rekberin.paypalku.com Open in urlscan Pro
2001:df7:5300:2::19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rekberin.paypalku.com/
Submission Tags: @phishunt_io
Submission: On April 11 via api (April 11th 2022, 8:39:27 pm UTC) from DE — Scanned from DE

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 18 domains to perform 38 HTTP transactions. The main IP is 2001:df7:5300:2::19, located in Indonesia and belongs to IDNIC-DENEVA-AS-ID PT Deneva, ID. The main domain is rekberin.paypalku.com.
TLS certificate: Issued by R3 on April 11th 2022. Valid for: 3 months.

This is the only time rekberin.paypalku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2001:df7:5300... 2001:df7:5300:2::19	138115 (IDNIC-DEN...) (IDNIC-DENEVA-AS-ID PT Deneva)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	34.101.100.187 34.101.100.187	139190 (GOOGLE-AS...) (GOOGLE-AS-AP Google Asia Pacific Pte. Ltd.)
1	51.210.32.103 51.210.32.103	16276 (OVH) (OVH)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	18.66.242.231 18.66.242.231	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
38	19

13 2001:df7:5300:2::19 (Indonesia)

ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID)

rekberin.paypalku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.101.100.187 (Jakarta, Indonesia)

ASN139190 (GOOGLE-AS-AP Google Asia Pacific Pte. Ltd., SG)
PTR: 187.100.101.34.bc.googleusercontent.com

app.sandbox.midtrans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.32.103 (France)

ASN16276 (OVH, FR)
PTR: ns3172599.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.242.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-231.dus51.r.cloudfront.net

d2f3dnusg0rbp7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	paypalku.com rekberin.paypalku.com	260 KB
4	cloudfront.net d2f3dnusg0rbp7.cloudfront.net	271 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 644	513 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	83 KB
2	midtrans.com app.sandbox.midtrans.com — Cisco Umbrella Rank: 784941	21 KB
2	google.com www.google.com — Cisco Umbrella Rank: 4	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	101 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 380	18 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2761	18 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
1	gstatic.com www.gstatic.com	143 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5383	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13776	68 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	41 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	30 KB
38	18

	Domain	Requested by
13	rekberin.paypalku.com	rekberin.paypalku.com
4	d2f3dnusg0rbp7.cloudfront.net	app.sandbox.midtrans.com
2	bam.nr-data.net	app.sandbox.midtrans.com
2	connect.facebook.net	rekberin.paypalku.com connect.facebook.net
2	app.sandbox.midtrans.com	rekberin.paypalku.com app.sandbox.midtrans.com
2	www.google.com	rekberin.paypalku.com
2	cdn.jsdelivr.net	rekberin.paypalku.com cdn.jsdelivr.net
1	js-agent.newrelic.com	app.sandbox.midtrans.com
1	cdn.mxpnl.com	app.sandbox.midtrans.com
1	www.google-analytics.com	app.sandbox.midtrans.com
1	www.facebook.com	connect.facebook.net
1	www.gstatic.com	www.google.com
1	www.google.de	rekberin.paypalku.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	i.ibb.co	rekberin.paypalku.com
1	www.googletagmanager.com	rekberin.paypalku.com
1	code.jquery.com	rekberin.paypalku.com
38	18

This site contains links to these domains. Also see Links.

Domain
play.google.com
wa.me
instagram.com

Subject Issuer	Validity	Valid
rekberin.paypalku.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.sandbox.midtrans.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-10-01`	a year	crt.sh
ibb.co R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rekberin.paypalku.com/
Frame ID: 1408F34032674F8737DAAD6A155DD679
Requests: 29 HTTP requests in this frame

Frame: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Frame ID: 0EA7D282B497F2D24E8DAFDB38EFBD99
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jasa Convert Paypal Ke OVO, Gopay, Dana, LinkAja, Shopee Pay dan Pulsa.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

38
Requests

100 %
HTTPS

67 %
IPv6

18
Domains

18
Subdomains

19
IPs

5
Countries

1093 kB
Transfer

3180 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.jasacvpp
Title: Google Playstore

