it-indonesia.net Open in urlscan Pro
103.147.32.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Submission: On September 05 via manual (September 5th 2023, 10:07:08 am UTC) from IN — Scanned from DE

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 63 HTTP transactions. The main IP is 103.147.32.6, located in Indonesia and belongs to IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID. The main domain is it-indonesia.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 25th 2023. Valid for: 3 months.

This is the only time it-indonesia.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
15	103.147.32.6 103.147.32.6	140389 (IDNIC-DBI...) (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital)
3	2600:9000:206... 2600:9000:206f:a00:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2a02:26f0:350... 2a02:26f0:3500:882::17c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	143.204.98.31 143.204.98.31	16509 (AMAZON-02) (AMAZON-02)
3	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
2	151.101.65.175 151.101.65.175	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:e16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
4	3.214.107.242 3.214.107.242	14618 (AMAZON-AES) (AMAZON-AES)
1	35.166.116.205 35.166.116.205	16509 (AMAZON-02) (AMAZON-02)
63	16

15 103.147.32.6 (Indonesia)

ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID)
PTR: 6.32.147.103.in-addr.arpa

it-indonesia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:a00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:3500:882::17c7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www3.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www4.citizensbankonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e16 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.glassboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.214.107.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-107-242.compute-1.amazonaws.com

report.citizen.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.116.205 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-116-205.us-west-2.compute.amazonaws.com

pdx-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	citizensbankonline.com www3.citizensbankonline.com — Cisco Umbrella Rank: 491750 www4.citizensbankonline.com — Cisco Umbrella Rank: 444075	98 KB
15	it-indonesia.net it-indonesia.net	88 KB
10	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3632 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3870	341 KB
7	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3685 va.idp.liveperson.net — Cisco Umbrella Rank: 9280 va.v.liveperson.net — Cisco Umbrella Rank: 4073	133 KB
4	glassboxdigital.io report.citizen.glassboxdigital.io — Cisco Umbrella Rank: 57717	5 KB
3	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4645 udc-neb.kampyle.com — Cisco Umbrella Rank: 2383	120 KB
3	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3388	20 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 4045	61 KB
1	eum-appdynamics.com pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 4121	778 B
1	glassboxcdn.com cdn.glassboxcdn.com — Cisco Umbrella Rank: 12575	138 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368	82 KB
63	11

	Domain	Requested by
15	it-indonesia.net	it-indonesia.net
14	www3.citizensbankonline.com	it-indonesia.net www3.citizensbankonline.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net cdn.appdynamics.com
4	report.citizen.glassboxdigital.io	cdn.appdynamics.com
3	va.v.liveperson.net	cdn.appdynamics.com
3	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
3	nexus.ensighten.com	it-indonesia.net nexus.ensighten.com
2	nebula-cdn.kampyle.com	cdn.appdynamics.com
2	va.idp.liveperson.net	cdn.appdynamics.com va.idp.liveperson.net
2	cdn.appdynamics.com	nexus.ensighten.com cdn.appdynamics.com
2	lptag.liveperson.net	it-indonesia.net
1	pdx-col.eum-appdynamics.com	cdn.appdynamics.com
1	udc-neb.kampyle.com
1	cdn.glassboxcdn.com	cdn.appdynamics.com
1	ajax.googleapis.com	it-indonesia.net
1	www4.citizensbankonline.com	it-indonesia.net
63	16

This site contains links to these domains. Also see Links.

Domain
www.citizensbank.com

Subject Issuer	Validity	Valid
it-indonesia.net cPanel, Inc. Certification Authority	`2023-07-25` - `2023-10-23`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
citizensbankonline.com Entrust Certification Authority - L1M	`2023-03-03` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-21`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-03-30` - `2024-03-29`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-30` - `2024-09-30`	a year	crt.sh
glassboxcdn.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-03-01`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh
citizen.glassboxdigital.io Amazon RSA 2048 M01	`2023-02-21` - `2023-11-17`	9 months	crt.sh
*.eum-appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-14` - `2024-07-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Frame ID: 72797DDF5A05CAFCF9391A308C35A7D4
Requests: 59 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fit-indonesia.net&site=89632304&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 5DFF72B14950F19167FAF28CDDE39DFB
Requests: 2 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1693908414155&loc=https%3A%2F%2Fit-indonesia.net
Frame ID: 55E036A05498F0A80CF7AC8B7D2E7360
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Login | Citizens

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

98 %
HTTPS

27 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

1087 kB
Transfer

3754 kB
Size

14
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citizensbank.com/learning/coronavirus/overview.aspx?WT.ac=CB_OLB_OLBAd_Coronavirus_CRC_COVID-19ResourceCenter_A484
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.citizensbank.com/mobile-and-online-banking/mobile-app.aspx
Title: Check out everything it can do and see information on how to get it.

Search URL Search Domain Scan URL

URL: http://www.citizensbank.com/
Title: Cancel

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
it-indonesia.net/ie/ 25 KB
26 KB 2897ms
2140ms Document
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash: ef4cd3741315de78ac313b50177729e3c62ed36d6216a1230d2b6ab80af2e9f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Sep 2023 10:06:50 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/citizensbank/olbprod/ 60 KB
18 KB 275ms
0ms Script
application/javascript 2600:9000:206f:a00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f8540b077628748c708e54122c6ac623fb8f2f490ae1fd6f99ef2ccc97a6ac9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:44:35 GMT
x-amz-version-id: F3Jdmb9WpsyXHz0YHeEXouaJ0LT_5wF.
content-encoding: br
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 915737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 17:54:43 GMT
server: CloudFront
etag: W/"2e7b8b3799add45f76f830e163782237"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: fxPm4hFzwdbgrX8VWZkKY8UA-TzHzJVnTEEwulcFBhZHf8em5q-RPg==

