onboarding.ocbc.id Open in urlscan Pro
45.60.34.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://web.ocbc.id/kta-tele
Effective URL:
https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_Digital...
Submission: On February 21 via manual (February 21st 2024, 3:08:22 am UTC) from ID — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 47 HTTP transactions. The main IP is 45.60.34.152, located in United States and belongs to INCAPSULA, US. The main domain is onboarding.ocbc.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 10th 2023. Valid for: a year.

This is the only time onboarding.ocbc.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	45.60.34.152 45.60.34.152	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	99.84.88.50 99.84.88.50	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	54.154.207.226 54.154.207.226	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
47	14

28 45.60.34.152 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

web.ocbc.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onboarding.ocbc.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.ocbc.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-50.muc50.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.207.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-207-226.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	ocbc.id 1 redirects web.ocbc.id onboarding.ocbc.id api.ocbc.id	1 MB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 409	14 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	301 B
2	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3941 c.contentsquare.net — Cisco Umbrella Rank: 3084	75 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	70 KB
2	gstatic.com fonts.gstatic.com	48 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	193 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 935	394 B
1	t.co t.co — Cisco Umbrella Rank: 641	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 916	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
47	12

	Domain	Requested by
21	onboarding.ocbc.id	onboarding.ocbc.id www.googletagmanager.com
6	api.ocbc.id	onboarding.ocbc.id t.contentsquare.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com onboarding.ocbc.id
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	onboarding.ocbc.id connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	onboarding.ocbc.id www.googletagmanager.com
1	www.facebook.com	onboarding.ocbc.id
1	c.contentsquare.net	onboarding.ocbc.id
1	analytics.twitter.com	onboarding.ocbc.id
1	t.co	onboarding.ocbc.id
1	t.contentsquare.net	onboarding.ocbc.id
1	static.ads-twitter.com	onboarding.ocbc.id
1	fonts.googleapis.com	onboarding.ocbc.id
1	web.ocbc.id	1 redirects
47	15

This site contains no links.

Subject Issuer	Validity	Valid
*.ocbc.id Sectigo RSA Domain Validation Secure Server CA	`2023-11-10` - `2024-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-30` - `2024-02-28`	3 months	crt.sh
t.contentsquare.net Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
dep.ba.contentsquare.net Amazon RSA 2048 M03	`2024-02-18` - `2025-03-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
Frame ID: 0D67955671F6E6376C262B216BC22145
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buka rekening online praktis, banyak keuntungan! | OCBC

Page URL History Show full URLs

https://web.ocbc.id/kta-tele HTTP 308
https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_ca... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

47
Requests

96 %
HTTPS

54 %
IPv6

12
Domains

15
Subdomains

14
IPs

3
Countries

1521 kB
Transfer

5098 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://web.ocbc.id/kta-tele HTTP 308
https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request kta Show response
onboarding.ocbc.id/lending/
Redirect Chain

https://web.ocbc.id/kta-tele
https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_

25 KB
13 KB

769ms
728ms

Document
text/html

45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

24f05a94d6f6ba8ac8e58310ae9e8e0ba2a8fe4bc12c7ff1f23c6ba816df272c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/html
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 21 Feb 2024 03:08:17 GMT
ETag: W/"65d38058-6290:dtagent10257230921194352lDhq:dtagent10257230921194352lDhq"
Expect-CT: max-age=7776000, enforce
Last-Modified: Mon, 19 Feb 2024 16:22:47 GMT
Permissions-Policy: camera=(self "https://ekycverification.ocbcnisp.com"), microphone=(self "https://ekycverification.ocbcnisp.com"), geolocation=(self), fullscreen=(self "https://ekycverification.ocbcnisp.com"), autoplay=(self "https://ekycverification.ocbcnisp.com")
Referrer-Policy: same-origin
Server: nginx
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1906422854"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Iinfo: 7-117035919-117035921 NNNN CT(171 361 0) RT(1708484896414 9) q(0 0 5 0) r(7 7) U12
X-OneAgent-JS-Injection: true
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true

Redirect headers

Connection: Keep-Alive
Date: Wed, 21 Feb 2024 03:08:16 GMT
Keep-Alive: timeout=5, max=100
Server: istio-envoy
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Iinfo: 2-33239830-33239831 NNNN CT(172 353 0) RT(1708484895576 11) q(0 0 6 0) r(8 8) U11
content-length: 0
location: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
x-envoy-upstream-service-time: 9
x-request-id: 5dc191c8-c908-94f6-afc5-f2dc99ebfbb5

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:400,700&display=swap

Requested by

Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e50ae2eb0e63a113caa4484298c8f8252001f46d20b1560fb63b08a101df6d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 03:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 03:08:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 03:08:17 GMT

GET
H/1.1 200
OK ruxitagentjs_ICA2NVfqru_10257230921194352.js Show response
onboarding.ocbc.id/ 196 KB
77 KB 18ms
17ms Script
text/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/ruxitagentjs_ICA2NVfqru_10257230921194352.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e7933d8a9be620736d28b2a50bd15017f3fd7d4b34142f25ed82ae553dbc2c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-CDN: Imperva
Etag: "6385fdc6"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 7-117035919-117036045 2CNN RT(1708484896414 750) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=29665959, public
Content-Length: 77709
Expires: Wed, 29 Jan 2025 11:40:56 GMT

GET
H/1.1 200
OK 525.672d1690.chunk.css
onboarding.ocbc.id/static/css/ 19 KB
5 KB 28ms
15ms Stylesheet
text/css 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/css/525.672d1690.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8b8f848ab7852d3f2474c88f0ff7c62530526f251cd517191d36819f2321ad80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:22:48 GMT
X-CDN: Imperva
Etag: W/"65d38058-4a09"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/css
X-Iinfo: 12-193305853-193305070 2CNN RT(1708484897170 7) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=988, public
Content-Length: 4416
Expires: Wed, 21 Feb 2024 03:24:45 GMT

GET
H/1.1 200
OK main.f5ef59db.chunk.css
onboarding.ocbc.id/static/css/ 15 KB
5 KB 27ms
13ms Stylesheet
text/css 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/css/main.f5ef59db.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d964345df1ac0537d1c72888392962fb549a24d87ff74776b3efcaa3b1100a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:16 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:22:48 GMT
X-CDN: Imperva
Etag: W/"65d38058-3bec"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/css
X-Iinfo: 9-140920559-140919840 2CNN RT(1708484897170 8) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=1211, public
Content-Length: 3875
Expires: Wed, 21 Feb 2024 03:28:27 GMT