Search URL Search Domain Scan URL

URL: https://wa.me/6285854760492
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://instagram.com/paypalku_com
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rekberin.paypalku.com/ 11 KB
3 KB 1247ms
518ms Document
text/html 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

2af1d9e7695bd2354afaf07e02ca418efaa63f0f9e1b4dc775a160e47808ff07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 20:39:20 GMT
dn-cache: MISS
dn-request-id: 4ddf9fcd76febdc74c58e655b5b368d6
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: domainesia
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-page-speed: DN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.css
rekberin.paypalku.com/assets/template/ 263 KB
32 KB 213ms
211ms Stylesheet
text/css 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/assets/template/bootstrap.css

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

94b9e3935ca90e3fff5250f26acb876d47b38517592779df77aeacd414d1150c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 10 Apr 2022 13:57:28 GMT
server: domainesia
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
dn-request-id: aa4b39f994ea165a6a96b7e17b8b5388
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
dn-cache: MISS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 bootstrap-icons.css
rekberin.paypalku.com/assets/template/ 71 KB
10 KB 577ms
576ms Stylesheet
text/css 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/assets/template/bootstrap-icons.css

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

72a51212badb48180fac5980f1005f81cde4f53dd1552eb8f4a0529d75f56bac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 27 Feb 2022 08:48:18 GMT
server: domainesia
x-frame-options: SAMEORIGIN
content-type: text/css
vary: Accept-Encoding
dn-request-id: 5e702e483edbd56f69d0f50653700ce3
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
dn-cache: MISS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ 72 KB
11 KB 66ms
28ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1855032
x-jsd-version: 1.7.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19179-FRA, cache-hhn4050-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"11e37-gaZqnrLenLCs4BvyXVKzdrhY6WA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aNvAa4%2FyJb07CWJO%2BTIQ2ojSs0pN4szIYCWvhhs4uXMU4yXaLziFA24UaWMRd%2BWiIgmTzjbY7U2ax2i6Y%2BDFckVwrsKxJNBEYWIUjs2NZ6Xxp4pskcSA78zARQw8WM9x4tByG9pmhPeCPzqASk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fa687f75c2a922f-FRA

GET
H2 200 css2
rekberin.paypalku.com/cloudme.fonts.googleapis.com/ 16 KB
1 KB 578ms
577ms Stylesheet
text/css 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

bfe91068b21bd5261c0a45e554ebcfb013fa4767157d6328789cc73693ead4f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=604800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: domainesia
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
dn-request-id: c1627f5dd3352fc19ad0d1236f9ccb54
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
gf-cache-status: MISS
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 20:39:20 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 68ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://rekberin.paypalku.com/
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1649709561.dop139.fr8.t,1649709561.cds277.fr8.hn,1649709561.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
41 KB 75ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-817167945

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa68e914e28c710e2a227e4b08c2ff9bc70c71c15a33b39dfcbc520af7bf8d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41876
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 20:09:27 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Apr 2022 20:39:22 GMT

GET
H2 200 logo.png
rekberin.paypalku.com/assets/ 36 KB
36 KB 388ms
387ms Image
image/png 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rekberin.paypalku.com/assets/logo.png

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

1dcd944d1e0ff8289dd71a3f99c2a1aff3d7315609ca12b056fd7e72d3a9e543

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 13:43:50 GMT
server: domainesia
cache-control: s-maxage=10
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
dn-request-id: e92dde628b844827b6a19978ce1289c0
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
dn-cache: MISS
content-length: 36468
x-content-type-options: nosniff

GET
H2 200 bootstrap.min.js Show response
rekberin.paypalku.com/assets/template/ 141 KB
40 KB 216ms
215ms Script
application/javascript 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/assets/template/bootstrap.min.js

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

4efa9993042180278d5f4e29a4bf367c2089dfd4f6d6fa867998c1cbca9239bd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 27 Feb 2022 08:48:18 GMT
server: domainesia
cache-control: s-maxage=10
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
dn-request-id: 816078775d846d385c326ad83f8045e3
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
dn-cache: MISS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 custom.js Show response
rekberin.paypalku.com/assets/template/ 34 KB
7 KB 396ms
396ms Script
application/javascript 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/assets/template/custom.js