GET
H/1.1 404
Not Found pm_fp.js
it-indonesia.net/efs/efs/jsp-ns/ 0
0 400ms
278ms Script
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/efs/efs/jsp-ns/pm_fp.js
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jquery-ui-1.10.3.custom.min.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 19 KB
3 KB 1112ms
595ms Stylesheet
text/css 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/jquery-ui-1.10.3.custom.min.css

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 06 Sep 2023 10:06:52 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=229, origin; dur=0, ak_p; desc="1693908411141_388276614_860791108_22874_362486_7_202_255";dur=1
content-length: 3118
x-olb-req-received: t=1683940214242708
last-modified: Sat, 19 Aug 2023 11:52:03 GMT
server: Akamai Resource Optimizer
etag: "4a56-5fa83a3c4380e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-olb-req-duration: D=1481

GET
H2 200 normalize.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 10 KB
3 KB 1473ms
957ms Stylesheet
text/css 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/normalize.css

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 06 Sep 2023 10:06:02 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=598, origin; dur=0, ak_p; desc="1693908411487_388276614_860791109_62349_337992_9_0_255";dur=1
content-length: 2300
x-olb-req-received: t=1683940169057551
last-modified: Fri, 25 Aug 2023 16:19:38 GMT
server: Akamai Resource Optimizer
etag: "26c2-5fa83a3c43bf6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86350
accept-ranges: bytes
x-olb-req-duration: D=497

GET
H/1.1 200
OK main.css
it-indonesia.net/ie/ass/ 61 KB
61 KB 1023ms
538ms Stylesheet
text/css 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/main.css
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash: 070f74d576e0ad5f6a56407246cb7a67748ac019bee851d0435751a006950ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:51 GMT
Last-Modified: Tue, 27 Dec 2022 01:17:34 GMT
Server: nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62468

GET
H2 200 flows.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 8 KB
2 KB 1114ms
597ms Stylesheet
text/css 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 10:21:52 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=244, origin; dur=0, ak_p; desc="1693908411455_388276614_860791110_24389_365611_9_0_255";dur=1
content-length: 1975
x-olb-req-received: t=1683940169047710
last-modified: Tue, 22 Aug 2023 15:37:31 GMT
server: Akamai Resource Optimizer
etag: "21ce-5fa83a3c34b5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-olb-req-duration: D=459

GET
H2 200 ad-containers.css
www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ 7 KB
2 KB 1217ms
701ms Stylesheet
text/css 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/ad-containers.css

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 16:32:38 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=352, origin; dur=0, ak_p; desc="1693908411455_388276614_860791111_35207_362307_6_0_255";dur=1
content-length: 1227
x-olb-req-received: t=1683940169087166
last-modified: Tue, 29 Aug 2023 14:10:24 GMT
server: Akamai Resource Optimizer
etag: "1dd4-5fa83a3c34772"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=23146
accept-ranges: bytes
x-olb-req-duration: D=426

GET
H2 200 modernizr-2.6.2.min.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 15 KB
6 KB 886ms
370ms Script
application/x-javascript 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/modernizr-2.6.2.min.js

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 21:32:59 GMT
date: Tue, 05 Sep 2023 10:06:51 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1693908411455_388276614_860791112_1258_362132_8_0_219";dur=1
content-length: 5535
x-olb-req-received: t=1683940169412918
last-modified: Mon, 28 Aug 2023 21:23:17 GMT
server: Akamai Resource Optimizer
etag: "3c36-5fa83a3c564e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=41168
accept-ranges: bytes
x-olb-req-duration: D=935

GET
H2 200 plugins.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 199 KB
38 KB 1297ms
782ms Script
application/x-javascript 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/plugins.js

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 18:29:53 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=412, origin; dur=0, ak_p; desc="1693908411455_388276614_860791113_41202_382560_6_0_219";dur=1
content-length: 38875
x-olb-req-received: t=1683940438673684
last-modified: Sat, 26 Aug 2023 01:16:42 GMT
server: Akamai Resource Optimizer
etag: "31d24-5fa83a3c3eb82"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=30181
accept-ranges: bytes
x-olb-req-duration: D=8350

GET
H2 200 main.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 19 KB
4 KB 1118ms
603ms Script
application/x-javascript 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/main.js

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 22:06:29 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=252, origin; dur=0, ak_p; desc="1693908411458_388276614_860791121_25173_359626_9_0_219";dur=1
content-length: 3967
x-olb-req-received: t=1683940169498301
last-modified: Fri, 01 Sep 2023 19:53:01 GMT
server: Akamai Resource Optimizer
etag: "4c03-5fa83a3c3e79a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=43177
accept-ranges: bytes
x-olb-req-duration: D=803

GET
H2 200 placeholders.min.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 4 KB
2 KB 1208ms
693ms Script
application/x-javascript 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/placeholders.min.js

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 06 Sep 2023 10:04:52 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=321, origin; dur=0, ak_p; desc="1693908411458_388276614_860791122_32179_367926_7_0_219";dur=1
content-length: 1394
x-olb-req-received: t=1683940169629891
last-modified: Tue, 29 Aug 2023 01:14:17 GMT
server: Akamai Resource Optimizer
etag: "10aa-5fa83a3c568c8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86280
accept-ranges: bytes
x-olb-req-duration: D=457

GET
H2 404 7c3ed55c
www4.citizensbankonline.com/akam/11/ 0
0 113ms
47ms Script
text/html 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.citizensbankonline.com/akam/11/7c3ed55c