GET
H/1.1 200
OK public.min.js Show response
onboarding.ocbc.id/js/ 68 KB
20 KB 39ms
23ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/js/public.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f2b349213dd1e0cf23811f03410a20540538b207b5e574e1549274492cca6a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:21:50 GMT
X-CDN: Imperva
Etag: W/"65d3801e-11140"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 12-193305855-193305858 2CNN RT(1708484897170 11) q(0 0 0 -1) r(0 0)
Cache-Control: max-age=1137, public
Content-Length: 19033
Expires: Wed, 21 Feb 2024 03:27:14 GMT

GET
H/1.1 200
OK 525.2895c69a.chunk.js Show response
onboarding.ocbc.id/static/js/ 2 MB
501 KB 38ms
19ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/525.2895c69a.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

864056479809f912c6b3aff0a64d190de09be459d216fd3258b047df34b50f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:18 GMT
X-CDN: Imperva
Etag: W/"65d380ee-1c5862"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 12-193305856-193305859 2CNN RT(1708484897170 16) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1209, public
Content-Length: 512171
Expires: Wed, 21 Feb 2024 03:28:26 GMT

GET
H/1.1 200
OK main.6119415b.chunk.js Show response
onboarding.ocbc.id/static/js/ 887 KB
212 KB 41ms
22ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/main.6119415b.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9044c1cc13a0023fd29299a64231221566108452e99242c5d19f680c874bdb15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:18 GMT
X-CDN: Imperva
Etag: W/"65d380ee-ddb63"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 12-193305857-193305860 2CNN RT(1708484897170 19) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1209, public
Content-Length: 216051
Expires: Wed, 21 Feb 2024 03:28:26 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
onboarding.ocbc.id/ 151 KB
22 KB 20ms
19ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=703826673

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e9b93dbae98dbd5e293ce995d0f31ea396f2c5547fdf87a0eaa3a2b0bd727ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 21823
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 431 KB
100 KB 57ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N86QGK7Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2aa084b85a716a65616189c247398c2885c841c75dc609162407df1b6f5dd958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 03:08:17 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onboarding.ocbc.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 00:48:52 GMT
x-content-type-options: nosniff
age: 8365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 00:48:52 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 68ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86QGK7Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 21 Feb 2024 03:08:17 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 140378F1C86540C19EAE11779EE985BF Ref B: FRA31EDGE0110 Ref C: 2024-02-21T03:08:18Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 35ms
7ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:08:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-muc13978-MUC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Feb 2024 03:08:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: g1gpk5xCmqtq6debsnPYQ+7etNPg4CiOBmAEl8bAe+rEFShrCrfWSNuroAyFm6IMH6PLdSO5PSavUOpf17y0ug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 f122811010086.js Show response
t.contentsquare.net/uxa/ 314 KB
75 KB 45ms
8ms Script
application/javascript 99.84.88.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/f122811010086.js
Requested by: Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-50.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d648144f9a77739981580535eedd64ac51a8664053f7b16b569f969ec2c1c1e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:46:24 GMT
content-encoding: br
via: 1.1 24615eefe0727e5d65935ccaddca2f78.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76293
last-modified: Tue, 20 Feb 2024 09:45:26 GMT
server: AmazonS3
etag: "5b87e01e6ebeec2baf683760eed770d4"
vary: Origin
content-type: application/javascript;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sH6vmlx72azzCpdz-gZv-e8LS9a_jrsPMPP52DkAk_nyumEsmmZXvQ==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86QGK7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ec34ef8642285992f0e3b045d83f5518d233b7c2047183de1b7d9ecd41127df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:08:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 03:08:18 GMT

POST
H/1.1 200
OK csp_report
onboarding.ocbc.id/ 0
850 B 17ms
17ms Other
text/plain 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/csp_report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 0
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/plain

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63LCTGGHR6&gtm=45je42h0v9169772768z89169770959za200&_p=1708484897932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1550929260.1708484898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&sid=1708484898&sct=1&seg=0&dt=&en=KTA_Landing&_fv=1&_nsi=1&_ss=1&ep.feature=produk%20pinjaman%20individu&tfd=1818
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 03:08:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.ocbc.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 291747482838875 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/291747482838875?v=2.9.147&r=stable&domain=onboarding.ocbc.id&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4f22cf50113228a89fa74df7e03462c654adeca6ee923cbc26f598e416b5a38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Feb 2024 03:08:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12701
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: qWkOskBzSGYbEeiKeHf5ftiCj2SI6KpkKM76Thq3dHn8oKSJI/bYk5dD9WLgU6II/k8ufuPXXak/ImHVJBA6jw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 133ms
111ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=fce782b6-82e3-413a-96db-0c6d689fb473&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f9b14b5b-b1c3-427b-956a-ea80297ffeed&tw_document_href=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5sp1&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 21 Feb 2024 03:08:18 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 92b4a804758a027c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 4e780dd3ff4ecfb8ab8134c53103644546f35c293285f36f9debaae287bdcafc
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 138ms
110ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=fce782b6-82e3-413a-96db-0c6d689fb473&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f9b14b5b-b1c3-427b-956a-ea80297ffeed&tw_document_href=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5sp1&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 21 Feb 2024 03:08:18 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 606f8a618e54349c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 001e0a5c1419262fcb3f2b0c7e0850e862b4243b61f43cf9515f3c3045dc1113
content-length: 43

POST
H/1.1 200
OK csp_report
onboarding.ocbc.id/ 0
850 B 16ms
16ms Other
text/plain 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/csp_report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 0
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/plain

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63LCTGGHR6&gtm=45je42h0v9169772768za200&_p=1708484897932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1550929260.1708484898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1708484898&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&dt=&en=scroll&epn.percent_scrolled=90&_et=6&tfd=1850
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 03:08:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.ocbc.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 121ms
28ms Image
text/plain 54.154.207.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?ex=&pvt=n&la=en-US&uc=1&url=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&dr=&dw=1600&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&uu=230a2b57-ae51-a300-bda0-9939d687e4b4&sn=1&hd=1708484898&v=13.92.0&pid=11904&pn=1&r=176507
Requested by: Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.207.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-207-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 03:08:18 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2 204 97053532.js Show response
bat.bing.com/p/action/ 0
117 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97053532.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 21 Feb 2024 03:08:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6D9E94DF3BA47D4952ED8C654009754 Ref B: FRA31EDGE0110 Ref C: 2024-02-21T03:08:18Z
x-cache: CONFIG_NOCACHE

GET
BLOB 200
OK 0c114c96-2539-4b7c-9f8f-102f88468017
https://onboarding.ocbc.id/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onboarding.ocbc.id/0c114c96-2539-4b7c-9f8f-102f88468017
Requested by: Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6be5018a9e515f1a200a324245bb886d6ff555c128852e34ef90b72ea455236f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 7329
Content-Type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 21ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=291747482838875&ev=PageView&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&rl=&if=false&ts=1708484898169&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708484898168.1357046655&cs_est=true&ler=empty&cdl=API_unavailable&it=1708484898100&coo=false&exp=e1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Feb 2024 03:08:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
BLOB 200
OK edbc1a23-e4c1-4b85-8475-9af8085aff43
https://onboarding.ocbc.id/ 62 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onboarding.ocbc.id/edbc1a23-e4c1-4b85-8475-9af8085aff43
Requested by: Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05eebcf7403a7e8b8291ff1a83bba4297fccc262bdf884d4b418fe4f981c05a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 62
Content-Type: application/javascript