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

58bb35fa512c6da9ad316c2ab34c386ee2812c1f87995789b03086c4992ff7ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 27 Feb 2022 08:48:18 GMT
server: domainesia
cache-control: s-maxage=10
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
dn-request-id: 808689f8c2982d9db2515b02782a0e55
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
dn-cache: MISS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 sweet-alert.js Show response
rekberin.paypalku.com/assets/template/ 4 KB
2 KB 388ms
388ms Script
application/javascript 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/assets/template/sweet-alert.js

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

a0259e04463deb7e5e3d77b77940637f1ae4c0d340ad73bb83af05fb717dd5f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 14:19:13 GMT
server: domainesia
cache-control: s-maxage=10
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
dn-request-id: f56ecf775e75a914d0996b945f33c814
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
dn-cache: MISS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 70ms
27ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Mon, 11 Apr 2022 20:39:22 GMT

GET
H/1.1 200
OK snap.js Show response
app.sandbox.midtrans.com/snap/ 7 KB
8 KB 1139ms
284ms Script
text/javascript 34.101.100.187
GOOGLE-AS-AP Goog...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sandbox.midtrans.com/snap/snap.js

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.101.100.187 Jakarta, Indonesia, ASN139190 (GOOGLE-AS-AP Google Asia Pacific Pte. Ltd., SG),

Reverse DNS

187.100.101.34.bc.googleusercontent.com

Software

Resource Hash

4351058d61ceda3db2f14a19ac068a59e65483e6860aa297e62ff6e3f4ca077f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:23 GMT
referrer-policy: origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private
content-transfer-encoding: binary
x-content-type-options: nosniff
content-disposition: inline; filename="snap.sandbox.js"; filename*=UTF-8''snap.sandbox.js
strict-transport-security: max-age=15724800; includeSubDomains
transfer-encoding: chunked
x-xss-protection: 1; mode=block
x-request-id: 62db913b85433bdcfb265695116347a2

GET
H2 200 Be-Funky-design-21.jpg
i.ibb.co/yn6fgyg/ 68 KB
68 KB 79ms
24ms Image
image/jpeg 51.210.32.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/yn6fgyg/Be-Funky-design-21.jpg
Requested by: Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172599.ip-51-210-32.eu
Software: nginx /
Resource Hash: af610eb08079f6d5d357fc4e1c22bb8160eabb4b4c6971db842a0dfa87cad1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:22 GMT
last-modified: Fri, 01 Apr 2022 05:40:29 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 69281
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_.png
rekberin.paypalku.com/assets/template/image/ 41 KB
42 KB 382ms
382ms Image
image/png 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rekberin.paypalku.com/assets/template/image/logo_.png

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/assets/template/bootstrap.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

b47a3861a59096c468a3dde485d96c0895f1f15514db9ba447812279f1894e98

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/assets/template/bootstrap.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 10 Apr 2022 13:56:26 GMT
server: domainesia
cache-control: s-maxage=10
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
dn-request-id: 60e33c10864bc5ac53995ece4443830d
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
dn-cache: MISS
content-length: 42371
x-content-type-options: nosniff

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ 90 KB
91 KB 49ms
28ms Font
font/woff2 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/bootstrap-icons.woff2?30af91bf14e37666a085fb8a161ff36d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1855032
x-jsd-version: 1.7.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92064
x-served-by: cache-fra19137-FRA, cache-hhn4054-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"167a0-ABUDSebr2vJiivnqTlbWsC29o5M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjnFwiCejhbCPf2X7oRZNBGl5MXoLzxoqqPaRrDeqqpPSG8avmU55dXXTsU%2BVSxkmIKCgJkYYM9ZzdBcIBnNZZdaRGel%2BbkGePpa3nE0YDBNIiWR3OGH2j3%2BoFUlJBlrfUZIkY6Hdn5hfVUnhxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6fa687fafd8e9261-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/inter/v8/ 37 KB
38 KB 380ms
379ms Font
font/woff2 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
x-content-type-options: nosniff
age: 79917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
gf-cache-status: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 1; mode=block
dn-request-id: 964db584fdcc2926d64bf2d826eb549c
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: domainesia
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=10
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 379ms
379ms Font
font/woff2 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
x-content-type-options: nosniff
age: 325632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
gf-cache-status: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 1; mode=block
dn-request-id: 38805c9c8673603a016149210e31c866
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: domainesia
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=10
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 380ms
379ms Font
font/woff2 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
x-content-type-options: nosniff
age: 325388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
gf-cache-status: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 1; mode=block
dn-request-id: 35cc6b6d781c01e9367b6e978be073d7
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: domainesia
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=10
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 380ms
380ms Font
font/woff2 2001:df7:5300:2::19
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