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 10:06:52 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
cache-control: max-age=0
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1693908412500_388276614_860794206_11_8949_9_0_146";dur=1
content-length: 9
content-type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
82 KB 323ms
0ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:33:28 GMT
x-content-type-options: nosniff
age: 293603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 00:33:28 GMT

GET
H2 404 tealeaf.js
www3.citizensbankonline.com/efs/efs/js/ 0
0 2887ms
2373ms Script
text/html 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.citizensbankonline.com/efs/efs/js/tealeaf.js
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 CTZ_Green-01.png
www3.citizensbankonline.com/efs/hhf/img/ 5 KB
6 KB 231ms
212ms Image
image/png 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/hhf/img/CTZ_Green-01.png

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-olb-req-duration: D=131
date: Tue, 05 Sep 2023 10:06:53 GMT
x-olb-req-received: t=1683940219649480
strict-transport-security: max-age=15768000
last-modified: Sun, 30 Apr 2023 01:29:39 GMT
etag: "149d-5fa83a3c879f0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=437417
server-timing: cdn-cache; desc=HIT, edge; dur=152, origin; dur=0, ak_p; desc="1693908412897_388276614_860795314_15194_15569_11_0_146";dur=1
accept-ranges: bytes
content-length: 5277
expires: Sun, 10 Sep 2023 11:37:10 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/citizensbank/olbprod/ 305 B
637 B 59ms
39ms Script
text/javascript 2600:9000:206f:a00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/olbprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citizensbank/olbprod/code/&publishedOn=Fri%20Aug%2025%2017:54:41%20GMT%202023&ClientID=397&PageID=https%3A%2F%2Fit-indonesia.net%2Fie%2Flogin.php%3Fonline_id%3D871cd072d548db42dddaa85f2%26country%3D%26iso%3D
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6aebfb263a85ab472eb1879687a9e7e45192f9b3ba834818e33016d11d8f2d82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:52 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 305
x-amz-cf-id: gxt6iN1Q3PbnsOBUe0yqBoPiAQQPH4s9jPSXeEOH99MXovMV7C_nzQ==
expires: Tue, 05 Sep 2023 10:06:51 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 333ms
122ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=89632304

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

07c2ef0fac89b65b6f0877cb66f64a74469b2ad8759bf41097a8c76b8ff782bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 22 Aug 2023 10:45:27 GMT
server: ws
etag: "64e491c7-2494"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9364

GET
H/1.1 404
Not Found citizen_roman.woff
it-indonesia.net/ie/ass/font/ 0
0 279ms
270ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citizen_roman.woff
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jquery-1.9.1.min.js Show response
www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/ 90 KB
29 KB 67ms
67ms Script
application/x-javascript 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://it-indonesia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires: Wed, 06 Sep 2023 10:06:42 GMT
date: Tue, 05 Sep 2023 10:06:52 GMT
content-encoding: br
strict-transport-security: max-age=15768000
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1693908412545_388276614_860794309_792_16462_15_0_219";dur=1
content-length: 29409
x-olb-req-received: t=1692980331894100
last-modified: Fri, 25 Aug 2023 16:18:52 GMT
server: Akamai Resource Optimizer
etag: "169d6-5fa83a3c447ae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86390
accept-ranges: bytes
x-olb-req-duration: D=6106

GET
H/1.1 404
Not Found 930e113327rn2365aa3b7b98b0447e8d
it-indonesia.net/content/ 0
0 317ms
297ms Script
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/content/930e113327rn2365aa3b7b98b0447e8d
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found common.js
it-indonesia.net/efs/efs/jsp-ns/scripts/ 0
0 321ms
302ms Script
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/efs/efs/jsp-ns/scripts/common.js
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citizen_roman.ttf
it-indonesia.net/ie/ass/font/ 0
0 293ms
290ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citizen_roman.ttf
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 acd2d9049bb548dd9e9347909f72f93b.js Show response
nexus.ensighten.com/citizensbank/olbprod/code/ 7 KB
2 KB 37ms
0ms Script
application/javascript 2600:9000:206f:a00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/citizensbank/olbprod/code/acd2d9049bb548dd9e9347909f72f93b.js?conditionId0=421909
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 05b53932e9b22dd68cc9509f6a86b15499b6ccf67146818481409c54810facca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:29:13 GMT
x-amz-version-id: ydIy0F7HNrGGIx01o.7yl6yjhQk4Eyy6
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 697060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 17:54:43 GMT
server: CloudFront
etag: W/"c75e08bd1c1b9870ada39586abe8897b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: zj_tToaHgTa70hWesOUVYbnX6S3wNCvgDplGY47IJjqiSuIVDPF94Q==

GET
H2 200 adrum-latest.js Show response
cdn.appdynamics.com/adrum/ 111 KB
40 KB 491ms
20ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/citizensbank/olbprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: c17848916b072cee558b852e6d24dea34f27ff3ca3844fe5dc19209b021090ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 10:21:16 GMT
content-encoding: gzip
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 949537
x-cache: Hit from cloudfront
last-modified: Fri, 25 Aug 2023 06:34:17 GMT
server: nginx/1.16.1
etag: W/"64e84b69-1bb2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nmK8aD5NlVtr8g6EWMsAA6u_l9bqmMoNkfx-P1OfAi5fvIam4lo2rQ==

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/ 326 KB
114 KB 83ms
29ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: it-indonesia.net
URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

9d1d181050c9cb12391bc3115f18293197512146532a836aacef051710d38cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/ 7 KB
2 KB 174ms
31ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/89632304/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

