.1&deployable=conversations-visitor-ui

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.3106/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hubspot.com/

Response headers

access-control-max-age: 604800
x-request-id: 4d0e3c8a-5af8-4f37-b5fd-742d1b307348
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APAoGqEn8FPcU9Q1OfUTb%2BpNQKBfXMkZnmW8VdSGfln19tjUBaetUUjquUmP5BRC6UgHA%2By%2FtVkLbqGk5zwCcxY%2Ft1xrI2ID7WbVU0jno%2FiaONriNSgcmLxjAxog5K3YeuB7sIbJlDo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Mon, 26 May 2025 21:27:19 GMT
x-hubspot-correlation-id: 4d0e3c8a-5af8-4f37-b5fd-742d1b307348
content-type: text/plain; charset=utf-8
vary: origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/exceptions-td/envoy-proxy-67578487c8-7ffxd
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
cf-ray: 94605b189d25e2fd-HKG
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-route-configuration: listener_https/all
content-length: 0
server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame F040 0
2 KB 319ms
318ms Ping
text/plain 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.24708

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.24708/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.hubspot.com/conversations-visitor/7041177/threads/utk/00922238e0db44af8cde5ba9c36c05fa?uuid=ac0207dbd7374fcab810d2fd22fcf639&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.online-pajak.com&inApp53=false&messagesUtk=00922238e0db44af8cde5ba9c36c05fa&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Response headers

access-control-max-age: 604800
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, x-hubspot-notfound, X-HS-User-Request, x-hs-user-request, Link, link, Server-Timing, server-timing, X-Hubspot-Correct-Hublet, x-hubspot-correct-hublet, X-HubSpot-Auth-Failure, x-hubspot-auth-failure, X-HubSpot-Correlation-Id, x-hubspot-correlation-id
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Hp37l45oW5%2BLwHtmEDcI%2BKloW2fUSkTMX%2BYOy7cHWGaV4bfdNqoIMP8Qk4uU4xC0yhgDlLZuLU492yiJK0rgSN9bwLc%2Fxpl5%2BrxGu74a9K9ZFkHcwCvMF%2B8nFlUkY%2F1CA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
server-timing: hcid;desc=07dded65-8ab6-4028-8feb-b893c5a30008
date: Mon, 26 May 2025 21:27:19 GMT
x-hubspot-correlation-id: 07dded65-8ab6-4028-8feb-b893c5a30008
vary: origin, Accept-Encoding
access-control-allow-headers: Authorization, authorization, Origin, origin, X-Requested-With, x-requested-with, Content-Type, content-type, Accept, accept, Accept-Charset, accept-charset, Accept-Encoding, accept-encoding, X-Override-Internal-Permissions, x-override-internal-permissions, X-Properties-Source, x-properties-source, X-Properties-SourceId, x-properties-sourceid, X-Properties-Flag, x-properties-flag, X-Hubspot-User-Id, x-hubspot-user-id, X-Hubspot-Trace, x-hubspot-trace, X-Hubspot-Callee, x-hubspot-callee, X-Hubspot-Offset, x-hubspot-offset, X-Hubspot-No-Trace, x-hubspot-no-trace, X-HubSpot-Static-App-Info, x-hubspot-static-app-info, X-HubSpot-Messages-Uri, x-hubspot-messages-uri, X-HubSpot-Request-Source, x-hubspot-request-source, X-HubSpot-Request-Reason, x-hubspot-request-reason, Subscription-Billing-Auth-Token, subscription-billing-auth-token, X-App-CSRF, x-app-csrf, X-Tools-CSRF, x-tools-csrf, Online-Payment-Signing-UUID, online-payment-signing-uuid, X-Source, x-source, X-SourceId, x-sourceid, X-Origin-UserId, x-origin-userid, X-Biden-Request-Source, x-biden-request-source, X-HubSpot-CSRF-hubspotapi, x-hubspot-csrf-hubspotapi, X-Force-Cookie-Refresh, x-force-cookie-refresh, X-Force-Cookie-Refresh-No-Cache, x-force-cookie-refresh-no-cache, X-HS-User-Request, x-hs-user-request, X-Application-Id, x-application-id, X-HS-Referer, x-hs-referer, X-HubSpot-Dpl-Correlation-Group-Id, x-hubspot-dpl-correlation-group-id, X-HubSpot-Dpl-Parent-Log-Id, x-hubspot-dpl-parent-log-id, X-HS-InfraIdp-Engaged, x-hs-infraidp-engaged, traceparent, X-HsOpenTelemetry-Head-Sampling-Strategy, x-hsopentelemetry-head-sampling-strategy, x-hs-fingerprint
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 94605b17686ee2f1-HKG
access-control-allow-origin: https://app.hubspot.com
server: cloudflare