POST
H/1.1 200
OK token Show response
api.ocbc.id/api/oauth/ 109 B
2 KB 270ms
270ms XHR
application/json 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ocbc.id/api/oauth/token

Requested by

Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/static/js/525.2895c69a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

7661cc3f1944cbf04ae1a3d9facb842e3f82b941692ec780889aa9b27d977bf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data:;
Public-Key-Pins	pin-sha256="PJEezQTeoGDfG9QUA8S12W9Dhbe1/FM44UyoAlVeA74=";pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
Authorization: Basic MGMxMWU2NzAtYzM2Yi00ZjY1LTkxZTYtNzBjMzZiZWY2NTdkOjU4YTA1ZTQyLTYzODMtNDJmZS1hMDVlLTQyNjM4MzgyZmU5Mw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 21 Feb 2024 03:08:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data:;
Content-Encoding: gzip
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 6-95308544-94936734 sNYy RT(1708484898788 234) q(0 0 0 1) r(2 2) U6
x-envoy-upstream-service-time: 52
Connection: Keep-Alive
x-xss-protection: 1; mode=block
Public-Key-Pins: pin-sha256="PJEezQTeoGDfG9QUA8S12W9Dhbe1/FM44UyoAlVeA74=";pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000; includeSubDomains
pragma: no-cache
Referrer-Policy: origin
Server: istio-envoy
x-frame-options: SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
X-Gravitee-Transaction-Id: 23d68a57-caca-4eb1-968a-57caca5eb16b
cache-control: no-store
Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'
x-incap-sess-cookie-hdr: PgdfEmpmklaLBr7eb8IPciNp1WUAAAAAFsJEtVgtQMILzT4bp6cjLg==
Access-Control-Allow-Headers: Access-Control-Request-Headers, Access-Control-Request-Method,Origin, Accept, X-Requested-With, Content-Type, X-Client-Id, X-Client-Version, X-Device-Id, X-Auth-Token, Cache-Control, Access-Control-Allow-Headers, Authorization, timeout, headers, X-AOB-STATE, Access-Control-Allow-Origin, X-OCBCNISP-Key, X-OCBCNISP-Timestamp, X-OCBCNISP-Signature, X-OCBCNISP-Api-Key, X-Auth-Token, X-OCBCNISP-APIKey, X-OCBC-APIKey, X-OCBC-Timestamp, X-OCBC-Signature, Language, uuid, lang, APIKey
Keep-Alive: timeout=5, max=99

OPTIONS
H/1.1 204
No Content token
api.ocbc.id/api/oauth/ 0
0 817ms
223ms Preflight 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ocbc.id/api/oauth/token

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://onboarding.ocbc.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Access-Control-Request-Method,Origin, Accept, X-Requested-With, Content-Type, X-Client-Id, X-Client-Version, X-Device-Id, X-Auth-Token, Cache-Control, Access-Control-Allow-Headers, Authorization, timeout, headers, X-AOB-STATE, Access-Control-Allow-Origin, X-OCBCNISP-Key, X-OCBCNISP-Timestamp, X-OCBCNISP-Signature, X-OCBCNISP-Api-Key, X-Auth-Token, X-OCBCNISP-APIKey, X-OCBC-APIKey, X-OCBC-Timestamp, X-OCBC-Signature, Language, uuid, lang, APIKey
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Date: Wed, 21 Feb 2024 03:08:19 GMT
Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'
Keep-Alive: timeout=5, max=100
Referrer-Policy: origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-CDN: Imperva
X-Iinfo: 6-95308544-94936734 pNNy RT(1708484898788 9) q(0 1 1 1) r(3 3) U6
x-incap-sess-cookie-hdr: hfHGDK5LejOLBr7eb8IPciNp1WUAAAAA5xLjafpWXbJjhz9CtOnwiA==

GET
H/1.1 200
OK _Incapsula_Resource
onboarding.ocbc.id/ 1 B
851 B 12ms
12ms Image
text/plain 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.ocbc.id/_Incapsula_Resource?SWKMTFSR=1&e=0.4031757993658276

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/plain

GET
H2 204 0
bat.bing.com/action/ 0
286 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97053532&Ver=2&mid=7116eecf-ba76-4077-bcc2-a5bd81d669ff&sid=768f4e40d06611eebefcf33171f015a0&vid=768f7300d06611eeba003368523b3aab&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&r=&lt=2674&evt=pageLoad&sv=1&rn=570662

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Feb 2024 03:08:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC0E5F9F09CE4360A7F65321A0260E2D Ref B: FRA31EDGE0110 Ref C: 2024-02-21T03:08:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content consumers
api.ocbc.id/api/onboarding-v2/consumers-api/ 0
0 219ms
219ms Preflight 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ocbc.id/api/onboarding-v2/consumers-api/consumers

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,language,x-auth-token,x-ocbc-apikey,x-ocbc-signature,x-ocbc-timestamp
Access-Control-Request-Method: POST
Origin: https://onboarding.ocbc.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Access-Control-Request-Method,Origin, Accept, X-Requested-With, Content-Type, X-Client-Id, X-Client-Version, X-Device-Id, X-Auth-Token, Cache-Control, Access-Control-Allow-Headers, Authorization, timeout, headers, X-AOB-STATE, Access-Control-Allow-Origin, X-OCBCNISP-Key, X-OCBCNISP-Timestamp, X-OCBCNISP-Signature, X-OCBCNISP-Api-Key, X-Auth-Token, X-OCBCNISP-APIKey, X-OCBC-APIKey, X-OCBC-Timestamp, X-OCBC-Signature, Language, uuid, lang, APIKey
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Date: Wed, 21 Feb 2024 03:08:20 GMT
Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'
Keep-Alive: timeout=5, max=100
Referrer-Policy: origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-CDN: Imperva
X-Iinfo: 6-95308544-94936734 sNNy RT(1708484898788 512) q(0 0 0 2) r(2 2) U6
x-incap-sess-cookie-hdr: FLp8Y7D2H3aLBr7eb8IPciNp1WUAAAAAw5LpClRXxJeT1IJwxw8Jkw==

POST
H/1.1 200
OK consumers Show response
api.ocbc.id/api/onboarding-v2/consumers-api/ 1 KB
3 KB 347ms
346ms XHR
application/json 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ocbc.id/api/onboarding-v2/consumers-api/consumers

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/f122811010086.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

