urlscan.io logo urlscan.io
SecurityTrails logo

payment.amalsholeh.com Open in urlscan Pro
103.55.38.198  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment.amalsholeh.com/
Submission: On March 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 103.55.38.198, located in Indonesia and belongs to IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID. The main domain is payment.amalsholeh.com.
TLS certificate: Issued by R3 on March 16th 2021. Valid for: 3 months.
This is the only time payment.amalsholeh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.55.38.198 136052 (IDNIC-IDC...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 103.10.130.46 58449 (DOKU-ID P...)
10 5
Domain Requested by
4 staging.doku.com payment.amalsholeh.com
staging.doku.com
code.jquery.com
2 cdnjs.cloudflare.com payment.amalsholeh.com
1 code.jquery.com payment.amalsholeh.com
1 payment.amalsholeh.com
10 4

This site contains no links.

Subject Issuer Validity Valid
payment.amalsholeh.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
staging.doku.com
DigiCert SHA2 Secure Server CA		 2020-08-06 -
2021-09-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payment.amalsholeh.com/
Frame ID: 3780CB1F299C415660D3C7422AAAB0D6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

80 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

83 kB
Transfer

240 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payment.amalsholeh.com/ 		2 KB
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.amalsholeh.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.55.38.198 , Indonesia, ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID),
Reverse DNS
Software
nginx /
Resource Hash
9f8f28f938c4fb784b5138883f8ce7ff5ee65d2081a6e51e8ab6a82bd6fccaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
payment.amalsholeh.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 16 Mar 2021 16:06:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
br
jquery-2.1.4.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.4.min.js
Requested by
Host: payment.amalsholeh.com
URL: https://payment.amalsholeh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:06:14 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2015 16:17:08 GMT
server
nginx
etag
W/"553fb284-14979"
vary
Accept-Encoding
x-hw
1615910774.dop212.fr8.t,1615910774.cds210.fr8.hc,1615910774.cds244.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29519
jquery.fancybox.pack.js
cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.pack.js
Requested by
Host: payment.amalsholeh.com
URL: https://payment.amalsholeh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2447802
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7681
cf-request-id
08dd62bd1a00004e9db08d0000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-5a5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W8qUjSa6RCuTISjYeQbqa%2Fwe6N6E042gv54t277z9%2F1fkvIUw%2BECM9WEZhRpXe82gvyGQOTj6EOOhgnQTOv5AeO7f1rGGKCErKxx1omFyz0wEBjXozRCb7CUTwTTGKPYSQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
630f3a41c84f4e9d-FRA
expires
Sun, 06 Mar 2022 16:06:14 GMT
doku.js
staging.doku.com/doku-js/assets/js/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.doku.com/doku-js/assets/js/doku.js?version=1615910773
Requested by
Host: payment.amalsholeh.com
URL: https://payment.amalsholeh.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.10.130.46 , Indonesia, ASN58449 (DOKU-ID PT Nusa Satu Inti Artha, ID),
Reverse DNS
Software
/
Resource Hash
fe46a8a4106dd01b619edefaec170a045a261192100bd07f214fc6b08953a359
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 16 Mar 2021 16:06:14 GMT
Content-Encoding
gzip
x-oss-request-id
6050D776D06C7B39372C9C19
Last-Modified
Tue, 24 Nov 2020 13:27:17 GMT
Content-MD5
BsWqinymmy315mEle1WoWw==
X-Frame-Options
ALLOWALL
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
12080210911015213636
x-oss-server-time
3
doku.css
staging.doku.com/doku-js/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging.doku.com/doku-js/assets/css/doku.css
Requested by
Host: payment.amalsholeh.com
URL: https://payment.amalsholeh.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.10.130.46 , Indonesia, ASN58449 (DOKU-ID PT Nusa Satu Inti Artha, ID),
Reverse DNS
Software
/
Resource Hash
95d8675d03a8bfbbb4690bb9f3e1dd525c4659502a3bbee987cca9560e6272f4
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 16 Mar 2021 16:06:14 GMT
Content-Encoding
gzip
x-oss-request-id
6050D776DDD9CB3935CE3527
Last-Modified