6f949ae118121071bdff55bcf8166a92afc62d62fcc4aa220bdcd4da10ff2fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:53 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 05 Sep 2023 10:07:53 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 40 KB
12 KB 103ms
33ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ui-framework.js?version=10.30.1.0-release_5605
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 08:13:17 GMT
content-encoding: br
age: 438816
x-guploader-uploadid: ADPycdukDMYpgaKKpkQ65gIoKDEorMt39ij7yguZOKtYEhV6QqkPEsm8YyzEKi5s7gu0EfHaxMnZICjAslgqKuJv3ELxvA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12473
last-modified: Fri, 25 Aug 2023 01:06:22 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1692925582165392
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: max-age=31536000,public
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 91 KB
26 KB 94ms
25ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/UMSClientAPI.min.js?version=10.30.1.0-release_5605
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ee01d15ad37daf31ddfb93ff91c06dbb583e5b9c58d6a3d868ec8d66c889bc39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 08:13:17 GMT
content-encoding: br
age: 438816
x-guploader-uploadid: ADPycdt142lHzzgSPDbZoSJLbKnOXgpM1GVzFr0EM4F_0HTgIVkNWFyOZHOEf9Bu1HjO8WaUrg9KtO09A3LSafj_ojOhKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25438
last-modified: Fri, 25 Aug 2023 01:06:22 GMT
server: UploadServer
etag: W/"0ff5f09769ba7197844be8db03827b08"
vary: Accept-Encoding
x-goog-generation: 1692925582079005
x-goog-hash: crc32c=VCkrzg==, md5=D/Xwl2m6cZeES+jbA4J7CA==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: max-age=31536000,public
x-goog-stored-content-length: 92694
accept-ranges: none
content-type: application/javascript

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 92 KB
26 KB 95ms
26ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/lpChatV3.min.js?version=10.30.1.0-release_5605
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 08:13:17 GMT
content-encoding: br
age: 438816
x-guploader-uploadid: ADPycdukaYiEjSEStmoMxEoNYl9hBTnnpk97vhMKae1FHFshSNe8Na0dAgsKhx9m1GWrMvmMYDeZqebF20vbyNJ2JbMP9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26338
last-modified: Fri, 25 Aug 2023 01:06:22 GMT
server: UploadServer
etag: W/"1b9875038c28f82d87ab6ea5ec9c7ef1"
vary: Accept-Encoding
x-goog-generation: 1692925582081337
x-goog-hash: crc32c=RKdNnA==, md5=G5h1A4wo+C2Hq26l7Jx+8Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: max-age=31536000,public
x-goog-stored-content-length: 94041
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 8 KB
3 KB 105ms
37ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/surveylogicinstance.min.js?version=10.30.1.0-release_5605
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 08:13:17 GMT
content-encoding: br
age: 438816
x-guploader-uploadid: ADPycdsfZfEtXnMG3cJSNiSmpiSSxR4P7Dtun64dAQ_INF3TdUivyF-YS4p-HPk7VUuPPgkbTVUYyINh0V3Wr03sUnTVDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2381
last-modified: Fri, 25 Aug 2023 01:06:22 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1692925582263082
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: max-age=31536000,public
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/ 5 KB
2 KB 166ms
41ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/89632304/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/89632304/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

eab0e28465a25a550afd63d4de33dcf83fd173fbcd7d1ad53d952e1c1538f5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:53 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 05 Sep 2023 10:07:53 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/ 999 KB
242 KB 19ms
7ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.30.1.0-release_5605/desktopEmbedded.js?version=10.30.1.0-release_5605
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e06f7140273b0fe1887c41528b4343ccb90e4f65f722869edd5fd8ec8e991459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 08:13:18 GMT
content-encoding: br
age: 438815
x-guploader-uploadid: ADPycds9ANQIEb-NQMYrNvmiJbrPgvdihaf2HwsrrpZK832txJ9bbTeeNzGJpVrHqEbQCTAq9_rQx_5CyP7cL8AwmMZzwA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247930
last-modified: Fri, 25 Aug 2023 01:06:22 GMT
server: UploadServer
etag: W/"e4a9484321f3bfad0d26ac8190ce10c2"
vary: Accept-Encoding
x-goog-generation: 1692925582775638
x-goog-hash: crc32c=IS4lQw==, md5=5KlIQyHzv60NJqyBkM4Qwg==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: max-age=31536000,public
x-goog-stored-content-length: 1022822
accept-ranges: none
content-type: application/javascript

GET
H3 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 5DFF 39 KB
13 KB 59ms
22ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fit-indonesia.net&site=89632304&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Request headers

Referer: https://it-indonesia.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 2093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-encoding: br
content-length: 13671
content-type: text/html
date: Tue, 05 Sep 2023 09:32:00 GMT
etag: W/"c324135b527679ce95ee8393a719af9d"
last-modified: Sat, 17 Jun 2023 09:58:13 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1686995892984320
x-goog-hash: crc32c=Au+7sg== md5=wyQTW1J2ec6V7oOTpxmvnQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 39463
x-guploader-uploadid: ADPycdtEXhsu_l7AFAgv-eBWTuvaDVr0ztnYijXCe1JyOtkf1yFFmeKLi1DphnBxtGFyuYWu7pDgooOhtWbJc47GFKPLUQ

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 37 KB
13 KB 69ms
37ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fit-indonesia.net&site=89632304&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 09:35:08 GMT
content-encoding: br
age: 1905
x-guploader-uploadid: ADPycdssK3QnrBdVo8Ms0YffQX3I0Ms6X_vaQSK8HBXKkANjafDqKnxr73dJN8dhy7rQbonsoeM1bU2gIRH2DU8MeIuC3DuCY4eS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13403
last-modified: Sat, 17 Jun 2023 09:58:12 GMT
server: UploadServer
etag: W/"c45eeed74a24f46b0e7a5c5faaae4731"
vary: Accept-Encoding
x-goog-generation: 1686995892942818
x-goog-hash: crc32c=s01eVg==, md5=xF7u10ok9GsOelxfqq5HMQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=3600
x-goog-stored-content-length: 38358
accept-ranges: none
content-type: application/javascript