https://rekberin.paypalku.com/cloudme.fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df7:5300:2::19 , Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

domainesia /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rekberin.paypalku.com/cloudme.fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Roboto:wght@400;500;700&display=swap
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:21 GMT
x-content-type-options: nosniff
age: 222571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
gf-cache-status: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 1; mode=block
dn-request-id: b380724401e5ccb90ee36a319903421f
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: domainesia
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=10
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:39:21 GMT

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 69ms
28ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-817167945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14886
x-xss-protection: 0
server: cafe
etag: 11980861724045072707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 20:39:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/817167945/ 2 KB
2 KB 76ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/817167945/?random=1649709562230&cv=9&fst=1649709562230&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frekberin.paypalku.com%2F&tiba=Jasa%20Convert%20Paypal%20Ke%20OVO%2C%20Gopay%2C%20Dana%2C%20LinkAja%2C%20Shopee%20Pay%20dan%20Pulsa.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d88e0c599a9721ef14b221a7558b52fe07408f1d8de7c1645f8ab52e7066bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 20:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/817167945/ 42 B
64 B 60ms
32ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/817167945/?random=1649709562230&cv=9&fst=1649707200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frekberin.paypalku.com%2F&tiba=Jasa%20Convert%20Paypal%20Ke%20OVO%2C%20Gopay%2C%20Dana%2C%20LinkAja%2C%20Shopee%20Pay%20dan%20Pulsa.&async=1&fmt=3&is_vtc=1&random=162762258&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 20:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/817167945/ 42 B
548 B 76ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/817167945/?random=1649709562230&cv=9&fst=1649707200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Frekberin.paypalku.com%2F&tiba=Jasa%20Convert%20Paypal%20Ke%20OVO%2C%20Gopay%2C%20Dana%2C%20LinkAja%2C%20Shopee%20Pay%20dan%20Pulsa.&async=1&fmt=3&is_vtc=1&random=162762258&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 20:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 62ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: rekberin.paypalku.com
URL: https://rekberin.paypalku.com/assets/template/sweet-alert.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e285bd963b181926f165749b2c53fd001d0ef1513e2f4fda516521eb517ec2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wSRANTwib4j9RiNmeNDqNw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Apr 2022 20:50:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: DjFUmcReGE7eXVnMd0764hsK2EJPrFabe69Dy/OMcx4euljooJGqBB3Mi373SWfPQtZ5MGSVSc8ixgxI8QB4TQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 8760c64d8efe961b57d2d8187bce966b
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Apr 2022 20:39:22 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8f5bf36a9990783019b092e5403a19fe"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 362 KB
143 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rekberin.paypalku.com/
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 18:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145703
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 04:02:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 18:32:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 45ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=08acf52ac922f716acf9676066f1a7c4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dfea29d6c4496b5cab87ed6248c73b6873a12f124e19d8de4a046f9ce7b839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rekberin.paypalku.com/
Origin: https://rekberin.paypalku.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: l7kmxc+0xFg+PzssuEnGAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 11 Apr 2023 18:06:47 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82857
x-fb-rlafr: 0
x-fb-debug: dABofDwLBgPmZiaySjIvysgpm8rTYOFZNMsNTTIv5va9BIbX848PCa7oT01GrNB5Va52bDC/ODeJccUmZYcBHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f17d294d3ba978d5355ea4bc223b6146
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 20:39:22 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0d1a22159f15f0f349e188eb0dded6d2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 158ms
112ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1017846388847274&input_token&origin=1&redirect_uri=https%3A%2F%2Frekberin.paypalku.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=08acf52ac922f716acf9676066f1a7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rekberin.paypalku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: eOSpjff/LKVbkBCNkwjw8DBkXzNV2Ux5BUV3Ebi4l2B4tFHaTgk2kK5nNQNj8zHD3ktSpGWr8nfqSjXuj8fDRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 11 Apr 2022 20:39:22 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rekberin.paypalku.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pay Show response
app.sandbox.midtrans.com/snap/v1/ Frame 0EA7 34 KB
13 KB 1583ms
1583ms Document
text/html 34.101.100.187
GOOGLE-AS-AP Goog...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK

Requested by

Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/snap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.101.100.187 Jakarta, Indonesia, ASN139190 (GOOGLE-AS-AP Google Asia Pacific Pte. Ltd., SG),

Reverse DNS

187.100.101.34.bc.googleusercontent.com

Software

Resource Hash

8e5f40b113ace8a33d1cd2848de74edffdc44082bef7e2f2bdfc86a641a15574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rekberin.paypalku.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 20:39:24 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
transfer-encoding: chunked
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 5b21480632244b8b5776fb7a61089b89
x-xss-protection: 1; mode=block

GET
H2 200 aquamarine-1207decbc5218d34c0e6917b80a7e6681bdf1c7a1852721c2f25b638a285dd22.css
d2f3dnusg0rbp7.cloudfront.net/snap/assets/v3/ Frame 0EA7 122 KB
20 KB 778ms
729ms Stylesheet
text/css 18.66.242.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f3dnusg0rbp7.cloudfront.net/snap/assets/v3/aquamarine-1207decbc5218d34c0e6917b80a7e6681bdf1c7a1852721c2f25b638a285dd22.css
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-231.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1207decbc5218d34c0e6917b80a7e6681bdf1c7a1852721c2f25b638a285dd22

Request headers

Referer: https://app.sandbox.midtrans.com/
Origin: https://app.sandbox.midtrans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:39:26 GMT
content-encoding: gzip
vary: Origin
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 20484
access-control-allow-origin: *
last-modified: Fri, 10 Dec 2021 07:32:43 GMT
server: AmazonS3
etag: "0e82d7c768485b3951ec91714cd59a9d"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT
content-type: text/css
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: -Vvuo2VQQFbWxVWvyD4sHzpGDHN1Mw3frrznaWAreMLqBJ-DDr-oyQ==

GET
H2 200 snap-only-8ca9ece3f813f0bcb85ab1a4199a0dd3a564a397dc68c8c4e3d0119d6bf12d32.css
d2f3dnusg0rbp7.cloudfront.net/snap/assets/ Frame 0EA7 504 B
635 B 67ms
18ms Stylesheet
text/css 18.66.242.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f3dnusg0rbp7.cloudfront.net/snap/assets/snap-only-8ca9ece3f813f0bcb85ab1a4199a0dd3a564a397dc68c8c4e3d0119d6bf12d32.css
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-231.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ca9ece3f813f0bcb85ab1a4199a0dd3a564a397dc68c8c4e3d0119d6bf12d32

Request headers

Referer: https://app.sandbox.midtrans.com/
Origin: https://app.sandbox.midtrans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 02:17:38 GMT
content-encoding: gzip
vary: Origin
age: 66108
x-cache: Hit from cloudfront
content-length: 211
access-control-allow-origin: *
last-modified: Wed, 30 Aug 2017 10:12:40 GMT
server: AmazonS3
etag: "9c20bfe275433ca2d6e837ae908bd9a6"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT
content-type: text/css
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: s-FniqFS1wfmExZmbe2pY_ONJjfnb3N9KJWbgN1wZfSPe93b_PQYtA==

GET
H2 200 snap-app.sandbox-bb4912bf21e2bd7dc9bbfa1e855b83ad365bf03894d280ada5a5f85d302d867d.js Show response
d2f3dnusg0rbp7.cloudfront.net/snap/assets/ Frame 0EA7 1 MB
233 KB 69ms
21ms Script
text/javascript 18.66.242.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f3dnusg0rbp7.cloudfront.net/snap/assets/snap-app.sandbox-bb4912bf21e2bd7dc9bbfa1e855b83ad365bf03894d280ada5a5f85d302d867d.js
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-231.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb4912bf21e2bd7dc9bbfa1e855b83ad365bf03894d280ada5a5f85d302d867d