Tue, 24 Nov 2020 13:27:14 GMT
Content-MD5
dxVcWnN+ezha9ZVZ3cxffQ==
X-Frame-Options
ALLOWALL
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Transfer-Encoding
chunked
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15923137246724344740
x-oss-server-time
28
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css
Requested by
Host: payment.amalsholeh.com
URL: https://payment.amalsholeh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5ed4bb4bb22800c5f3d7057a35cbdd8bb49686d8df119a8452122aa7b40b80
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6955719
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
955
cf-request-id
08dd62bd1b00004e9df7b71000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-f2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bS6V3AzPiSrC82DhZsjz5oiGTogsiEjuRZTZq4bw%2FyO7G5Uldo8%2BKp7Ag5jaS9henrJYml3FPDvNqHqTmXO4ZzNOYI6ixzry8Dzwq9pYoyQBHhS%2BqOxEYSi6z05oAcVgnw%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
630f3a41c8504e9d-FRA
expires
Sun, 06 Mar 2022 16:06:14 GMT
dinnextltproregular.woff
staging.doku.com/doku-js/assets/fonts/ 		0
0
getRequestCode
staging.doku.com/api/payment/ 		71 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staging.doku.com/api/payment/getRequestCode
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.10.130.46 , Indonesia, ASN58449 (DOKU-ID PT Nusa Satu Inti Artha, ID),
Reverse DNS
Software
/ Servlet 2.5; DOKU
Resource Hash
862109b43300e5e65c06b70f5e69d02a0bd6b5532a6fe49caa1ef44167125ac7
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 16 Mar 2021 16:06:18 GMT
Transfer-Encoding
chunked
X-Powered-By
Servlet 2.5; DOKU
X-Frame-Options
ALLOWALL
Content-Type
text/html;application/json;charset=UTF-8;charset=utf-8
loading.gif
staging.doku.com/doku-js/assets/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging.doku.com/doku-js/assets/images/loading.gif
Requested by
Host: payment.amalsholeh.com
URL: https://payment.amalsholeh.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.10.130.46 , Indonesia, ASN58449 (DOKU-ID PT Nusa Satu Inti Artha, ID),
Reverse DNS
Software
/
Resource Hash
b1839825f00a493b3c4de5d1e7cea073c3410be4534d07af84ce3718900943ba
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://payment.amalsholeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 16 Mar 2021 16:06:17 GMT
x-oss-request-id
6050D779DDD9CB3933EE3E27
Last-Modified
Tue, 24 Nov 2020 13:27:16 GMT
Content-MD5
MNqQGVxklJ/IKBnYe0PLBg==
ETag
"30DA90195C64949FC82819D87B43CB06"
X-Frame-Options
ALLOWALL
Content-Type
image/gif
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7895770174755125229
Content-Length
11040
x-oss-server-time
24
dinnextltproregular.ttf
staging.doku.com/doku-js/assets/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
staging.doku.com
URL
https://staging.doku.com/doku-js/assets/fonts/dinnextltproregular.woff
Domain
staging.doku.com
URL
https://staging.doku.com/doku-js/assets/fonts/dinnextltproregular.ttf

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getForm function| btnOnBlur function| formatForm function| validateForm function| checkRules function| receiveMessage function| submitForm function| processForm function| backToMerchant function| initiateFormWallet function| inquiryPromoCode function| formatWalletCash function| formatWalletCc function| formatFormWallet function| submitFormWallet function| showResult function| DokuToken function| closePopup function| validateFormInline function| formatFormInline function| processInlineForm function| formatInlineFormDW function| formatWalletCashInline function| formatWalletCcInline function| formatFormWalletInline function| submitFormWalletInline function| dokuMandiriInitiate function| setTimeoutPage function| updatePreTransactionTimeout function| getDeviceInfo function| murmurhash3_32_gc string| requestURL string| originUrl string| loadingUrl string| failedUrl string| form3D string| formDw undefined| threeDResponse undefined| data_obj number| doku_timeout undefined| doku_timeout_page object| doku_ajax undefined| frmSaveToken string| pageTimeout number| timeout object| deployJava function| Detector object| swfobject object| RespTabs function| ClientJS function| UAParser

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://staging.doku.com/doku-js/assets/js/doku.js?version=1615910773(Line 1)
Message:
[object Object]
console-api log URL: https://staging.doku.com/doku-js/assets/js/doku.js?version=1615910773(Line 1)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block