7fa739a4e834121f66d88726b94c830d28a74ecd70ae05ae1ea86074ce276105

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data:;
Public-Key-Pins	pin-sha256="PJEezQTeoGDfG9QUA8S12W9Dhbe1/FM44UyoAlVeA74=";pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-OCBC-Signature: YmNlMmQwMWQtYTlkYy00ZDFjLTgyOTgtYzNiNzliOTU1YTViOjgwZGJiZWIzNjJhNGFiNjY3YjI4MzUyN2E2MGZjZmE4Y2ZhNmUxNzQ0Y2VjYjQ3ZGEwNmZmMGM2YjkzYTgzYWQ6MTIzNDU2Nzg5OjIwMjQtMDItMjFUMDQ6MDg6MjArMDE6MDA=
Language: id
X-OCBC-Timestamp: 2024-02-21T04:08:20+01:00
accept-language: de-DE,de;q=0.9
Authorization: Bearer 0ed5cc51-a8c4-4db1-9cc8-5b1e7b474393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer
X-Auth-Token: eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYyI6IkExMjhHQ00ifQ.KBEC8bNzNcQuJYQP0cRtga2l4oksDaB8ju4lc3D9XSQ1TzTTclSiVoJ2GG3qTJVZr_E__welPr9YNJsrcfeJdY3NBceiH-uHOOJNTqIRChMtched6c4GhLOgq-RMmmzhNtxt-fxkF-zzvtyJ31CK1ZlzX46RBX53srEpsXWj6PU.YGR5reS5KWjXUclf.mw-q6oWLliSX4vUM_4wM5GDlGEQb4ZiF65EdgNaQSbAKppqnVpgsNmhPY7reBLwHMe4uutbm7bwyGmxlLLUqdT9lOu2BmWJb_DBc00nX3Dvvo9aTzWzI9Oxof09Lr4Vc2vxldkQZ9RvYjjuoQOmVr8oPgdT69KKrlAAE1J9CRtYrFOwuxpwDf7Axtb9NOEzjnjInu3CvpKaD7lAQNYUeJGlNGar5_cfr1QB548J4Tc7jmfEq-wHesh5gcpNsKhlgw0vQBR7iqea0eBqzG7mG0gcqxKuShPO3Xb6WnUfr_kvXriy-y8xRpxpF4l8z-FPB_nwEswzm_crqOaJyKly2S2djbuzhwI5CjcmKWDPELGPxLZULhxFUP_cJA17DrnSt7QjTHV_VJFEuG9E5FmdJmZQCYYDS3Bel9k3nDA1QpQYZbXGXPrF4e4Zi1vX7_WFSVC1JdgmgzSPtoXirZ8J4px9ZprELKtomVrYP5eCQz1zDmZ1w1GIuSJjnjPIDmNhSGFWmi1LLrprXxbvNZ_M5i0UUX9H75Gcr4Tn-vC0TEwoZwz8TgR3ceqbGi2WrGEFI54najZhqPA.M2Ve6DN6PLZzyE5CNd6igA
X-OCBC-APIKey: bce2d01d-a9dc-4d1c-8298-c3b79b955a5b

Response headers

Date: Wed, 21 Feb 2024 03:08:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data:;
Content-Encoding: gzip
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 6-95308544-94936734 sNYy RT(1708484898788 732) q(0 0 0 0) r(3 3) U6
x-envoy-upstream-service-time: 90
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Public-Key-Pins: pin-sha256="PJEezQTeoGDfG9QUA8S12W9Dhbe1/FM44UyoAlVeA74=";pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000; includeSubDomains
Referrer-Policy: origin
Server: istio-envoy
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
Access-Control-Allow-Origin: *
X-Gravitee-Transaction-Id: 771b9b9e-0cd1-416f-9b9b-9e0cd1b16fba
Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'
x-incap-sess-cookie-hdr: k9F9OIAy4hSLBr7eb8IPciNp1WUAAAAAqEFQAOZ2PVY0/m6kN3+EoQ==
Access-Control-Allow-Headers: Access-Control-Request-Headers, Access-Control-Request-Method,Origin, Accept, X-Requested-With, Content-Type, X-Client-Id, X-Client-Version, X-Device-Id, X-Auth-Token, Cache-Control, Access-Control-Allow-Headers, Authorization, timeout, headers, X-AOB-STATE, Access-Control-Allow-Origin, X-OCBCNISP-Key, X-OCBCNISP-Timestamp, X-OCBCNISP-Signature, X-OCBCNISP-Api-Key, X-Auth-Token, X-OCBCNISP-APIKey, X-OCBC-APIKey, X-OCBC-Timestamp, X-OCBC-Signature, Language, uuid, lang, APIKey
Keep-Alive: timeout=5, max=99

POST
H/1.1 200
OK rb_5c003577-c0b3-43f7-b511-9e67acc995e0 Show response
onboarding.ocbc.id/ 142 B
2 KB 559ms
559ms XHR
text/plain 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/rb_5c003577-c0b3-43f7-b511-9e67acc995e0?type=js3&sn=v_4_srv_1_sn_9B8D86670B4B63AECC7C68EBAD2CCAB6_perc_100000_ol_0_mul_1_app-3A0be9a9478dc37b34_0&svrid=1&flavor=post&vi=CPRPQMURKGIIBRHDGWCVGJULLENRSENK-0&modifiedSince=1708483359267&rf=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&bp=3&app=0be9a9478dc37b34&crc=3170787133&en=t99b2hhc&end=1

Requested by

Host: onboarding.ocbc.id
URL: https://onboarding.ocbc.id/ruxitagentjs_ICA2NVfqru_10257230921194352.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

cd0e69822b92344a4e210d8ac10f3de8fa56069d464caed89ec895ea7dbf72f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Feb 2024 03:08:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-CDN: Imperva
Cross-Origin-Embedder-Policy: unsafe-none
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Transfer-Encoding: chunked
X-Iinfo: 12-193305856-193306911 NNYN CT(174 174 0) RT(1708484897170 2189) q(0 0 4 -1) r(6 6) U6
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
x-incap-sess-cookie-hdr: FBHxGgfUvjuG2b3eb8IPciNp1WUAAAAAVfcOCDJMUkvraTWZeqSVhg==

GET
H/1.1 200
OK 0.00b02be2.chunk.js Show response
onboarding.ocbc.id/static/js/ 22 KB
8 KB 23ms
22ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/0.00b02be2.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

79f45bdc9f69fa84669d5011346718c5d81648547ca57e6c6391cd120f150c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:16 GMT
X-CDN: Imperva
Etag: W/"65d380ec-57af"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 12-193305857-193305070 2CNN RT(1708484897170 2711) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1683, public
Content-Length: 6857
Expires: Wed, 21 Feb 2024 03:36:23 GMT

GET
H/1.1 200
OK 2.56e27b59.chunk.js Show response
onboarding.ocbc.id/static/js/ 17 KB
7 KB 24ms
23ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/2.56e27b59.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

