account.midtrans.com Open in urlscan Pro
104.17.3.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dashboard.midtrans.com/
Effective URL:
https://account.midtrans.com/login
Submission: On September 19 via manual (September 19th 2021, 2:40:14 pm UTC) from SG — Scanned from DE

Summary HTTP 39 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 15 domains to perform 39 HTTP transactions. The main IP is 104.17.3.81, located in and belongs to CLOUDFLARENET, US. The main domain is account.midtrans.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 10th 2021. Valid for: a year.

This is the only time account.midtrans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 18	104.17.3.81 104.17.3.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
6	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
1	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
2	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
1	13.224.193.36 13.224.193.36	16509 (AMAZON-02) (AMAZON-02)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
1	13.224.193.10 13.224.193.10	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.75 13.224.193.75	16509 (AMAZON-02) (AMAZON-02)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
39	14

18 104.17.3.81 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dashboard.midtrans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
account.midtrans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-36.fra2.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-10.fra2.r.cloudfront.net

d5nxst8fruw4z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-75.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	midtrans.com 3 redirects dashboard.midtrans.com account.midtrans.com	1 MB
6	google-analytics.com www.google-analytics.com	20 KB
2	facebook.com www.facebook.com	404 B
2	facebook.net connect.facebook.net	113 KB
2	cloudfront.net d31qbv1cthcecs.cloudfront.net d5nxst8fruw4z.cloudfront.net	3 KB
2	doubleclick.net stats.g.doubleclick.net	485 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	alexametrics.com certify.alexametrics.com	551 B
1	googletagmanager.com www.googletagmanager.com	42 KB
0	ubembed.com Failed b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com Failed
0	hs-scripts.com Failed js.hs-scripts.com Failed
0	a2z.com Failed redirect.prod.experiment.routing.cloudfront.aws.a2z.com Failed
0	googleadservices.com Failed www.googleadservices.com Failed
39	15

	Domain	Requested by
16	account.midtrans.com	1 redirects account.midtrans.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com account.midtrans.com
2	www.facebook.com	account.midtrans.com
2	connect.facebook.net	account.midtrans.com connect.facebook.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	dashboard.midtrans.com	2 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	account.midtrans.com
1	certify.alexametrics.com	account.midtrans.com
1	d5nxst8fruw4z.cloudfront.net	account.midtrans.com
1	d31qbv1cthcecs.cloudfront.net	account.midtrans.com
1	ajax.googleapis.com	account.midtrans.com
1	www.googletagmanager.com	account.midtrans.com
1	fonts.googleapis.com	account.midtrans.com
0	b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com Failed	www.googletagmanager.com
0	js.hs-scripts.com Failed	www.googletagmanager.com
0	redirect.prod.experiment.routing.cloudfront.aws.a2z.com Failed	account.midtrans.com
0	www.googleadservices.com Failed	www.googletagmanager.com
39	18

This site contains links to these domains. Also see Links.

Domain
midtrans.com

Subject Issuer	Validity	Valid
*.midtrans.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-10` - `2022-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://account.midtrans.com/login
Frame ID: C1232D458FF5BD746A154F653C7B3B51
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAP | Midtrans

Page URL History Show full URLs

http://dashboard.midtrans.com/ HTTP 301
https://dashboard.midtrans.com/ HTTP 302
https://account.midtrans.com/login/oauth2/authorize?client_id=6171280cb118427a823959ac9205b324&redirect_u... HTTP 302
https://account.midtrans.com/login Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

90 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

14
IPs

3
Countries

1289 kB
Transfer

1942 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://midtrans.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://midtrans.com/id/blog/payment-link-solusi-praktis-terima-pembayaran-kala-ppkm-darurat
Title: Payment Link, Solusi Praktis Terima Pembayaran Kala PPKM Darurat

Search URL Search Domain Scan URL

URL: https://midtrans.com/id/blog/cara-transfer-virtual-account-beda-bank
Title: Cara Transfer Virtual Account Beda Bank

Search URL Search Domain Scan URL

URL: https://midtrans.com/id/blog/kegunaan-m-banking
Title: Kegunaan M-Banking yang Perlu Anda Tahu