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1129539/ Frame F040 1 KB
1 KB 356ms
356ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1129539/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.24708&conversations-visitor-ui=static-1.24708&traceId=00922238e0db44af8cde5ba9c36c05fa&sessionId=AMOaWbLHEyY6hmB3D8mxggbc8xjAn9Z4OV6_g13t6hO7_wc-xlZn-uvCOGWN0XXr6E-xiKnp8KCbdej2GNhe3jmIDTs8M4gtaP70WazTxjq-ST_kZo-_uk2PW3Dbau-VF3fE_9AKJAgrQ5gExHvtdbtDTmZ4wn_rYDnzBMQ9hz4Pup2ee2iuV4M

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.3106/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13112f9d7aa96b343a79afa0be54f2865878f28a2de7e60a7fe30c1a0a4b1205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7041177/threads/utk/00922238e0db44af8cde5ba9c36c05fa?uuid=ac0207dbd7374fcab810d2fd22fcf639&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.online-pajak.com&inApp53=false&messagesUtk=00922238e0db44af8cde5ba9c36c05fa&url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true&isIOSMobile=false

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UID0BClmnLFo1qP2hihq3kNQ7Sk%2FRc9SSQXW%2BFhfYIx%2FNyG5OQOdovony8gSgzy6Gw%2F2QBlFHrmuW7qI%2BAh6Y7qBWrVFTM%2BQJ%2Fv2BJ7B43goyZ2nyrq5k0aj8eoczO934A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
server-timing: hcid;desc=414a9603-c212-49b3-83fa-76244e552ea4
date: Mon, 26 May 2025 21:27:19 GMT
x-hubspot-correlation-id: 414a9603-c212-49b3-83fa-76244e552ea4
content-type: application/json;charset=utf-8
vary: origin, accept-encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 94605b177877e2f1-HKG
content-length: 685
server: cloudflare

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
924 B 520ms
331ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-tw&bfp=1051253204&v=1.1&a=7041177&pu=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&t=Log+in+-+OnlinePajak&cts=1748294838919&vi=7ed7124c037044fcc2fa3084d5ff12f8&nc=true&u=65051505.7ed7124c037044fcc2fa3084d5ff12f8.1748294838916.1748294838916.1748294838916.1&b=65051505.1.1748294838916&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

x-robots-tag: none
x-request-id: 5a8bfb8a-c70c-45ed-973f-903af9e0a17d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhtnER7RtpJtz3eb%2B9Vd7jwZBo0Qk1hV2urQivC%2BPL8%2FakmlUdYEH2Ll20uoSf%2Fb4bajptr%2FN65gSfpvbmfMMLdD11Y%2BIlbmqFE%2BgdTUEDAyD3gcsc%2Fh84gwM7unCEWRBLLm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Mon, 26 May 2025 21:27:19 GMT
x-hubspot-correlation-id: 5a8bfb8a-c70c-45ed-973f-903af9e0a17d
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-645465b78c-gvcnx
x-envoy-upstream-service-time: 8
access-control-allow-credentials: false
cf-ray: 94605b18bae0714d-HKG
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 favicon.png
auth.online-pajak.com/ 33 KB
33 KB 149ms
148ms Other
image/png 147.139.167.179
ALIBABA-CN-NET Al...