738cfc8dab65fb25d8dce1df4c269f8f51f839fd5851ee508dccb4bddf774781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:16 GMT
X-CDN: Imperva
Etag: W/"65d380ec-432e"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 12-193305855-193306596 2CNN RT(1708484897170 2717) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1709, public
Content-Length: 5547
Expires: Wed, 21 Feb 2024 03:36:49 GMT

GET
H/1.1 200
OK 6.8002a44e.chunk.js Show response
onboarding.ocbc.id/static/js/ 31 KB
10 KB 25ms
24ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/6.8002a44e.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8a8848df7b0452efa4da7c3b20265de0cf5e25ce780fc52c22355b29ef69a5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:18 GMT
X-CDN: Imperva
Etag: W/"65d380ee-7ddd"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 12-193305853-193304690 2CNN RT(1708484897170 2723) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1931, public
Content-Length: 9136
Expires: Wed, 21 Feb 2024 03:40:30 GMT

GET
H/1.1 200
OK 34.65c20ccc.chunk.js Show response
onboarding.ocbc.id/static/js/ 90 KB
27 KB 16ms
16ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/34.65c20ccc.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9e3a3654dc6cf051237422970bab0760b618a34fe68393fb9fcb90c0629a9370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:16 GMT
X-CDN: Imperva
Etag: W/"65d380ec-16943"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 9-140920559-140919840 2CNN RT(1708484897170 2711) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1932, public
Content-Length: 26426
Expires: Wed, 21 Feb 2024 03:40:31 GMT

GET
H/1.1 200
OK 65.dd946b1a.chunk.css
onboarding.ocbc.id/static/css/ 4 KB
3 KB 15ms
15ms Stylesheet
text/css 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/css/65.dd946b1a.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

df51d445d935c699257a71414318c0c3890df9128c863de2b981711f9b522685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:22:48 GMT
X-CDN: Imperva
Etag: W/"65d38058-10f1"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: text/css
X-Iinfo: 7-117035919-117033036 2CNN RT(1708484896414 3468) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=1420, public
Content-Length: 1489
Expires: Wed, 21 Feb 2024 03:32:00 GMT

GET
H/1.1 200
OK 65.aec0785a.chunk.js Show response
onboarding.ocbc.id/static/js/ 166 KB
59 KB 12ms
12ms Script
application/javascript 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.ocbc.id/static/js/65.aec0785a.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a0e80b29eab8760fc9319e5cd3c2d0d8e22c2c3654e1130177ecc1f5168f7a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:25:18 GMT
X-CDN: Imperva
Etag: W/"65d380ee-2983c"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: application/javascript
X-Iinfo: 7-117035919-117036849 2CNN RT(1708484896414 3483) q(0 1 1 -1) r(1 1) U18
Cache-Control: max-age=1932, public
Content-Length: 58894
Expires: Wed, 21 Feb 2024 03:40:32 GMT

OPTIONS
H/1.1 204
No Content transaction
api.ocbc.id/api/onboarding-v2/loans-api/ 0
0 205ms
205ms Preflight 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ocbc.id/api/onboarding-v2/loans-api/transaction

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,language,x-auth-token,x-ocbc-apikey,x-ocbc-signature,x-ocbc-timestamp
Access-Control-Request-Method: POST
Origin: https://onboarding.ocbc.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Access-Control-Request-Method,Origin, Accept, X-Requested-With, Content-Type, X-Client-Id, X-Client-Version, X-Device-Id, X-Auth-Token, Cache-Control, Access-Control-Allow-Headers, Authorization, timeout, headers, X-AOB-STATE, Access-Control-Allow-Origin, X-OCBCNISP-Key, X-OCBCNISP-Timestamp, X-OCBCNISP-Signature, X-OCBCNISP-Api-Key, X-Auth-Token, X-OCBCNISP-APIKey, X-OCBC-APIKey, X-OCBC-Timestamp, X-OCBC-Signature, Language, uuid, lang, APIKey
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Date: Wed, 21 Feb 2024 03:08:20 GMT
Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'
Keep-Alive: timeout=5, max=98
Referrer-Policy: origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-CDN: Imperva
X-Iinfo: 6-95308544-94936734 sNNy RT(1708484898788 1143) q(0 0 0 0) r(2 2) U6
x-incap-sess-cookie-hdr: f2feHBAO7DWLBr7eb8IPciRp1WUAAAAAYPzoAGKbPRlsxtBFMWzjNQ==

POST
H/1.1 200
OK transaction Show response
api.ocbc.id/api/onboarding-v2/loans-api/ 402 B
3 KB 313ms
313ms XHR
application/json 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ocbc.id/api/onboarding-v2/loans-api/transaction

Requested by

Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/f122811010086.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

957ff832eb999af9e76fe34a8fe0b350a1968108bd30a2750cea7e57ea7da0e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data:;
Public-Key-Pins	pin-sha256="PJEezQTeoGDfG9QUA8S12W9Dhbe1/FM44UyoAlVeA74=";pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000; includeSubDomains
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-OCBC-Signature: YmNlMmQwMWQtYTlkYy00ZDFjLTgyOTgtYzNiNzliOTU1YTViOjBlOTQxYmYxYWYyNzRmNGE4MWU2NGFlZjg5MTU5NzMxOTE0NGE2ZThiMzAyZDAxYWM4MWEwNTYxMmZkZTA4OGM6MTIzNDU2Nzg5OjIwMjQtMDItMjFUMDQ6MDg6MjArMDE6MDA=
Language: id
X-OCBC-Timestamp: 2024-02-21T04:08:20+01:00
accept-language: de-DE,de;q=0.9
Authorization: Bearer 0ed5cc51-a8c4-4db1-9cc8-5b1e7b474393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer
X-Auth-Token: eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYyI6IkExMjhHQ00ifQ.GWRtagd-4vyFKkWMPzLXiXtiNfv7T9dOR6brIiHylWgaxld4K2Qh2H-WEsNV9Zh0Br24ue5JIwuiJUo1LITDCBWIB6aB5ub7jDi7hOi3lb2khR5qJmOuTBNuMbCrWgXh5jmPR5jjRLy6TvoSTo3ZxikUODCMAcnrw9DPv6oXoeY.27B0ViX1qV_rmwGe.c1PEJJl66GYuHbueYHlcTNq0umaEvXCa4sgp2N21ECGR5OhplJfMJOHGRX_AUICFgyanq3vEETBIYqbtIFKlbbmV8Cj5QRHbtn31kbNZSW4uKB3JBcF0Me2Q1TULPgmBOGFfPKfBqY_CVGNGYmVHv1ChgnLcbLQS_jAJSicYSdGX_5xMlzNXpzq6RUz-kpdzATs6cU7J8_AGoECIzCG7-qX7NYnl-hUE5Ps1Qy3cuYFHOi_uFZHQYYsjRKZhLK0Nav1HcOUIPMUIL7YC8ZPowM4OEguHE6DEMWsCWKNvXOg5GhIWVifwOAv3s6Y0hoAOYksarPM8lzQGGqWRdfwXmw_ywBhqHl_sxmwp973f6jAvE8BnMJ6M1ysk6Hobldts5O5AXYXUc1GbeqJT6bGG9TMK7xBTVdOOeQraBQW5kNtOFV5KM9FbZk0Emgi9kiQElwqyGfOVYJM5FVy742P63AbtTTMPHzC2FYsKMNI0JFum9jVJQkV_FMkVoh48Uy0Jr4ccXGizBZVlqcbZxOJ82xlcnnBTVgpyCcCa3FPDkBeHuDQojf81d0RP9wqvSLXNkjc5A-vggJoyM8hsQT5dMP4prWDSVdjoRJ2B8959FmUDWPqzkVUBo90fQq5nIQH1-eJ84Odciib5FpY1N4VtGE4xpb6lulHnZQQTfR5VkgrLObVnEKcaiyCafCnhZgHjRJeR-pYCzxe3-mFJXKSVyB__RnoW_gXJ_WSnhC_cv8c6doIZrzuojCCJ3FU.UO-lGBCsEL7-pfSPMgEx3Q
X-OCBC-APIKey: bce2d01d-a9dc-4d1c-8298-c3b79b955a5b