Search URL Search Domain Scan URL

URL: https://midtrans.com/id/blog/apa-itu-atm-bersama
Title: Apa Itu ATM Bersama? Simak Daftar dan Kode Bank Lengkapnya di Sini!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dashboard.midtrans.com/ HTTP 301
https://dashboard.midtrans.com/ HTTP 302
https://account.midtrans.com/login/oauth2/authorize?client_id=6171280cb118427a823959ac9205b324&redirect_uri=https%3A%2F%2Fdashboard.midtrans.com%2Fapi%2Fauth%2Fmuffin%2Fcallback&response_type=code HTTP 302
https://account.midtrans.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
account.midtrans.com/
Redirect Chain

http://dashboard.midtrans.com/
https://dashboard.midtrans.com/
https://account.midtrans.com/login/oauth2/authorize?client_id=6171280cb118427a823959ac9205b324&redirect_uri=https%3A%2F%2Fdashboard.midtrans.com%2Fapi%2Fauth%2Fmuffin%2Fcallback&response_type=code
https://account.midtrans.com/login

19 KB
8 KB

899ms
898ms

Document
text/html

104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f0514afc69ec184f85121c1ef8d58555208786cf8df7bcea102be8eecc738d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com .nr-data.net www.google.com www.gstatic.com cdn.optimizely.com .google-analytics.com .cloudfront.net .googletagmanager.com .facebook.net .facebook.com www.facebook.com; connect-src api.mixpanel.com .google-analytics.com .facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com .nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' .cloudfront.net .google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com .googletagmanager.com .facebook.net .facebook.com www.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: account.midtrans.com
:scheme: https
:path: /login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 19 Sep 2021 14:40:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
content-language: en
etag: W/"2f0514afc69ec184f85121c1ef8d5855"
cache-control: max-age=0, private, must-revalidate
set-cookie: _muffin_session=2d59b67d2f2d479cb878418690a00ed6; path=/; expires=Sun, 19 Sep 2021 20:40:05 GMT; HttpOnly
x-request-id: 500cecbb0b2521edc1098be811a95442
x-runtime: 0.011891
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6913912ddf7a27b8-PRG

Redirect headers

date: Sun, 19 Sep 2021 14:40:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
content-language: en
location: https://account.midtrans.com/login
cache-control: no-cache
set-cookie: _muffin_session=2d59b67d2f2d479cb878418690a00ed6; path=/; expires=Sun, 19 Sep 2021 20:40:04 GMT; HttpOnly
x-request-id: 4886b5cd4312b08ac41a76fb9d8b73fc
x-runtime: 0.008655
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69139128ef1027b8-PRG

GET
H2 200 midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
account.midtrans.com/assets/ 66 KB
12 KB 985ms
984ms Stylesheet
text/css 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69139133b99a27b8-PRG
content-length: 12181

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 51ms
16ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 13:07:34 GMT
server: ESF
date: Sun, 19 Sep 2021 14:40:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 14:40:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
42 KB 61ms
34ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K458FD6

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a7bfe1158a5169572600b5d5190315e472776a4ecc2bf3b7b7b942786feb1b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42663
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Sep 2021 14:40:05 GMT

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 50ms
13ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K458FD6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6788
date: Sun, 19 Sep 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 19 Sep 2021 14:46:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 29ms
8ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 07:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Mon, 19 Sep 2022 07:56:15 GMT

GET
H2 200 application-f33b2ecf794cc58b97530e779268583e5a36d80ef6a59472f9cc66ba1d2516fc.js Show response
account.midtrans.com/assets/ 162 KB
46 KB 1670ms
1670ms Script
application/javascript 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.midtrans.com/assets/application-f33b2ecf794cc58b97530e779268583e5a36d80ef6a59472f9cc66ba1d2516fc.js

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f33b2ecf794cc58b97530e779268583e5a36d80ef6a59472f9cc66ba1d2516fc

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/application-f33b2ecf794cc58b97530e779268583e5a36d80ef6a59472f9cc66ba1d2516fc.js
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 25 Aug 2021 12:15:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 69139134bb7a27b8-PRG
content-length: 46785

GET
H2 200 midtrans-dark-3a5ac77cd3110b28b32cb590fc968f296d2123e686591d636bd51b276f6ed034.svg
account.midtrans.com/assets/logo/ 5 KB
2 KB 777ms
776ms Image
image/svg+xml 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/logo/midtrans-dark-3a5ac77cd3110b28b32cb590fc968f296d2123e686591d636bd51b276f6ed034.svg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5ac77cd3110b28b32cb590fc968f296d2123e686591d636bd51b276f6ed034