General

Check archive.org

Download Go to

Full URL

https://auth.online-pajak.com/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.139.167.179 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

087756c4d1f1f1440f979a3ac2541d0a1230770ad6e0b043e912101048990e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/login-page?redirect_url=http%3A%2F%2Febupot-ctas-uni.online-pajak.com%2F

Response headers

strict-transport-security: max-age=15724800
etag: "67da6682-8360"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 33632
date: Mon, 26 May 2025 21:27:19 GMT
x-xss-protection: 1
content-type: image/png
last-modified: Wed, 19 Mar 2025 06:38:58 GMT
x-frame-options: SAMEORIGIN

POST
H2 204 collect
analytics.google.com/g/ 0
0 75ms
74ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZDXQQPMD40&gtm=45je55m0h2v879527744za200zb71303748&_p=1748294833619&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~102938614~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1764229386.1748294835&ul=zh-tw&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EEAAAAQ&_s=2&dl=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&sid=1748294835&sct=1&seg=0&dt=Log%20in%20-%20OnlinePajak&_tu=Cg&en=scroll&ep.clean_url=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&epn.percent_scrolled=90&_et=47&tfd=7603
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDXQQPMD40&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to: {"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://auth.online-pajak.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:155:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:20 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 152ms
151ms Fetch
text/plain 172.217.175.110
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-39W2Q4H7C4&gtm=45je55m0h2v9104031721za200zb71303748&_p=1748294833619&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1764229386.1748294835&ul=zh-tw&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEAAAAQ&_s=2&dl=https%3A%2F%2Fauth.online-pajak.com%2Flogin-page%3Fredirect_url%3Dhttp%253A%252F%252Febupot-ctas-uni.online-pajak.com%252F&sid=1748294835&sct=1&seg=0&dt=Log%20in%20-%20OnlinePajak&_tu=Cg&en=scroll&epn.percent_scrolled=90&_et=19&tfd=7713
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39W2Q4H7C4&cx=c&gtm=45He55m0h2v71303748za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.175.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s21-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://auth.online-pajak.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://auth.online-pajak.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 May 2025 21:27:20 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