Response headers

Date: Wed, 21 Feb 2024 03:08:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data:;
Content-Encoding: gzip
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 6-95308544-94936734 sNYy RT(1708484898788 1349) q(0 0 0 0) r(3 3) U6
x-envoy-upstream-service-time: 53
Connection: Keep-Alive
x-xss-protection: 1; mode=block
Public-Key-Pins: pin-sha256="PJEezQTeoGDfG9QUA8S12W9Dhbe1/FM44UyoAlVeA74=";pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000; includeSubDomains
Referrer-Policy: origin
Server: istio-envoy
x-download-options: noopen
x-frame-options: SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
Access-Control-Allow-Origin: *
X-Gravitee-Transaction-Id: 3099687a-0949-482a-9968-7a0949a82a3a
Feature-Policy: geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; vr 'none'; speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'
x-incap-sess-cookie-hdr: OOfhM3/aExuLBr7eb8IPciRp1WUAAAAAf6tbXVXx1YlZQtCzFne7gg==
Access-Control-Allow-Headers: Access-Control-Request-Headers, Access-Control-Request-Method,Origin, Accept, X-Requested-With, Content-Type, X-Client-Id, X-Client-Version, X-Device-Id, X-Auth-Token, Cache-Control, Access-Control-Allow-Headers, Authorization, timeout, headers, X-AOB-STATE, Access-Control-Allow-Origin, X-OCBCNISP-Key, X-OCBCNISP-Timestamp, X-OCBCNISP-Signature, X-OCBCNISP-Api-Key, X-Auth-Token, X-OCBCNISP-APIKey, X-OCBC-APIKey, X-OCBC-Timestamp, X-OCBC-Signature, Language, uuid, lang, APIKey
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK home-slide-1.3de73727.jpg
onboarding.ocbc.id/static/media/ 29 KB
30 KB 464ms
463ms Image
image/jpeg 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.ocbc.id/static/media/home-slide-1.3de73727.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

40524355d7591b5a29231cc501532827d00646e77ab81537328e55ce748685e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:21 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:22:46 GMT
X-CDN: Imperva
Etag: "65d38056-749d"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: image/jpeg
X-Iinfo: 7-117035919-117036849 3CNN RT(1708484896414 4066) q(0 0 0 -1) r(5 5) U18
Cache-Control: max-age=1470, public
Content-Length: 29602
Expires: Wed, 21 Feb 2024 03:32:51 GMT

GET
H/1.1 200
OK home-slide-2.28b0d136.jpg
onboarding.ocbc.id/static/media/ 40 KB
41 KB 498ms
497ms Image
image/jpeg 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.ocbc.id/static/media/home-slide-2.28b0d136.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e955d29f2fec2e5be3261070e876a07f3fc2ee6249933ce1476e23e7a765ca19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:21 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:22:46 GMT
X-CDN: Imperva
Etag: "65d38056-9f19"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: image/jpeg
X-Iinfo: 12-193305853-193305859 3CNN RT(1708484897170 3310) q(0 0 0 -1) r(5 5) U18
Cache-Control: max-age=1245, public
Content-Length: 40729
Expires: Wed, 21 Feb 2024 03:29:06 GMT