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/ Frame 5DFF 818 B
1 KB 48ms
3ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/89632304/configuration/domainprotection/refererrestrictions?cb=lpCb96157x88576

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fit-indonesia.net&site=89632304&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

920c952fd5b8aade310df0cf8459fc55f998e90036ebf679d1f7be500925e354

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:53 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 05 Sep 2023 10:07:53 GMT

GET
H2 200 icon-secure.png
www3.citizensbankonline.com/efs/efs/grafx/ 292 B
671 B 127ms
0ms Image
image/png 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/icon-secure.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-olb-req-duration: D=179
date: Tue, 05 Sep 2023 10:06:54 GMT
x-olb-req-received: t=1691433199000192
strict-transport-security: max-age=15768000
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "124-5e6a235cbd9f7"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=312214
server-timing: cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1693908413975_388276614_860798195_2242_16299_12_0_219";dur=1
accept-ranges: bytes
content-length: 292
expires: Sat, 09 Sep 2023 00:50:28 GMT

GET
H2 200 flows-tooltip.png
www3.citizensbankonline.com/efs/efs/grafx/ 364 B
745 B 128ms
0ms Image
image/png 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/flows-tooltip.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-olb-req-duration: D=106
date: Tue, 05 Sep 2023 10:06:54 GMT
x-olb-req-received: t=1683940169167586
strict-transport-security: max-age=15768000
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "16c-5e6a235cbd78f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=287546
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1693908413996_388276614_860798238_736_12875_12_0_219";dur=1
accept-ranges: bytes
content-length: 364
expires: Fri, 08 Sep 2023 17:59:20 GMT

GET
H2 200 arrow-button-white.png
www3.citizensbankonline.com/efs/efs/grafx/ 1017 B
1 KB 139ms
0ms Image
image/png 2a02:26f0:3500:882::17c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.citizensbankonline.com/efs/efs/grafx/arrow-button-white.png

Requested by

Host: www3.citizensbankonline.com
URL: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:882::17c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/flows.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-olb-req-duration: D=117
date: Tue, 05 Sep 2023 10:06:54 GMT
x-olb-req-received: t=1691018906190478
strict-transport-security: max-age=15768000
last-modified: Sat, 20 Aug 2022 01:34:05 GMT
etag: "3f9-5e6a235ca4f6f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=33746
server-timing: cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1693908413996_388276614_860798239_2550_13263_10_0_219";dur=1
accept-ranges: bytes
content-length: 1017
expires: Tue, 05 Sep 2023 19:29:20 GMT

GET
H/1.1 404
Not Found arrow-down-blue.png
it-indonesia.net/efs/efs/grafx/ 315 B
315 B 340ms
308ms Image
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://it-indonesia.net/efs/efs/grafx/arrow-down-blue.png
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/ie/ass/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found arrow-right-orange.png
it-indonesia.net/efs/efs/grafx/ 315 B
315 B 338ms
297ms Image
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://it-indonesia.net/efs/efs/grafx/arrow-right-orange.png
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/ie/ass/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citiolb_icons.woff
it-indonesia.net/ie/ass/font/ 0
0 338ms
296ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citiolb_icons.woff
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citizen_extrabold.woff
it-indonesia.net/ie/ass/font/ 0
0 741ms
267ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citizen_extrabold.woff
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citizen_book.woff
it-indonesia.net/ie/ass/font/ 0
0 748ms
274ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citizen_book.woff
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 postmessage.min.html Show response
va.idp.liveperson.net/postmessage/ Frame 55E0 11 KB
5 KB 554ms
204ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1693908414155&loc=https%3A%2F%2Fit-indonesia.net

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://it-indonesia.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Tue, 05 Sep 2023 10:06:54 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 404
Not Found citiolb_icons.ttf
it-indonesia.net/ie/ass/font/ 0
0 404ms
267ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citiolb_icons.ttf
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citizen_extrabold.ttf
it-indonesia.net/ie/ass/font/ 0
0 284ms
276ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citizen_extrabold.ttf
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found citizen_book.ttf
it-indonesia.net/ie/ass/font/ 0
0 278ms
275ms Font
text/html 103.147.32.6
IDNIC-DBIZ-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL: https://it-indonesia.net/ie/ass/font/citizen_book.ttf
Requested by: Host: it-indonesia.net
URL: https://it-indonesia.net/ie/ass/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.147.32.6 , Indonesia, ASN140389 (IDNIC-DBIZ-AS-ID PT Dewa Bisnis Digital, ID),
Reverse DNS: 6.32.147.103.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://it-indonesia.net/ie/ass/main.css
Origin: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST
H2 200 authorize Show response
va.idp.liveperson.net/api/account/89632304/anonymous/ Frame 55E0 678 B
2 KB 212ms
193ms XHR
application/json 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/api/account/89632304/anonymous/authorize?__d=6931

Requested by

Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1693908414155&loc=https%3A%2F%2Fit-indonesia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

cb0c1285010cfed321c65933438660b1b61c3b2a9a36795a1a3b815d0bfeb366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

LP-DOMAIN-REFERER: https://it-indonesia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1693908414155&loc=https%3A%2F%2Fit-indonesia.net
X-Requested-With: XMLHttpRequest
LP-URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 10:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/json
access-control-allow-origin: https://va.idp.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length: 678