Request headers

Referer: https://app.sandbox.midtrans.com/
Origin: https://app.sandbox.midtrans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:49:08 GMT
content-encoding: gzip
vary: Origin
age: 81990
x-cache: Hit from cloudfront
content-length: 237532
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 02:52:43 GMT
server: AmazonS3
etag: "383640fe4a2e8d92904070b33b103083"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT
content-type: text/javascript
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: VjIj2OWm9Tyv_IleDbHia5uYLvOtFSGy0b4Z_aCso6A_LE3rwSotqA==

GET
H2 200 loader-bfbbfeb7f0351f05e50085c7f4296d3d50f7538b3914dabd41f77e921345680f.gif
d2f3dnusg0rbp7.cloudfront.net/snap/assets/ Frame 0EA7 17 KB
17 KB 78ms
38ms Image
image/gif 18.66.242.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2f3dnusg0rbp7.cloudfront.net/snap/assets/loader-bfbbfeb7f0351f05e50085c7f4296d3d50f7538b3914dabd41f77e921345680f.gif
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-231.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfbbfeb7f0351f05e50085c7f4296d3d50f7538b3914dabd41f77e921345680f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.sandbox.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 04:28:36 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2016 10:04:52 GMT
server: AmazonS3
age: 58251
etag: "8137798252084168756de87ae359d798"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 16994
x-amz-cf-id: tztyhDYRB3nJ_mj7tpYs77jNhwrUOP0K8dmaxzFdSpQaXgLR879odg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0EA7 49 KB
20 KB 78ms
33ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.sandbox.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3876
date: Mon, 11 Apr 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 11 Apr 2022 21:34:50 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ Frame 0EA7 50 KB
18 KB 97ms
19ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.sandbox.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 20:32:26 GMT
content-encoding: gzip
age: 420
x-guploader-uploadid: ADPycdud-YyCWh1IjtHyPikm4jvl9Rn3Wu0yV_bSCKZYUACUQn8Fy3snDG3t-jAV_ahNzGFoBJv9xE_BeG2Ku5311unIVYZyhPkS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 11 Apr 2022 20:42:26 GMT

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ Frame 0EA7 47 KB
18 KB 54ms
16ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.sandbox.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: E3807YWQHPQZ8YJZ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: 5tcVSTKzkfPEZbNMMs+Dplhb/d0xmPHl6ly9DhZlkXi7DMq5iwlmuwUDWB4WFuI4jhXJxdstiws=
x-served-by: cache-hhn4028-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1649709566.309280,VS0,VE0
date: Mon, 11 Apr 2022 20:39:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10527

GET
H/1.1 200
OK NRJS-609bfb9d259921642ae Show response
bam.nr-data.net/1/ Frame 0EA7 57 B
322 B 485ms
120ms Script
text/javascript 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-609bfb9d259921642ae?a=1626968558&v=1215.1253ab8&to=IVlaQRFWXwpVRBtFAE1GVUwOXF0Sb0ZVVFQRGV1bB1xL&rst=3045&ck=1&ref=https://app.sandbox.midtrans.com/snap/v1/pay&ap=1302&be=1864&fe=2981&dc=2876&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1649709563284,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:1584,%22rpe%22:1861,%22dl%22:1587,%22di%22:2876,%22ds%22:2876,%22de%22:2876,%22dc%22:2981,%22l%22:2981,%22le%22:2982%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.sandbox.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK NRJS-609bfb9d259921642ae Show response
bam.nr-data.net/events/1/ Frame 0EA7 24 B
191 B 121ms
120ms XHR
image/gif 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-609bfb9d259921642ae?a=1626968558&v=1215.1253ab8&to=IVlaQRFWXwpVRBtFAE1GVUwOXF0Sb0ZVVFQRGV1bB1xL&rst=3543&ck=1&ref=https://app.sandbox.midtrans.com/snap/v1/pay
Requested by: Host: app.sandbox.midtrans.com
URL: https://app.sandbox.midtrans.com/snap/v1/pay?origin_host=https://rekberin.paypalku.com&digest=a7a68e0da5ab576b0cf608e2642b7aec13eee9b107a5a8c91f2476b4056bedf7&client_key=SB-Mid-client-m2GqIyhHRdzSLpmK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.sandbox.midtrans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.sandbox.midtrans.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rekberin.paypalku.com/	1970-01-20 02:15:16	Name: ci_session Value: 2cdf8e2ed88e60615d057dd291448cd00586f4ee
.paypalku.com/	1970-01-20 04:24:45	Name: _gcl_au Value: 1.1.2101952784.1649709562
.doubleclick.net/	1970-01-20 02:15:10	Name: test_cookie Value: CheckForPermission
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 370c15a532456493