GET
H/1.1 200
OK home-slide-3.69d2597a.jpg
onboarding.ocbc.id/static/media/ 50 KB
51 KB 468ms
467ms Image
image/jpeg 45.60.34.152
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.ocbc.id/static/media/home-slide-3.69d2597a.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.152 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cf29f7e0af6ea0a70d379c63e182a4679e4630106541c25f38e2e6d1b4e07a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 03:08:21 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 19 Feb 2024 16:22:46 GMT
X-CDN: Imperva
Etag: "65d38056-c932"
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net *.googleapis.com t.co *.facebook.com wss://videokyc.ocbc.id *.windows.net *.ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id *.facebook.net *.clarity.ms api.ocbc.id ipv4.icanhazip.com *.twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id *.gstatic.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type: image/jpeg
X-Iinfo: 12-193305856-193305860 3CNN RT(1708484897170 3314) q(0 0 0 -1) r(5 5) U18
Cache-Control: max-age=1934, public
Content-Length: 51506
Expires: Wed, 21 Feb 2024 03:40:35 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
25 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onboarding.ocbc.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:07:37 GMT
x-content-type-options: nosniff
age: 64844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 09:07:37 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8cacbd6100acdb8203a8ea317178f80f70204f67034a7c5e06ea248d45cd94d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e84b4c1ac8adf0201a85ce2595c25ebaba1521e4851e236324ab60dc6e1eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
web.ocbc.id/	1969-12-31 23:59:59	Name: d7ab7b6337493a6abe1c5f187979eadc Value: f33da1bd541be02c7172e7fddfb01f0c
.ocbc.id/	1970-01-21 03:20:03	Name: visid_incap_3026701 Value: EZ3qUKW4SDWgEL1FCzzMwtpo1WUAAAAAQUIPAAAAAABCoFlwxrGFjgeNjrpxhrIC
.ocbc.id/	1969-12-31 23:59:59	Name: nlbi_3026701 Value: CMRoDcbllgO9pRW/Eos26QAAAABhma/g6MtdHho198ry6ti4
.ocbc.id/	1969-12-31 23:59:59	Name: incap_ses_8219_3026701 Value: 9XH5UmtpdzSVy7reb8IPciBp1WUAAAAA4oLo6OgDbVlC8iuFFmO5FA==
.ocbc.id/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_1_sn_9B8D86670B4B63AECC7C68EBAD2CCAB6_perc_100000_ol_0_mul_1_app-3A0be9a9478dc37b34_0
.ocbc.id/	1970-01-21 03:20:03	Name: visid_incap_3027880 Value: nWNTmrC7T6qzeuXiF2DlMiBp1WUAAAAAQUIPAAAAAABZSPjw1nTTY4Z0I/YQJPrH
.ocbc.id/	1969-12-31 23:59:59	Name: nlbi_3027880 Value: g9loPiIuQV9FDP2fbU3vegAAAAAFNa2rCUnNRId8AqsoY3V/
.ocbc.id/	1969-12-31 23:59:59	Name: incap_ses_8219_3027880 Value: iXvXVIH80XCG2b3eb8IPciFp1WUAAAAAiMOESNKRgMpSXb2xSsoteg==
.ocbc.id/	1969-12-31 23:59:59	Name: rxVisitor Value: 1708484897916U4OB4FE84GDFUQ3AI7BFB4Q2E79RTUS1
.ocbc.id/	1969-12-31 23:59:59	Name: dtLatC Value: 438
.ocbc.id/	1969-12-31 23:59:59	Name: dtSa Value: -
.ocbc.id/	1970-01-20 20:44:20	Name: _gcl_au Value: 1.1.683599312.1708484898
.ocbc.id/	1970-01-21 04:10:44	Name: _ga Value: GA1.1.1550929260.1708484898
.ocbc.id/	1970-01-21 04:10:44	Name: _ga_63LCTGGHR6 Value: GS1.1.1708484898.1.1.1708484898.0.0.0
.ocbc.id/	1970-01-21 04:04:08	Name: _cs_c Value: 1
.ocbc.id/	1970-01-21 04:04:08	Name: _cs_id Value: 230a2b57-ae51-a300-bda0-9939d687e4b4.1708484898.1.1708484898.1708484898.1.1742648898158.1
.ocbc.id/	1970-01-20 18:34:46	Name: _cs_s Value: 1.0.0.1708486698159
.ocbc.id/	1970-01-20 20:44:20	Name: _fbp Value: fb.1.1708484898168.1357046655
.t.co/	1970-01-21 04:10:44	Name: muc_ads Value: 696a2539-0cc4-49a0-9703-1b7cf85ab307
.twitter.com/	1970-01-21 04:10:44	Name: personalization_id Value: "v1_6R3mYs9xNZp0aVFRVlMp4A=="
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: utm_source Value: Telesales
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: utm_medium Value: DigitalLending
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: utm_content Value: Call_
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: utm_campaign Value: O_LEN_DigitalLending-Telesales
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: utm_term Value: Telesales
.ocbc.id/	1970-01-20 18:36:11	Name: _uetsid Value: 768f4e40d06611eebefcf33171f015a0
.ocbc.id/	1970-01-21 03:56:20	Name: _uetvid Value: 768f7300d06611eeba003368523b3aab
.bing.com/	1970-01-21 03:56:20	Name: MUID Value: 0ED1F850E12D602A32E2EC7CE0816136
.ocbc.id/	1969-12-31 23:59:59	Name: rxvt Value: 1708486698979\|1708484897917
.ocbc.id/	1969-12-31 23:59:59	Name: dtPC Value: 1$284897915_129h-vCPRPQMURKGIIBRHDGWCVGJULLENRSENK-0e0
onboarding.ocbc.id/	1970-01-20 18:34:45	Name: ocbc.open.api.token Value: 0ed5cc51-a8c4-4db1-9cc8-5b1e7b474393
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: wob.anom.token Value: eyJhbGciOiJSU0EtT0FFUCIsImN0eSI6IkpXVCIsImVuYyI6IkExMjhHQ00ifQ.GWRtagd-4vyFKkWMPzLXiXtiNfv7T9dOR6brIiHylWgaxld4K2Qh2H-WEsNV9Zh0Br24ue5JIwuiJUo1LITDCBWIB6aB5ub7jDi7hOi3lb2khR5qJmOuTBNuMbCrWgXh5jmPR5jjRLy6TvoSTo3ZxikUODCMAcnrw9DPv6oXoeY.27B0ViX1qV_rmwGe.c1PEJJl66GYuHbueYHlcTNq0umaEvXCa4sgp2N21ECGR5OhplJfMJOHGRX_AUICFgyanq3vEETBIYqbtIFKlbbmV8Cj5QRHbtn31kbNZSW4uKB3JBcF0Me2Q1TULPgmBOGFfPKfBqY_CVGNGYmVHv1ChgnLcbLQS_jAJSicYSdGX_5xMlzNXpzq6RUz-kpdzATs6cU7J8_AGoECIzCG7-qX7NYnl-hUE5Ps1Qy3cuYFHOi_uFZHQYYsjRKZhLK0Nav1HcOUIPMUIL7YC8ZPowM4OEguHE6DEMWsCWKNvXOg5GhIWVifwOAv3s6Y0hoAOYksarPM8lzQGGqWRdfwXmw_ywBhqHl_sxmwp973f6jAvE8BnMJ6M1ysk6Hobldts5O5AXYXUc1GbeqJT6bGG9TMK7xBTVdOOeQraBQW5kNtOFV5KM9FbZk0Emgi9kiQElwqyGfOVYJM5FVy742P63AbtTTMPHzC2FYsKMNI0JFum9jVJQkV_FMkVoh48Uy0Jr4ccXGizBZVlqcbZxOJ82xlcnnBTVgpyCcCa3FPDkBeHuDQojf81d0RP9wqvSLXNkjc5A-vggJoyM8hsQT5dMP4prWDSVdjoRJ2B8959FmUDWPqzkVUBo90fQq5nIQH1-eJ84Odciib5FpY1N4VtGE4xpb6lulHnZQQTfR5VkgrLObVnEKcaiyCafCnhZgHjRJeR-pYCzxe3-mFJXKSVyB__RnoW_gXJ_WSnhC_cv8c6doIZrzuojCCJ3FU.UO-lGBCsEL7-pfSPMgEx3Q
onboarding.ocbc.id/	1970-01-20 18:36:11	Name: kta.uuid Value: aa52c234-1406-4acb-9cc5-2dd9fdcc90e9