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/356861/onsite/ 1 KB
967 B 44ms
8ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/wu/356861/onsite/embed.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0d255931fa3a2bde3ab381898d534fbf48ae29dc1e18c62c0f9760c48e61314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: vJFTzMqhfyU4QI7mk29gbmCu_o.jNS98
content-encoding: gzip
via: 1.1 varnish
date: Tue, 05 Sep 2023 10:06:54 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 3S68F9VKDHCZC3FR
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 518
x-amz-id-2: 5MfR9Tx1dyN0vdN5mz/9jqI56tGP9kgA1C63sQEjDNXBPKULsa5Q0po0Tk2QZokrgYjiuZUILLE=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Tue, 29 Aug 2023 18:55:32 GMT
server: AmazonS3
x-timer: S1693908415.985074,VS0,VE1
etag: "d36c86bf93ec501c153f15bbcac4037b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 detector-dom.min.js Show response
cdn.glassboxcdn.com/citizen/OLB/p/ 453 KB
138 KB 185ms
31ms Script
application/javascript 2606:4700::6812:e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.glassboxcdn.com/citizen/OLB/p/detector-dom.min.js?
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 392d367eebbc2b193466fd5811fbe94771aa77eae9d7f9c1c4ba645a220c4fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:55 GMT
x-amz-version-id: aExPSyfvo3ZqhnI4l5sNk27nP8sSy1yn
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 23 Aug 2023 15:35:05 GMT
server: cloudflare
etag: W/"f88895eadac6934fe60729b067ec21b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-ray: 801da98a692592c3-FRA
x-amz-cf-id: j0WCkJBYpNemBvF4DXVPKiOWpiiY9T5P7FrzWgUFs_wPQApLaIJRCQ==
expires: Tue, 05 Sep 2023 10:26:55 GMT

GET
H2 200 adrum-ext.89188edf1c7df38b8e63edb7368e911e.js Show response
cdn.appdynamics.com/ 53 KB
21 KB 14ms
12ms Script
application/javascript 143.204.98.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.89188edf1c7df38b8e63edb7368e911e.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-31.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: d4519118cc3c1f3d003282e4401446f0b698e3f6db7e2393714aa752e517cbdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:35:12 GMT
content-encoding: gzip
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 963102
x-cache: Hit from cloudfront
last-modified: Fri, 25 Aug 2023 06:34:16 GMT
server: nginx/1.16.1
etag: W/"64e84b68-d40e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E6kuFE5wWz-tbVYz9tzKK1mg-dRvT-MrE0q6MW4LocbCYQK6jORG4A==

GET
H2 200 generic1693335330762.js Show response
nebula-cdn.kampyle.com/us/wu/356861/onsite/ 839 KB
119 KB 29ms
29ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/356861/onsite/generic1693335330762.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a4b40296660dde21866c20b63b83f2a36c7347c7e6c41ccac7b3c14f234f9419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: lUeLiLqyYd6u6EuFakpAJNelipV9pNkt
content-encoding: gzip
via: 1.1 varnish
date: Tue, 05 Sep 2023 10:06:55 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: JSYQ3TT6WPVQAVFK
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 121565
x-amz-id-2: hJy9Ic6L+k47leKAXiEAgADXro36aTARF4evulfRUdzJF57DKND20bIKl33VHuQpv+9cVcf5FPo=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Tue, 29 Aug 2023 18:55:32 GMT
server: AmazonS3
x-timer: S1693908415.999672,VS0,VE1
etag: "889949a1be0bbf0456e86c2fb956ad7d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 89632304 Show response
va.v.liveperson.net/api/js/ 174 B
1 KB 704ms
187ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/89632304?&cb=lpCb13219x21471&t=sp&ts=1693908414044&pid=9726367067&tid=1578581172&pt=Online%20Login%20%7C%20Citizens&u=https%3A%2F%2Fit-indonesia.net%2Fie%2Flogin.php%3Fonline_id%3D871cd072d548db42dddaa85f2%26country%3D%26iso%3D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%228f7591dc-6531-46f3-b591-dc653106f31d%22%2C%22account%22%3A%2289632304%22%7D%5D

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

237b2db49b96a65d2f7a998b73664c81526e784449874ba6a32bf6d93b3657b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:06:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 324ms
96ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNi4wLjU4NDUuMTQwIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJPbmxpbmUgTG9naW4gfCBDaXRpemVucyIsInBhZ2VfdXJsIjogImh0dHBzOi8vaXQtaW5kb25lc2lhLm5ldC9pZS9sb2dpbi5waHA/b25saW5lX2lkPTg3MWNkMDcyZDU0OGRiNDJkZGRhYTg1ZjImY291bnRyeT0maXNvPSIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjkzOTA4NDE1MzQwIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMiwidXNlcl9pZCI6ICIxOGE2NGNmMzMxZTM2OS0wNDM5ODljZWQ5NzRmZS02MDNiNTI1Yi0xZDRjMDAtMThhNjRjZjMzMWY3MDgiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDM1Njg2MCwidXJsIjogImh0dHBzOi8vaXQtaW5kb25lc2lhLm5ldC9pZS9sb2dpbi5waHA/b25saW5lX2lkPTg3MWNkMDcyZDU0OGRiNDJkZGRhYTg1ZjImY291bnRyeT0maXNvPSIsIndlYnNpdGVJZCI6IDM1Njg2MSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiN2Q0Yi04NmFjLWYxODMtMjdjOS1mODYwLWQwNjctMTM1My0yNjAwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2OTM5MDg0MTUyOTAiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMjU0LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41Mi4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41Mi4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjkzOTA4NDE1MzQwLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-f5d3
date: Tue, 05 Sep 2023 10:06:55 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ 783 B
1 KB 433ms
92ms XHR
application/json 3.214.107.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?_cls_s=9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7%3A0&_cls_v=9e373fc0-5f2f-46d7-bb85-68eee15b786f&pv=2&f_cls_s=true
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.107.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-107-242.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: 554f1f403b42a71c882ab854ab8471e34185fd56c5314ae968c340a70049645e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 10:06:55 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://it-indonesia.net
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 458