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.sandbox.midtrans.com
bam.nr-data.net
cdn.jsdelivr.net
cdn.mxpnl.com
code.jquery.com
connect.facebook.net
d2f3dnusg0rbp7.cloudfront.net
googleads.g.doubleclick.net
i.ibb.co
js-agent.newrelic.com
rekberin.paypalku.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
151.101.130.137
162.247.242.31
172.217.18.98
18.66.242.231
2001:4de0:ac18::1:a:2b
2001:df7:5300:2::19
2600:1901:0:bc29::
2606:4700::6810:5614
2a00:1450:4001:811::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.101.100.187
51.210.32.103
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0dfea29d6c4496b5cab87ed6248c73b6873a12f124e19d8de4a046f9ce7b839a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1207decbc5218d34c0e6917b80a7e6681bdf1c7a1852721c2f25b638a285dd22
1dcd944d1e0ff8289dd71a3f99c2a1aff3d7315609ca12b056fd7e72d3a9e543
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
2af1d9e7695bd2354afaf07e02ca418efaa63f0f9e1b4dc775a160e47808ff07
4351058d61ceda3db2f14a19ac068a59e65483e6860aa297e62ff6e3f4ca077f
4d88e0c599a9721ef14b221a7558b52fe07408f1d8de7c1645f8ab52e7066bbe
4efa9993042180278d5f4e29a4bf367c2089dfd4f6d6fa867998c1cbca9239bd
4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6
58bb35fa512c6da9ad316c2ab34c386ee2812c1f87995789b03086c4992ff7ae
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
72a51212badb48180fac5980f1005f81cde4f53dd1552eb8f4a0529d75f56bac
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
8ca9ece3f813f0bcb85ab1a4199a0dd3a564a397dc68c8c4e3d0119d6bf12d32
8e5f40b113ace8a33d1cd2848de74edffdc44082bef7e2f2bdfc86a641a15574
94b9e3935ca90e3fff5250f26acb876d47b38517592779df77aeacd414d1150c
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
a0259e04463deb7e5e3d77b77940637f1ae4c0d340ad73bb83af05fb717dd5f6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
af610eb08079f6d5d357fc4e1c22bb8160eabb4b4c6971db842a0dfa87cad1d6
b47a3861a59096c468a3dde485d96c0895f1f15514db9ba447812279f1894e98
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb4912bf21e2bd7dc9bbfa1e855b83ad365bf03894d280ada5a5f85d302d867d
bfbbfeb7f0351f05e50085c7f4296d3d50f7538b3914dabd41f77e921345680f
bfe91068b21bd5261c0a45e554ebcfb013fa4767157d6328789cc73693ead4f1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e285bd963b181926f165749b2c53fd001d0ef1513e2f4fda516521eb517ec2b0
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa68e914e28c710e2a227e4b08c2ff9bc70c71c15a33b39dfcbc520af7bf8d3c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

rekberin.paypalku.com Open in urlscan Pro 2001:df7:5300:2::19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

67 %IPv6

18 Domains

18 Subdomains

19 IPs

5 Countries

1093 kBTransfer

3180 kBSize

4 Cookies

3 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rekberin.paypalku.com Open in urlscan Pro
2001:df7:5300:2::19 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

67 %
IPv6

18
Domains

18
Subdomains

19
IPs

5
Countries

1093 kB
Transfer

3180 kB
Size

4
Cookies

38 HTTP transactions
1 data transactions