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c(Line 178) Message: [Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-63LCTGGHR6&gtm=45je42h0v9169772768z89169770959za200&_p=1708484897932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1550929260.1708484898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&sid=1708484898&sct=1&seg=0&dt=&en=KTA_Landing&_fv=1&_nsi=1&_ss=1&ep.feature=produk%20pinjaman%20individu&tfd=1818' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net .googleapis.com t.co .facebook.com wss://videokyc.ocbc.id .windows.net .ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id .facebook.net .clarity.ms api.ocbc.id ipv4.icanhazip.com .twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id .gstatic.com www.google.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c(Line 178) Message: [Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-63LCTGGHR6&gtm=45je42h0v9169772768z89169770959za200&_p=1708484897932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1550929260.1708484898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&sid=1708484898&sct=1&seg=0&dt=&en=KTA_Landing&_fv=1&_nsi=1&_ss=1&ep.feature=produk%20pinjaman%20individu&tfd=1818' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net .googleapis.com t.co .facebook.com wss://videokyc.ocbc.id .windows.net .ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id .facebook.net .clarity.ms api.ocbc.id ipv4.icanhazip.com .twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id .gstatic.com www.google.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c(Line 178) Message: [Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-63LCTGGHR6&gtm=45je42h0v9169772768za200&_p=1708484897932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1550929260.1708484898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1708484898&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&dt=&en=scroll&epn.percent_scrolled=90&_et=6&tfd=1850' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net .googleapis.com t.co .facebook.com wss://videokyc.ocbc.id .windows.net .ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id .facebook.net .clarity.ms api.ocbc.id ipv4.icanhazip.com .twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id .gstatic.com www.google.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-63LCTGGHR6&l=dataLayer&cx=c(Line 178) Message: [Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-63LCTGGHR6&gtm=45je42h0v9169772768za200&_p=1708484897932&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1550929260.1708484898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=2&sid=1708484898&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.ocbc.id%2Flending%2Fkta%3Fforce%3Dtrue%26utm_source%3DTelesales%26utm_medium%3DDigitalLending%26utm_campaign%3DO_LEN_DigitalLending-Telesales%26utm_term%3DTelesales%26utm_content%3DCall_&dt=&en=scroll&epn.percent_scrolled=90&_et=6&tfd=1850' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: q-aeu1.contentsquare.net unpkg.com onboarding.ocbc.id bat.bing.com tessdata.projectnaptha.com www.google-analytics.com www.googletagmanager.com c.contentsquare.net .googleapis.com t.co .facebook.com wss://videokyc.ocbc.id .windows.net .ads-twitter.com k-aeu1.contentsquare.net wss://ekycverification.ocbc.id .facebook.net .clarity.ms api.ocbc.id ipv4.icanhazip.com .twitter.com srm.ba.contentsquare.net t.contentsquare.net adservice.google.com videokyc.ocbc.id .gstatic.com www.google.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other	warning	URL: https://connect.facebook.net/signals/config/291747482838875?v=2.9.147&r=stable&domain=onboarding.ocbc.id&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://onboarding.ocbc.id/lending/kta?force=true&utm_source=Telesales&utm_medium=DigitalLending&utm_campaign=O_LEN_DigitalLending-Telesales&utm_term=Telesales&utm_content=Call_ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.ocbc.id
bat.bing.com
c.contentsquare.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
onboarding.ocbc.id
region1.google-analytics.com
static.ads-twitter.com
t.co
t.contentsquare.net
web.ocbc.id
www.facebook.com
www.googletagmanager.com
104.244.42.131
104.244.42.5
199.232.188.157
2001:4860:4802:34::36
2620:1ec:c11::200
2a00:1450:4001:809::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
45.60.34.152
54.154.207.226
99.84.88.50
05eebcf7403a7e8b8291ff1a83bba4297fccc262bdf884d4b418fe4f981c05a7
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
24f05a94d6f6ba8ac8e58310ae9e8e0ba2a8fe4bc12c7ff1f23c6ba816df272c
2aa084b85a716a65616189c247398c2885c841c75dc609162407df1b6f5dd958
40524355d7591b5a29231cc501532827d00646e77ab81537328e55ce748685e6
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
52e84b4c1ac8adf0201a85ce2595c25ebaba1521e4851e236324ab60dc6e1eb4
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5ec34ef8642285992f0e3b045d83f5518d233b7c2047183de1b7d9ecd41127df
6be5018a9e515f1a200a324245bb886d6ff555c128852e34ef90b72ea455236f
738cfc8dab65fb25d8dce1df4c269f8f51f839fd5851ee508dccb4bddf774781
7661cc3f1944cbf04ae1a3d9facb842e3f82b941692ec780889aa9b27d977bf8
79f45bdc9f69fa84669d5011346718c5d81648547ca57e6c6391cd120f150c53
7fa739a4e834121f66d88726b94c830d28a74ecd70ae05ae1ea86074ce276105
864056479809f912c6b3aff0a64d190de09be459d216fd3258b047df34b50f3c
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8a8848df7b0452efa4da7c3b20265de0cf5e25ce780fc52c22355b29ef69a5d0
8b8f848ab7852d3f2474c88f0ff7c62530526f251cd517191d36819f2321ad80
9044c1cc13a0023fd29299a64231221566108452e99242c5d19f680c874bdb15
957ff832eb999af9e76fe34a8fe0b350a1968108bd30a2750cea7e57ea7da0e1
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
9e3a3654dc6cf051237422970bab0760b618a34fe68393fb9fcb90c0629a9370
a0e80b29eab8760fc9319e5cd3c2d0d8e22c2c3654e1130177ecc1f5168f7a7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c8cacbd6100acdb8203a8ea317178f80f70204f67034a7c5e06ea248d45cd94d
cd0e69822b92344a4e210d8ac10f3de8fa56069d464caed89ec895ea7dbf72f4
cf29f7e0af6ea0a70d379c63e182a4679e4630106541c25f38e2e6d1b4e07a17
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d4f22cf50113228a89fa74df7e03462c654adeca6ee923cbc26f598e416b5a38
d648144f9a77739981580535eedd64ac51a8664053f7b16b569f969ec2c1c1e9
d964345df1ac0537d1c72888392962fb549a24d87ff74776b3efcaa3b1100a0c
df51d445d935c699257a71414318c0c3890df9128c863de2b981711f9b522685
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50ae2eb0e63a113caa4484298c8f8252001f46d20b1560fb63b08a101df6d8d
e7933d8a9be620736d28b2a50bd15017f3fd7d4b34142f25ed82ae553dbc2c0b
e955d29f2fec2e5be3261070e876a07f3fc2ee6249933ce1476e23e7a765ca19
e9b93dbae98dbd5e293ce995d0f31ea396f2c5547fdf87a0eaa3a2b0bd727ffa
f2b349213dd1e0cf23811f03410a20540538b207b5e574e1549274492cca6a76

onboarding.ocbc.id Open in urlscan Pro 45.60.34.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

54 %IPv6

12 Domains

15 Subdomains

14 IPs

3 Countries

1521 kBTransfer

5098 kBSize

33 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onboarding.ocbc.id Open in urlscan Pro
45.60.34.152 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

54 %
IPv6

12
Domains

15
Subdomains

14
IPs

3
Countries

1521 kB
Transfer

5098 kB
Size

33
Cookies

47 HTTP transactions
3 data transactions