GET
BLOB 200
OK 5e4bfa2e-9480-48d7-8c1b-17c673f68a39
https://it-indonesia.net/ 75 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://it-indonesia.net/5e4bfa2e-9480-48d7-8c1b-17c673f68a39
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 75
Content-Type: application/javascript

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ 783 B
1 KB 91ms
91ms XHR
application/json 3.214.107.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.80B159&_cls_s=9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0&_cls_v=9e373fc0-5f2f-46d7-bb85-68eee15b786f&pid=af3cfe64-c442-4374-a65b-12a488906794&sn=1&cfg&pv=2&aid=
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.107.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-107-242.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: 554f1f403b42a71c882ab854ab8471e34185fd56c5314ae968c340a70049645e

Request headers

Referer: https://it-indonesia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 05 Sep 2023 10:06:57 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://it-indonesia.net
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 458

POST
H2 200 adrum Show response
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/ 0
778 B 2703ms
352ms XHR
text/html 35.166.116.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-PKK/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.89188edf1c7df38b8e63edb7368e911e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.116.205 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-116-205.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536010; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://it-indonesia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 10:07:01 GMT
strict-transport-security: max-age=31536010; includeSubDomains
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

GET
H2 200 89632304 Show response
va.v.liveperson.net/api/js/ 240 B
1 KB 1934ms
1934ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/89632304?&cb=lpCb91796x72181&t=sp&ts=1693908414044&pid=9726367067&tid=1578581172&pt=Online%20Login%20%7C%20Citizens&u=https%3A%2F%2Fit-indonesia.net%2Fie%2Flogin.php%3Fonline_id%3D871cd072d548db42dddaa85f2%26country%3D%26iso%3D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%228f7591dc-6531-46f3-b591-dc653106f31d%22%2C%22account%22%3A%2289632304%22%7D%5D&rc=1&vid=FjZjcyYTc1OThjNDcyZjk2

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

e8b2639e2218239facb2e19f7e66f9c65511791b7792442fc1e6933a21c7700e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:07:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 89632304 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 94ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/89632304?sid=Qf_sp8OvRfOOyZymzyhgqA&cb=lpCb95995x85675&t=pl&ts=1693908415068&pid=9726367067&tid=1578581172&vid=FjZjcyYTc1OThjNDcyZjk2

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

2f562b7005e627720bec2177117f4492e61179a2d4b4426e61153895c16eeda3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://it-indonesia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 10:07:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ 191 B
947 B 91ms
91ms XHR
application/json 3.214.107.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.80B159&_cls_s=9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0&_cls_v=9e373fc0-5f2f-46d7-bb85-68eee15b786f&pid=af3cfe64-c442-4374-a65b-12a488906794&sn=2&cfg=27baeec&pv=2&aid=
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.107.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-107-242.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: c78d1cae062e1fbe6f4bb3c4d3e734a0b346040c5e20df47f6a6d9c3e7638a7f

Request headers

Referer: https://it-indonesia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 05 Sep 2023 10:07:05 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://it-indonesia.net
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 164

POST
H/1.1 200
OK cls_report Show response
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/ 191 B
947 B 92ms
91ms XHR
application/json 3.214.107.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD/cls_report?clsjsv=6.6.80B159&_cls_s=9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0&_cls_v=9e373fc0-5f2f-46d7-bb85-68eee15b786f&pid=af3cfe64-c442-4374-a65b-12a488906794&sn=3&cfg=27baeec&pv=2&aid=
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.107.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-107-242.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash: c78d1cae062e1fbe6f4bb3c4d3e734a0b346040c5e20df47f6a6d9c3e7638a7f

Request headers

Referer: https://it-indonesia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 05 Sep 2023 10:07:06 GMT
content-encoding: gzip
Server: GlassBox Cligate
vary: origin
Content-Type: application/json
access-control-allow-origin: https://it-indonesia.net
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5035
X-Robots-Tag: noindex
Content-Length: 164

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD	1969-12-31 23:59:59	Name: _cls_cfgver Value: 27baeec
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD	1969-12-31 23:59:59	Name: _cls_s Value: 9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0
report.citizen.glassboxdigital.io/glassbox/reporting/A1F924CD-F1F0-C445-9923-C6EA4A9913FD	1969-12-31 23:59:59	Name: _cls_v Value: 9e373fc0-5f2f-46d7-bb85-68eee15b786f
it-indonesia.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: c767c35526e2848cd1a0648ea779b869
it-indonesia.net/	1970-01-20 23:17:24	Name: mdLogger Value: false
it-indonesia.net/	1970-01-20 23:17:24	Name: kampyle_userid Value: 7d4b-86ac-f183-27c9-f860-d067-1353-2600
it-indonesia.net/	1970-01-20 23:17:24	Name: kampyleUserSession Value: 1693908415290
it-indonesia.net/	1970-01-20 23:17:24	Name: kampyleUserSessionsCount Value: 1
it-indonesia.net/	1970-01-20 23:17:24	Name: kampyleSessionPageCounter Value: 1
.it-indonesia.net/	1970-01-21 00:07:48	Name: _cls_v Value: 9e373fc0-5f2f-46d7-bb85-68eee15b786f
.it-indonesia.net/	1969-12-31 23:59:59	Name: _cls_s Value: 9fd3f8ac-4540-4e9e-9aa8-371a5a72c1e7:0
.it-indonesia.net/	1970-01-20 23:17:24	Name: LPVID Value: FjZjcyYTc1OThjNDcyZjk2
report.citizen.glassboxdigital.io/	1970-01-20 14:41:53	Name: AWSALBCORS Value: EyaCPfxbO8LD2AaZ4tprWcN/h6HoyL4vukFR1CoV2GvoDGaeum2cD6HXYCp0rwGM5iNf85T/FLjEml14tw/7UsuvGHpE4SKDk8Pm5B8bXK9GYWpUtXwSF/54aOS7
.it-indonesia.net/	1969-12-31 23:59:59	Name: LPSID-89632304 Value: Qf_sp8OvRfOOyZymzyhgqA

