urlscan.io logo urlscan.io
SecurityTrails logo

www.bankakp.co.id Open in urlscan Pro
103.13.206.89  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bankakp.co.id/
Submission: On November 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 103.13.206.89, located in Indonesia and belongs to CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG. The main domain is www.bankakp.co.id.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.
This is the only time www.bankakp.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 103.13.206.89 138608 (CLOUDHOST...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.55.39.250 136052 (IDNIC-IDC...)
2 162.19.58.156 16276 (OVH)
13 6
3    103.13.206.89 (Indonesia)

ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG)
PTR: ip89.206.13.103.in-addr.arpa.unknwn.cloudhost.asia
www.bankakp.co.id
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    103.55.39.250 (Indonesia)

ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID)
PTR: is3.cloudhost.id
is3.cloudhost.id
2    162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu
i.ibb.co
Apex Domain
Subdomains		 Transfer
3 bankakp.co.id
www.bankakp.co.id
580 KB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 10616
295 KB
1 cloudhost.id
is3.cloudhost.id
26 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
0 Failed
function sub() { [native code] }. Failed
13 6
Domain Requested by
3 www.bankakp.co.id www.bankakp.co.id
2 i.ibb.co www.bankakp.co.id
1 is3.cloudhost.id www.bankakp.co.id
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.bankakp.co.id
0 127.0.0.1 Failed www.bankakp.co.id
0 103.13.206.89 Failed www.bankakp.co.id
13 7

This site contains no links.

Subject Issuer Validity Valid
bankakp.co.id
R3		 2022-11-30 -
2023-02-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.is3.cloudhost.id
Sectigo RSA Domain Validation Secure Server CA		 2022-01-23 -
2023-02-23		 a year crt.sh
ibb.co
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bankakp.co.id/
Frame ID: EC4DA4690BB80A0CDD748B587F0CABF6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank AKP

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

62 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

946 kB
Transfer

960 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bankakp.co.id/ 		1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bankakp.co.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.13.206.89 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
ip89.206.13.103.in-addr.arpa.unknwn.cloudhost.asia
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
44c0282e520092f83a200fbc0d283c503db5af3bbfc1e729b349978085c3027c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 30 Nov 2022 09:47:38 GMT
ETag
W/"63871fa5-40c"
Last-Modified
Wed, 30 Nov 2022 09:17:25 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,400&display=swap
Requested by
Host: www.bankakp.co.id
URL: https://www.bankakp.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f686b619e0b37e6849ae2ce29a47c5015eccf79256127b5c2333b31bdac6dfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankakp.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Nov 2022 09:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 09:38:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Nov 2022 09:47:39 GMT
main.7a9cf9f2.js
www.bankakp.co.id/static/js/ 		413 KB
413 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bankakp.co.id/static/js/main.7a9cf9f2.js
Requested by
Host: www.bankakp.co.id
URL: https://www.bankakp.co.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.13.206.89 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
ip89.206.13.103.in-addr.arpa.unknwn.cloudhost.asia
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
456822e8e7e3baeb10f6e8eb947adbe165d4f4ab93fcff0bc58157e91f2b2478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankakp.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 09:47:39 GMT
Last-Modified
Wed, 30 Nov 2022 09:17:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63871fa5-672d1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
422609
main.9994c11c.css
www.bankakp.co.id/static/css/ 		166 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bankakp.co.id/static/css/main.9994c11c.css
Requested by
Host: www.bankakp.co.id
URL: https://www.bankakp.co.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.13.206.89 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG),
Reverse DNS
ip89.206.13.103.in-addr.arpa.unknwn.cloudhost.asia
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
633242be27ad85fcd26828a7edd36f2b4bfa6b71b8cc296df3cc601ec7a4bce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankakp.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 09:47:39 GMT
Last-Modified
Wed, 30 Nov 2022 09:17:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63871fa5-296a3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
169635
info
103.13.206.89/api/ 		0
0
truncated
/ 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bankakp.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:15:31 GMT
x-content-type-options
nosniff
age
322329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 16:15:31 GMT
banner
103.13.206.89/api/ 		0
0
news
103.13.206.89/api/ 		0
0
info
103.13.206.89/api/ 		0
0
promos
127.0.0.1/api/ 		0
0
logo.png
is3.cloudhost.id/akp-storage/assets/info/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is3.cloudhost.id/akp-storage/assets/info/logo.png
Requested by
Host: www.bankakp.co.id
URL: https://www.bankakp.co.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.55.39.250 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID),
Reverse DNS
is3.cloudhost.id
Software
/
Resource Hash
0c084d2af23969e8289b019d9b391a3fa6d3cca414bebcb31fc1b63bddf9fb27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankakp.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Wed, 30 Nov 2022 09:47:40 GMT
Last-Modified
Wed, 30 Nov 2022 08:16:33 GMT
x-amz-request-id
tx000000000000012c96f2f-00638726bc-2a620d3-id-jkt-1
ETag
"0af06c2d58f09cccc136607e074fa74b"
Content-Type
image/png
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
26117
OJK.png
i.ibb.co/DQgz3gK/ 		254 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/DQgz3gK/OJK.png
Requested by
Host: www.bankakp.co.id
URL: https://www.bankakp.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096358.ip-162-19-58.eu
Software
nginx /
Resource Hash
e9c3a25b9e2ea784f3242795beaeb907325b5baa312ac27f349719acd828807a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankakp.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 09:47:40 GMT
last-modified
Mon, 25 Nov 2019 01:36:12 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
260480
expires
Thu, 31 Dec 2037 23:55:55 GMT
lps.png
i.ibb.co/WVbvCjR/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/WVbvCjR/lps.png
Requested by
Host: www.bankakp.co.id
URL: https://www.bankakp.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096358.ip-162-19-58.eu
Software
nginx /
Resource Hash
ac3573b23eee44ba1f797cf5e97208206e16aa243a87f0ebeed1abbac24faf38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bankakp.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 09:47:40 GMT
last-modified
Mon, 25 Nov 2019 01:36:09 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
40695
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
103.13.206.89
URL
http://103.13.206.89:3001/api/info
Domain
103.13.206.89
URL
http://103.13.206.89:3001/api/banner
Domain
103.13.206.89
URL
http://103.13.206.89:3001/api/news
Domain
103.13.206.89
URL
http://103.13.206.89:3001/api/info
Domain
127.0.0.1
URL
http://127.0.0.1:8000/api/promos

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkdanaflash_web_frontend

0 Cookies

4 Console Messages

Source Level URL
Text
security error URL: https://www.bankakp.co.id/static/js/main.7a9cf9f2.js(Line 1)
Message:
Mixed Content: The page at 'https://www.bankakp.co.id/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://103.13.206.89:3001/api/info'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.bankakp.co.id/static/js/main.7a9cf9f2.js(Line 1)
Message:
Mixed Content: The page at 'https://www.bankakp.co.id/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://103.13.206.89:3001/api/banner'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.bankakp.co.id/static/js/main.7a9cf9f2.js(Line 1)
Message:
Mixed Content: The page at 'https://www.bankakp.co.id/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://103.13.206.89:3001/api/news'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.bankakp.co.id/static/js/main.7a9cf9f2.js(Line 1)
Message:
Mixed Content: The page at 'https://www.bankakp.co.id/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://103.13.206.89:3001/api/info'. This request has been blocked; the content must be served over HTTPS.