56 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.online-pajak.com/	1970-01-21 05:39:41	Name: CSRF-Token Value: s%3AdtJ7szd8SW_VeJyLw4cXNIWF.w1T5chTzoUDY6qt3QhnVNM6Q1yEmmEcf4doO7JsTGnk
.online-pajak.com/	1970-01-21 14:16:38	Name: LANG Value: id
.online-pajak.com/	1970-01-21 07:47:50	Name: _gcl_au Value: 1.1.2061786393.1748294835
.apollo.io/	1970-01-21 05:38:16	Name: __cf_bm Value: XmH9xYn7fucd9dnOr.hti0NdPCMd1nwkyZJuElbg_dc-1748294835-1.0.1.1-D3aSW_ndBc04joVAIrQehzqPJDpFi3fzG2uH_0dsK68UT.H.5jPwTrQAuq3UEvV4HEbIOkDJ6eDkn4UTe5yIQTqfRhkbhdI2nJ18Rw.Bvq0
.online-pajak.com/	1970-01-21 15:14:14	Name: _ga Value: GA1.1.1764229386.1748294835
.online-pajak.com/	1970-01-21 15:14:14	Name: _ga_ZDXQQPMD40 Value: GS2.1.s1748294835$o1$g0$t1748294835$j60$l0$h0$dA9tlIO840twROELv_KFZmWizy5wvOXOJRA
.online-pajak.com/	1970-01-21 15:14:14	Name: _ga_39W2Q4H7C4 Value: GS2.1.s1748294835$o1$g0$t1748294835$j0$l0$h0
.online-pajak.com/	1970-01-21 07:47:50	Name: _fbp Value: fb.1.1748294835864.600829461928459833
.hs-scripts.com/	1970-01-21 05:38:16	Name: __cf_bm Value: 9u3bOzHhujlFpVZhT_aMVIP.L1tx5d7LXlk2of4tC5I-1748294836-1.0.1.1-FJzJlJKe5fUJDFl3SJZGwe799jdFDwg5DuTd_bMiAgubg3bJLksy4W5ECdMawvDMckzh1nEyvToYNRp8bNGq293UEK0WiSAfef3ENGxs.JE
.linkedin.com/	1970-01-21 07:47:50	Name: li_sugr Value: 4cfdcf8d-1a38-43e3-8475-36826b85f430
.linkedin.com/	1970-01-21 14:23:50	Name: bcookie Value: "v=2&b0af74f5-3264-4488-803d-00c739801edb"
.linkedin.com/	1970-01-21 05:39:41	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3547:u=1:x=1:i=1748294835:t=1748381235:v=2:sig=AQEfr-2PptT8GTsuA8amFJ75NtjsHcdY"
.usemessages.com/	1970-01-21 05:38:16	Name: __cf_bm Value: M6so996od6GImCMWQqwWTjvL63g2tbroleThYdXy6Hk-1748294836-1.0.1.1-lXWCYdEQGQCdSEIAp9lX0p8uy2NpRU29kG2L7PqaiRkwsr48Ru_nIkkGkiClmQi2WerLQUZUEBHALgXKQuRx3T_hi.s9BYnfSyywovu_Nlo
.hsadspixel.net/	1970-01-21 05:38:16	Name: __cf_bm Value: LN7BsEJHoquEJGIoXpoz52bheotVY7DB8h0.aEGPPoI-1748294836-1.0.1.1-XRtQVRe6zn5KvNJewdSD28zoewlJCUeHN5m2nDJ0sL.fQGwoRo4fZBkEcK_IkWf1O_ppN6xxA_6qyrU_mssunyU1SCz3DcVuylWKg720Gjw
.linkedin.com/	1970-01-21 06:21:26	Name: UserMatchHistory Value: AQJwRwSSDfTWgQAAAZcOfiCwnjQULZ9-otstiAR_r7TO7z8FwdjcN2mogJTpbD0bmF6OpdwI7EbQ2g
