urlscan.io logo urlscan.io
SecurityTrails logo

2secure.jenius.co.id Open in urlscan Pro
2606:4700:4400::6812:20f3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2secure.jenius.co.id/
Effective URL: https://2secure.jenius.co.id/
Submission: On April 18 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:4400::6812:20f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2secure.jenius.co.id.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 9th 2022. Valid for: a year.
This is the only time 2secure.jenius.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:440... 13335 (CLOUDFLAR...)
3 2606:4700:90:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
18 3
Apex Domain
Subdomains		 Transfer
15 jenius.co.id
2secure.jenius.co.id
3 MB
3 btpn.com
api.btpn.com
103 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
18 3
Domain Requested by
15 2secure.jenius.co.id 1 redirects 2secure.jenius.co.id
3 api.btpn.com 2secure.jenius.co.id
1 www.google-analytics.com 2secure.jenius.co.id
18 3

This site contains no links.

Subject Issuer Validity Valid
*.jenius.co.id
AlphaSSL CA - SHA256 - G2		 2022-02-09 -
2023-03-13		 a year crt.sh
api.btpn.com
DigiCert SHA2 Extended Validation Server CA		 2020-05-12 -
2022-05-12		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://2secure.jenius.co.id/
Frame ID: E39BC6C04CBA9227F41F0E770F42CC6B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jenius! - Digital Banking

Page URL History Show full URLs

  1. http://2secure.jenius.co.id/ HTTP 301
    https://2secure.jenius.co.id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3621 kB
Transfer

12851 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2secure.jenius.co.id/ HTTP 301
    https://2secure.jenius.co.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2secure.jenius.co.id/
Redirect Chain
  • http://2secure.jenius.co.id/
  • https://2secure.jenius.co.id/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381447bd87ad85f6162a352f601c80369b24d9144ebf5adfb9433d7323026935
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
6fda41d14ef1cc36-ZRH
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
content-type
text/html
date
Mon, 18 Apr 2022 03:19:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
permission-policy
geolocation = ()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
6fda41d0fe7223f7-ZRH
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 18 Apr 2022 03:19:07 GMT
Expires
Mon, 18 Apr 2022 04:19:07 GMT
Location
https://2secure.jenius.co.id/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
manifest-v2.46.93-cf83e1357eefb8bdf154.js
2secure.jenius.co.id/js/ 		1 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/js/manifest-v2.46.93-cf83e1357eefb8bdf154.js
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd3e8c3debefc9f33fce8cd74cf480f4608a1ec1d3241e9ba9a82fba80d6a59
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
permission-policy
geolocation = ()
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
W/"619529e1-5ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
cf-ray
6fda41d93954cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:09 GMT
secure-v2.46.93-27e3687fefef540a4b36.js
2secure.jenius.co.id/js/ 		800 KB
388 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/js/secure-v2.46.93-27e3687fefef540a4b36.js
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0758b8769bbaf2288208c7b0cd0613ff2a9dc4277aaff7b7a6ff5f1f36b7415
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
397000
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-60ec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda41d93955cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:09 GMT
vendor-v2.46.93-ffba8fda9738cf76b9d6.js
2secure.jenius.co.id/js/ 		2 MB
464 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/js/vendor-v2.46.93-ffba8fda9738cf76b9d6.js
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47359f98186f34a69d11cccd34f32fe1849ecf9151636dfcb889b3e1b7808a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
474781
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-73e9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda41d93956cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:09 GMT
polyfills-v2.46.93-840a53556e738cd337ae.js
2secure.jenius.co.id/js/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/js/polyfills-v2.46.93-840a53556e738cd337ae.js
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c86a1c2083bdf3ac76482860ea9e528cfb4a228026edad126c02129fc80410
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
34191
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-858f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda41d93957cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:09 GMT
app-v2.46.93-7fce59103ebaf88bad44.js
2secure.jenius.co.id/js/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/js/app-v2.46.93-7fce59103ebaf88bad44.js
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2814cf0a8d5c4db211cf9b54ad4f7dd389d2b4f51a6d03440d26f0332766187b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
2201087
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-2195ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda41d93958cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:09 GMT
jenius
api.btpn.com/ 		481 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btpn.com/jenius
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/js/app-v2.46.93-7fce59103ebaf88bad44.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:6004:6d42:d12a:5c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
9bc9f433bac083d24cb248147629ca10a437ef04334d910e5daa453e2d5b7cc1

