urlscan.io logo urlscan.io
SecurityTrails logo

www.payment.al-wafi.sch.id Open in urlscan Pro
103.11.135.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.payment.al-wafi.sch.id/
Submission: On January 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 103.11.135.43, located in Bogor, Indonesia and belongs to SWIN-AS-ID PT. Sewiwi Indonesia, ID. The main domain is www.payment.al-wafi.sch.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 7th 2023. Valid for: 3 months.
This is the only time www.payment.al-wafi.sch.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 103.11.135.43 58392 (SWIN-AS-I...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 103.163.138.21 55688 (BEON-AS-I...)
10 3
Apex Domain
Subdomains		 Transfer
8 al-wafi.sch.id
www.payment.al-wafi.sch.id
647 KB
1 puldapii.or.id
puldapii.or.id
64 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
25 KB
10 3
Domain Requested by
8 www.payment.al-wafi.sch.id www.payment.al-wafi.sch.id
1 puldapii.or.id
1 cdn.jsdelivr.net www.payment.al-wafi.sch.id
10 3

This site contains no links.

Subject Issuer Validity Valid
payment.al-wafi.sch.id
cPanel, Inc. Certification Authority		 2023-11-07 -
2024-02-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
cpanel.puldapii.or.id
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.payment.al-wafi.sch.id/
Frame ID: CFD4158C4A197FE562FE6126753FB6AE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wafi Mart | BETA 0.3.0

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

736 kB
Transfer

2515 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.payment.al-wafi.sch.id/ 		780 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
26bc5cd7f7b02598167b154846238b9b220abe89535f5c47f4610a6c56b94b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 21:09:39 GMT
last-modified
Wed, 06 Dec 2023 14:26:24 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payment.al-wafi.sch.id/
Origin
https://www.payment.al-wafi.sch.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6367255
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnaCrqefR2SQ4xop9AWG5jAxJXE6g2xSc64%2FkhuQ74jgBALYLjGjPuYc845tdacE9SjpBKFtL0YpL8BFGBfCPLi76pkuJLVThrzEY7LnayVK8Vqx3DPVml%2BE0qHRSjyHuwsg2d96W4cUmldW6hI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84a304dabcf39106-FRA
theme.css
www.payment.al-wafi.sch.id/themes/lara-light-indigo/ 		177 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/themes/lara-light-indigo/theme.css
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
2d0034b6e0fcfb96b44c19dfbf91a0454cd0bbea9971ef6a63649e7276207ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payment.al-wafi.sch.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 21:09:39 GMT
date
Tue, 23 Jan 2024 21:09:39 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:22 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
index-c6a68119.js
www.payment.al-wafi.sch.id/assets/ 		1 MB
349 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/assets/index-c6a68119.js
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
66a425b53952737907d1fbfd768015c2d5799f3337c68fb49962bb4200889512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payment.al-wafi.sch.id/
Origin
https://www.payment.al-wafi.sch.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 21:09:39 GMT
date
Tue, 23 Jan 2024 21:09:39 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:24 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
index-fdda3483.css
www.payment.al-wafi.sch.id/assets/ 		378 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/assets/index-fdda3483.css
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
fdda3483b3c9e4d57f625bdc3a79a5193aa96c8e269476199e1e2fba400688ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payment.al-wafi.sch.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 21:09:39 GMT
date
Tue, 23 Jan 2024 21:09:39 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:24 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Login-4aa72a0b.js
www.payment.al-wafi.sch.id/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/assets/Login-4aa72a0b.js
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/assets/index-c6a68119.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
9e6a761be051f84878800822570abc1de7703ec9abcb4b769ac3d7dd04350029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.payment.al-wafi.sch.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 21:09:40 GMT
date
Tue, 23 Jan 2024 21:09:40 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:24 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
axios-28bc18a3.js
www.payment.al-wafi.sch.id/assets/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/assets/axios-28bc18a3.js
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/assets/index-c6a68119.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
afdd07dc3682263370253c6b989d3e33f94e554a85feb9c28749e9471fc828ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.payment.al-wafi.sch.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 21:09:40 GMT
date
Tue, 23 Jan 2024 21:09:40 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:24 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Login-d975b367.css
www.payment.al-wafi.sch.id/assets/ 		96 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/assets/Login-d975b367.css
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/assets/index-c6a68119.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
d975b36700267a400dcde662fe01fe8e8cb31757eb2c8ed1f7a9bb71bc35c966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payment.al-wafi.sch.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 21:09:40 GMT
date
Tue, 23 Jan 2024 21:09:40 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:24 GMT
server
nginx
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
96
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
3f9d4a0fba0b9f3d7f9312fc053b81ec.png
puldapii.or.id/APSI/assets/img/Lembaga/Logo/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://puldapii.or.id/APSI/assets/img/Lembaga/Logo/3f9d4a0fba0b9f3d7f9312fc053b81ec.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.163.138.21 , Indonesia, ASN55688 (BEON-AS-ID PT. Beon Intermedia, ID),
Reverse DNS
palapa8.lazeon.com
Software
LiteSpeed /
Resource Hash
818872d3122d56c5e41f937a3eba5ce743cc6a7a743f1402293ca6ff197bbf5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.payment.al-wafi.sch.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:09:42 GMT
last-modified
Thu, 09 Sep 2021 07:10:00 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
65707
expires
Tue, 30 Jan 2024 21:09:42 GMT
Inter-roman.var.woff2
www.payment.al-wafi.sch.id/themes/lara-light-indigo/fonts/ 		222 KB
222 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.payment.al-wafi.sch.id/themes/lara-light-indigo/fonts/Inter-roman.var.woff2?v=3.19
Requested by
Host: www.payment.al-wafi.sch.id
URL: https://www.payment.al-wafi.sch.id/themes/lara-light-indigo/theme.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.11.135.43 Bogor, Indonesia, ASN58392 (SWIN-AS-ID PT. Sewiwi Indonesia, ID),
Reverse DNS
snakehead.swin.net.id
Software
nginx /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payment.al-wafi.sch.id/themes/lara-light-indigo/theme.css
Origin
https://www.payment.al-wafi.sch.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 23 Mar 2024 21:09:41 GMT
date
Tue, 23 Jan 2024 21:09:41 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 14:26:22 GMT
server
nginx
content-type
font/woff2
cache-control
max-age=5184000
accept-ranges
bytes
content-length
227180
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ object| $cookies boolean| __VUE__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block