.linkedin.com/	1970-01-21 06:21:26	Name: AnalyticsSyncHistory Value: AQL_oYOTYOkJDgAAAZcOfiCwN_zBR4Nh088fXfI0vRo3hoAtd98RngXyebeIwH2m27NDBr9HSsfEAM0GQN45QQ
.hs-analytics.net/	1970-01-21 05:38:16	Name: __cf_bm Value: 8PbPYi5GlD_VAILMsnZ2iypB7uCYdoxxp7vHKAABMo0-1748294836-1.0.1.1-KBOZz9PI6gYpUTHOmj37easGsg6bO9nXbzx8FUuKFZue5S8UiaDDd42P0Xk6DjWHv5Jt.WQ0r4FpwDJaPmBa9yzXIfdmDkIU2VfAu9jeCHM
.www.linkedin.com/	1970-01-21 14:23:50	Name: bscookie Value: "v=1&20250526212716612adb71-f372-4e7c-81bc-7d3e4485dccaAQHxUhPqf_j896bFuxsbnj_Rb6dnFYOG"
.hs-banner.com/	1970-01-21 05:38:16	Name: __cf_bm Value: nO51K1_ZWrdgiJJmXytFZR6cad7JMJ0uHOiffclGYvY-1748294837-1.0.1.1-J.5CSdPf.Hr9eWecP46YSpudGGIh6aQ0vcY_fUeFuGphFP.bmGgmFgeIpn83qqPTSpy.DJ.._kqsGoQTxDEiHO7XH1qqen1HnjCzepZ9HDM
.hsforms.com/	1970-01-21 05:38:16	Name: __cf_bm Value: kJEECd0hruL9yySZqaUvgqOHqtweNTVd2Kx1mG.fFgs-1748294837-1.0.1.1-7rHdf_U9.Oonx8TNQY3BWXTooRgRRW_gfWto0sgWUHKfDg64rWV.uY68xUms80wdGTlZYS0vyS1m6Q0qq0fwFaasc3FvKsYuv1Q9l80y_6U
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: opOXNc6mo31ddBnq2IRVu7IOpKoRXu5M82EDNd8xQQo-1748294837352-0.0.1.1-604800000
.doubleclick.net/	1970-01-21 15:14:14	Name: IDE Value: AHWqTUnWgr_h1Y6A7ldscwEeVU34cgn6NuhR8iDtgXl17iYa-WbGUnINUWwnOQVy
.hubspot.com/	1970-01-21 05:38:16	Name: __cf_bm Value: eyCwMnfKmJdF4.wHSWQrkzxyuBtX.hKs1AwnFoq.skg-1748294837-1.0.1.1-6_rq0B1yspD5vWU78RHVzXFbaHC2JGhQnwE_3RhlXV3GBKXWfDpIpvL8nHT_rxZv63PjL2GWbc6BjiICJhGa3wzxctdKL331fe7bOUJvKYc
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ZpLZ3Lo3nZ2KJbZvGPpAX3sgSecaZLkqvnRJqWuindM-1748294837877-0.0.1.1-604800000
.hsappstatic.net/	1970-01-21 05:38:16	Name: __cf_bm Value: SlJF6JuRaPmdT4jhnQb0mWzdPenEPHofQUDTembRB6M-1748294838-1.0.1.1-DS0L4eEQnPAys.c1AVY79Pm3Fkgt424O5yQzMRjCebEkgQPAUbJUDFw5oLIcOmrPxn8wMmUXrKhglRTZUZcHzBEAl6FA0HbOD5WdbXtJXRQ
.auth.online-pajak.com/	1970-01-21 09:57:26	Name: messagesUtk Value: 00922238e0db44af8cde5ba9c36c05fa
.online-pajak.com/	1970-01-21 09:57:26	Name: __hstc Value: 65051505.7ed7124c037044fcc2fa3084d5ff12f8.1748294838916.1748294838916.1748294838916.1
.online-pajak.com/	1970-01-21 09:57:26	Name: hubspotutk Value: 7ed7124c037044fcc2fa3084d5ff12f8
.online-pajak.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.online-pajak.com/	1970-01-21 05:38:16	Name: __hssc Value: 65051505.1.1748294838916