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json
Accept
*/*
Referer
https://2secure.jenius.co.id/
BTPN-ApiKey
f73eb34d-5bf3-42c5-b76e-271448c2e87d
X-Request-ID
d843da78-d001-4db4-bba7-d1c513731c2c
Version
web

Response headers

Date
Mon, 18 Apr 2022 03:19:18 GMT
Via
1.0 appapiprd01.corp.bankbtpn.co.id ()
Referrer-Policy
no-referrer
X-CorrelationID
Id-b6d85c62bce13083ca073538 0
X-Permitted-Cross-Domain-Policies
none
ETag
W/"1e1-I/5WPEpMa78bVNGc4vhs1RdW53Y"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://2secure.jenius.co.id
Access-Control-Expose-Headers
x-correlationid
Connection
close
Max-Forwards
20
Permission-Policy
geolocation = ()
jenius
api.btpn.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.btpn.com/jenius
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:6004:6d42:d12a:5c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
btpn-apikey,content-type,version,x-request-id
Access-Control-Request-Method
POST
Origin
https://2secure.jenius.co.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
btpn-apikey, content-type, version, x-request-id
Access-Control-Allow-Methods
OPTIONS, POST
Access-Control-Allow-Origin
https://2secure.jenius.co.id
Allow
GET, HEAD, OPTIONS, POST
Connection
close
Content-Length
0
Content-Type
text/plain
Date
Mon, 18 Apr 2022 03:19:17 GMT
Server
X-CorrelationID
Id-b5d85c6276e197b3d0bcf90b 0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2secure.jenius.co.id
URL: https://2secure.jenius.co.id/js/app-v2.46.93-7fce59103ebaf88bad44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3724
date
Mon, 18 Apr 2022 02:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 18 Apr 2022 04:17:11 GMT
logo-white.png
2secure.jenius.co.id/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2secure.jenius.co.id/images/logo-white.png?b1b1096733dc65a163e69a172a16baff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f60bdb144a7e240141993b2794c57cba96f61df73607c2347e81c5a1d9ba37
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:17 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
6606
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-19ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda4201add3cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:17 GMT
btpn-logo-white.png
2secure.jenius.co.id/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2secure.jenius.co.id/images/btpn-logo-white.png?a646ce111b35e9df2b26db5e00b4e2f3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c6e78a2d50da95b16672be5b0504f1563080285da81c31884fbdedbcdf027b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:17 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
4520
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-11a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda4201add7cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:17 GMT
logo-blue.png
2secure.jenius.co.id/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2secure.jenius.co.id/images/logo-blue.png?c932c7fce94c2958d0cdeda2ddeb5fa9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48752ce0bf0cea7a38ae231af22d193c8ae9012efe72f9d4dd6cf484727299c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:17 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
6691
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-1a23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda4201add8cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:17 GMT
Roboto-Regular.ttf
2secure.jenius.co.id/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/fonts/Roboto-Regular.ttf?3d4afbba398bb0b40338d60d295e8271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cdbd57a44b6506d24c4f798dbb42f875456cc77782737f968a35516ccf85210
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2secure.jenius.co.id/
Origin
https://2secure.jenius.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:17 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
46276
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-b4c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/octet-stream
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda42026df9cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:17 GMT
Roboto-Light.ttf
2secure.jenius.co.id/fonts/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/fonts/Roboto-Light.ttf?d5c46b134c17b2138dcd1bb0efa67049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94df4e4976db8ddaec27f8e8c33eef912e744fb200ca09051794b38e5a502fc0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2secure.jenius.co.id/