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://it-indonesia.net/efs/efs/jsp-ns/pm_fp.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=(Line 168) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://it-indonesia.net/ie/login.php?online_id=871cd072d548db42dddaa85f2&country=&iso=(Line 168) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-1.9.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www4.citizensbankonline.com/akam/11/7c3ed55c Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://it-indonesia.net/ie/ass/font/citizen_roman.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citizen_roman.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/content/930e113327rn2365aa3b7b98b0447e8d Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/efs/efs/jsp-ns/scripts/common.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www3.citizensbankonline.com/efs/efs/js/tealeaf.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://it-indonesia.net/efs/efs/grafx/arrow-right-orange.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/efs/efs/grafx/arrow-down-blue.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citiolb_icons.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citizen_extrabold.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citiolb_icons.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citizen_book.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citizen_book.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://it-indonesia.net/ie/ass/font/citizen_extrabold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ajax.googleapis.com
cdn.appdynamics.com
cdn.glassboxcdn.com
it-indonesia.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
nebula-cdn.kampyle.com
nexus.ensighten.com
pdx-col.eum-appdynamics.com
report.citizen.glassboxdigital.io
udc-neb.kampyle.com
va.idp.liveperson.net
va.v.liveperson.net
www3.citizensbankonline.com
www4.citizensbankonline.com
103.147.32.6
143.204.98.31
151.101.65.175
178.249.97.23
178.249.97.99
208.89.12.87
208.89.15.170
2600:9000:206f:a00:2:8f43:5780:93a1
2606:4700::6812:e16
2a00:1450:4001:82a::200a
2a02:26f0:3500:882::17c7
3.214.107.242
34.120.154.120
35.166.116.205
35.241.45.82
05b53932e9b22dd68cc9509f6a86b15499b6ccf67146818481409c54810facca
070f74d576e0ad5f6a56407246cb7a67748ac019bee851d0435751a006950ab2
07c2ef0fac89b65b6f0877cb66f64a74469b2ad8759bf41097a8c76b8ff782bc
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0d255931fa3a2bde3ab381898d534fbf48ae29dc1e18c62c0f9760c48e61314d
237b2db49b96a65d2f7a998b73664c81526e784449874ba6a32bf6d93b3657b9
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2f562b7005e627720bec2177117f4492e61179a2d4b4426e61153895c16eeda3
392d367eebbc2b193466fd5811fbe94771aa77eae9d7f9c1c4ba645a220c4fc5
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
554f1f403b42a71c882ab854ab8471e34185fd56c5314ae968c340a70049645e
57a2dc0af7db36023b2b6c53e01dbd8e716d96174486ad20d68b2549589c5441
6aebfb263a85ab472eb1879687a9e7e45192f9b3ba834818e33016d11d8f2d82
6f949ae118121071bdff55bcf8166a92afc62d62fcc4aa220bdcd4da10ff2fe2
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
920c952fd5b8aade310df0cf8459fc55f998e90036ebf679d1f7be500925e354
99373341554ceaade5ea6c81725f1cd4d05e906621a15797d99d01343ae551f8
9d1d181050c9cb12391bc3115f18293197512146532a836aacef051710d38cf5
a4b40296660dde21866c20b63b83f2a36c7347c7e6c41ccac7b3c14f234f9419
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
b769305d18e59ddd6f13c3fb6db4f90a15770b3717aaddbadb6e543918178bc8
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
bf99a3203217c802888087df8a2c84b92e087829e7e24d38581a57cee763923b
c17848916b072cee558b852e6d24dea34f27ff3ca3844fe5dc19209b021090ff
c78d1cae062e1fbe6f4bb3c4d3e734a0b346040c5e20df47f6a6d9c3e7638a7f
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
cad0f4b1f9bfa3f4ef94d78c20ae16464bda0fb3902fd7689e26a2904cea29d9
cb0c1285010cfed321c65933438660b1b61c3b2a9a36795a1a3b815d0bfeb366
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d4519118cc3c1f3d003282e4401446f0b698e3f6db7e2393714aa752e517cbdf
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
e06f7140273b0fe1887c41528b4343ccb90e4f65f722869edd5fd8ec8e991459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b2639e2218239facb2e19f7e66f9c65511791b7792442fc1e6933a21c7700e
eab0e28465a25a550afd63d4de33dcf83fd173fbcd7d1ad53d952e1c1538f5ec
ee01d15ad37daf31ddfb93ff91c06dbb583e5b9c58d6a3d868ec8d66c889bc39
ef4cd3741315de78ac313b50177729e3c62ed36d6216a1230d2b6ab80af2e9f6
f8540b077628748c708e54122c6ac623fb8f2f490ae1fd6f99ef2ccc97a6ac9b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

it-indonesia.net Open in urlscan Pro 103.147.32.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

27 %IPv6

11 Domains

16 Subdomains

16 IPs

3 Countries

1087 kBTransfer

3754 kBSize

14 Cookies

3 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

it-indonesia.net Open in urlscan Pro
103.147.32.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

27 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

1087 kB
Transfer

3754 kB
Size

14
Cookies

63 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!