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=66a9ba73bd777702d246c4bd Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
api.hubapi.com
api.hubspot.com
aplo-evnt.com
app.hubspot.com
assets.apollo.io
auth.online-pajak.com
connect.facebook.net
cta-service-cms2.hubspot.com
ebupot-ctas-uni.online-pajak.com
exceptions.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
home.online-pajak.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
js.usemessages.com
labels.online-pajak.com
perf-na1.hsforms.com
px.ads.linkedin.com
snap.licdn.com
static.hsappstatic.net
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.tw
www.googletagmanager.com
www.linkedin.com
www.online-pajak.com
104.16.117.116
104.16.118.116
104.16.140.209
104.16.77.142
104.17.128.172
104.17.175.201
104.17.176.91
104.18.240.108
104.19.175.188
104.20.39.213
104.21.7.130
142.250.207.2
142.250.207.3
142.250.207.34
142.251.222.4
142.251.8.84
147.139.167.179
150.171.22.12
172.217.161.67
172.217.175.110
172.217.26.232
172.64.147.16
172.67.68.34
216.239.38.181
216.58.220.138
23.220.70.142
31.13.82.36
31.13.82.7
64.233.187.155
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
087756c4d1f1f1440f979a3ac2541d0a1230770ad6e0b043e912101048990e46
12569263a31e450de9540a0060c178da578e071d97899b60798f797c7cc5ade0
13112f9d7aa96b343a79afa0be54f2865878f28a2de7e60a7fe30c1a0a4b1205
14705c4ce639ad62267ee6dbe08c73d6890631d0d1e2ba4b836571c04cf050d9
1b978711c061959c0755fc01ee53702f24c58c382786940a9961742bb39a4697
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07
205caa9ea9a824ba9c52e5994a8a65778eb46d5045f1c39e88fdf2efe53da643
23355871af032ec10f7602599b86f498d2662c7c08100239a78b33c348fc1c13
378bf4063507979ac8d95dbd7f8d41e99e9260791d312109d56b539d0946da70
3da0ade0d25b8de66c3121568cf351c128b326b3d1a5f8ea0d8b2ef3bf6248f7
43dedd4aab98e77487a7303dd61316f085f0f12953881e825edd30e9a35c254e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94
48a4bef47b3846b034930d66251eb4115255802b94fc1d1abb057e4b1fb9f4b6
4c606795d8cf58421f0a9653f30b044bd81fb2a5a0ebea87975fad7cbe7e21a2
4e3edf94ccaee43974650eda7296b1c0d9b5cf6664ff37e478c2c787a9380c5c
4e4e338e6c0287177e9f98b04908d416e9f638e632a09d6b399a97fcec588aeb
557b7597d91ac62af430f991e0a5e0ca28d9276f151bd0f1d9d7afd1e9a45f94
5a63b3362265bd43542e867cf3d9378352513b861582dd11ec24e005c80076f1
5cdfe8f6d3a887cd4c61ffd1541d32cc0540cc3c3342416a617d5a228b95c6f3
68fe191cd68261d68a9e8c764c2f99297af849aefca6dc9af044c82390384829
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76f89054a53bdd6e3d3eddde7fde938d88b33f92fda19a81e75612ce56eb2d69
78a2983623baee265007b497fd1a9119cdd4e7798e332fc5736c749e885b66b7
7a40f50c9949e0cd8db835bc0a77ca29d5be5aaed7714d88617bee5be276315f
7d3017e070ff9189ae6f532148a00b64638c87d6450413a86f482a6adc418941
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8558d17086c5f639b95236d80240b71e89d883cc3d498b2616d829e9f01ec6e6
89b965a155db4ffe860afa282a05c6300df625a37dbe7548b692d4d0a031608d
8f8c95c84b3f9793c2b8efd2c727e32b930c15ec4f70fb578f7d6aac939f5f1f
96f1ea9147eaab2626e23d9a5691a2f52e8317f867848166b0f307e52fa7aa63
a28a02f731701009865ce0c09e45d0e0e0827916bdcb8b61eef552336439eeac
a2f16a4d2282ba9a5091993b15e1cfc17ef97c0cc3bca8dd8eb365fb155d3ba0
a3473013d78fb797695e79523b15a15592dbf8b948ecc87e000488a9341fd53b
a55feb6bafb3933c5f035c20bdca6a6985a25b0c9d708cf0871cf61e90982bc6
a78f62cf2b2b5233aa4c06e686a69366ff8f5d17e5f3755f274d28e2ea8c0c39
a836d7771f3555c6d867500b4bec3d9f0d37dbee0b9fae0efae2614f43b2c577
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0c137e5755d1e5de0de924e814fae88b6be8dd953773cddcdff82ac3f7338e9
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bb125b35229fd1caaeed80f61895696c448d55487e091e95513a154628d5604e
bc5071d3504f094a898a7060d8f2cee0c99c7d80c3a486cc0a5517f7ec7a36fa
c128a06c8e3caa237cd34bd6774bc2f0d6e5e9f721474a32050e9f9c427b8e1d
c3aa63b9438e4a02c286789b669c42215a3dabcd2ab623d2f599124d37ee8496
cc0bc2cbaca383e1600d349e580513f188e4d745bf269b63ffaff46a091fd196
cc4ebff635cc77df319b664647432c5697d865e3bd2f2c0cd2ff64ab743b8ccc
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d821eeea4c061fc67db287dd981829ca622813b79e453d457778cec99a0fcde0
d9f9d47b1609fa102234817ac0dd4e4b6dd7e577fc3a2b4063347f3d6cccdf3f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14e8e3bfd9c89bb170c2c8b21d69a47500f5f18cfa21542eee18855d72ceb50
f6e3fa8877c3face12ddc22c480086c9588386513b408dac348301c695053e12
f78a44eccbd07988c6b634c7f01417254ce9fa5dfa8a032ff667ec4cd180a3e4
fe6ebac0bc042e743f81b117a4a7c720044feeb0220172ce9630de51d0502dd5

auth.online-pajak.com Open in urlscan Pro 147.139.167.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

95 %HTTPS

0 %IPv6

23 Domains

37 Subdomains

28 IPs

4 Countries

1821 kBTransfer

5520 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.online-pajak.com Open in urlscan Pro
147.139.167.179 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

95 %
HTTPS

0 %
IPv6

23
Domains

37
Subdomains

28
IPs

4
Countries

1821 kB
Transfer

5520 kB
Size

30
Cookies

81 HTTP transactions
0 data transactions