Origin
https://2secure.jenius.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:16 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
162636
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-27b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/octet-stream
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda42026dfacc36-ZRH
expires
Mon, 18 Apr 2022 07:19:16 GMT
co-create.png
api.btpn.com/j2assets/assets/login-page/image/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.btpn.com/j2assets/assets/login-page/image/co-create.png?BTPN-ApiKey=d3fc745f-d978-45b3-857a-f21f9af5fa9b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:6004:6d42:d12a:5c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
MinIO/RELEASE.2019-08-29T00-25-01Z /
Resource Hash
e7e7bb9da8aeb837ce47c81f95ffa43ce1f72e7840e0f527485fef846a8e4dbb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2secure.jenius.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 03:19:19 GMT
Via
1.0 appapiprd01.corp.bankbtpn.co.id ()
Last-Modified
Wed, 03 Mar 2021 16:02:44 GMT
Server
MinIO/RELEASE.2019-08-29T00-25-01Z
X-Amz-Request-Id
16E6DF69E2B27EF9
ETag
"7bdd50a30d3b32b0e795d97dd50c079e-1"
Vary
Origin
Content-Type
image/png
X-CorrelationID
Id-b7d85c6237e25f46e460e775 0
Accept-Ranges
bytes
Content-Security-Policy
block-all-mixed-content
Connection
close
Max-Forwards
20
X-Xss-Protection
1; mode=block
Roboto-Medium.ttf
2secure.jenius.co.id/fonts/ 		157 KB
158 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/fonts/Roboto-Medium.ttf?9745415b8a2a8b9a2480a12f7e2d3ad3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02868d6a7e80d4e7836b6263dd50d26a63e923a1223c9e027aad6dc2501c27cc
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2secure.jenius.co.id/
Origin
https://2secure.jenius.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:19 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
160696
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-273b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/octet-stream
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda42153c4fcc36-ZRH
expires
Mon, 18 Apr 2022 07:19:19 GMT
JeniusSans-Regular.otf
2secure.jenius.co.id/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/fonts/JeniusSans-Regular.otf?a4add77f590953f0ef4753228cf82794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84fdf5a753790771666d470bc02e699eb999dc55ffb973aa1b4deb62b8d1a69
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2secure.jenius.co.id/
Origin
https://2secure.jenius.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:19 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
39900
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-9bdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/octet-stream
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda42153c51cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:19 GMT
JeniusSans-Bold.otf
2secure.jenius.co.id/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2secure.jenius.co.id/fonts/JeniusSans-Bold.otf?46db33f26272c00a5bdc2ea2a0ba105c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe6fff865373fff1071b2c0ccae43f803aad6246c339a592c14d1e6899d2ad2
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2secure.jenius.co.id/
Origin
https://2secure.jenius.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 03:19:20 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
permission-policy
geolocation = ()
vary
Accept-Encoding
content-length
39792
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Nov 2021 16:12:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"619529e1-9b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/octet-stream
cache-control
public, max-age=14400
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
accept-ranges
bytes
cf-ray
6fda42153c52cc36-ZRH
expires
Mon, 18 Apr 2022 07:19:20 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| P function| _ object| j2 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
2secure.jenius.co.id/ Name: 3e04e2e1cb726c587789f352bee0d63a
Value: 7306a4652a3d4f7ccc62478c62f1325c
.jenius.co.id/ Name: _ga
Value: GA1.3.1945236858.1650251957
.jenius.co.id/ Name: _gid
Value: GA1.3.1887969472.1650251957

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.btpn.com:* *.jenius.co.id:* *.btpn.co.id:* www.google-analytics.com *.jenius.com:* *.ecommchannels.com:*;img-src * blob: data:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block