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/logo/midtrans-dark-3a5ac77cd3110b28b32cb590fc968f296d2123e686591d636bd51b276f6ed034.svg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 69139139ecc727b8-PRG

GET
H2 200 capsule-1-73f51d3ee80d050cc936cfc7745e43bf293a76a05310aef62c3f228e72273008.svg
account.midtrans.com/assets/core/ 355 B
354 B 782ms
782ms Image
image/svg+xml 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/core/capsule-1-73f51d3ee80d050cc936cfc7745e43bf293a76a05310aef62c3f228e72273008.svg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f51d3ee80d050cc936cfc7745e43bf293a76a05310aef62c3f228e72273008

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/core/capsule-1-73f51d3ee80d050cc936cfc7745e43bf293a76a05310aef62c3f228e72273008.svg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 6913913ebe6b27b8-PRG

GET
H2 200 capsule-2-0b9e3144b7242340b000b233100c7d5cc5470a4182b347146097fd843d5f2eeb.svg
account.midtrans.com/assets/core/ 240 B
261 B 857ms
856ms Image
image/svg+xml 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/core/capsule-2-0b9e3144b7242340b000b233100c7d5cc5470a4182b347146097fd843d5f2eeb.svg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b9e3144b7242340b000b233100c7d5cc5470a4182b347146097fd843d5f2eeb

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/core/capsule-2-0b9e3144b7242340b000b233100c7d5cc5470a4182b347146097fd843d5f2eeb.svg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 6913913f5f4827b8-PRG

GET
H2 200 thumb-1-2793bca049d97bbb0d4b789f6c2bb9424e03467d3a5d2ed22446fb44b6bbdb7f.jpg
account.midtrans.com/assets/blog/ 117 KB
117 KB 2392ms
2390ms Image
image/jpeg 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/blog/thumb-1-2793bca049d97bbb0d4b789f6c2bb9424e03467d3a5d2ed22446fb44b6bbdb7f.jpg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2793bca049d97bbb0d4b789f6c2bb9424e03467d3a5d2ed22446fb44b6bbdb7f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/blog/thumb-1-2793bca049d97bbb0d4b789f6c2bb9424e03467d3a5d2ed22446fb44b6bbdb7f.jpg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 12:05:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913f9fb327b8-PRG
content-length: 119366

GET
H2 200 thumb-2-cd648a639504c849810bafb1cf81f141f534823177dea209e360ee7ecdff0883.jpg
account.midtrans.com/assets/blog/ 138 KB
139 KB 2140ms
2138ms Image
image/jpeg 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/blog/thumb-2-cd648a639504c849810bafb1cf81f141f534823177dea209e360ee7ecdff0883.jpg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd648a639504c849810bafb1cf81f141f534823177dea209e360ee7ecdff0883

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/blog/thumb-2-cd648a639504c849810bafb1cf81f141f534823177dea209e360ee7ecdff0883.jpg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 12:05:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913f9fb427b8-PRG
content-length: 141768

GET
H2 200 thumb-3-54f023a3af04c4dfbd416575c176b9b45f59e173904788f83e16135ae48e1a42.jpg
account.midtrans.com/assets/blog/ 143 KB
144 KB 2183ms
2181ms Image
image/jpeg 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/blog/thumb-3-54f023a3af04c4dfbd416575c176b9b45f59e173904788f83e16135ae48e1a42.jpg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54f023a3af04c4dfbd416575c176b9b45f59e173904788f83e16135ae48e1a42

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/blog/thumb-3-54f023a3af04c4dfbd416575c176b9b45f59e173904788f83e16135ae48e1a42.jpg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 12:05:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913f9fb527b8-PRG
content-length: 146728

GET
H2 200 thumb-4-d17ccc761a7ab02f1feb62da6d543f8715cfd7a012d7a3e30441a1f4640248c3.jpg
account.midtrans.com/assets/blog/ 134 KB
134 KB 2415ms
2413ms Image
image/jpeg 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/blog/thumb-4-d17ccc761a7ab02f1feb62da6d543f8715cfd7a012d7a3e30441a1f4640248c3.jpg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17ccc761a7ab02f1feb62da6d543f8715cfd7a012d7a3e30441a1f4640248c3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/blog/thumb-4-d17ccc761a7ab02f1feb62da6d543f8715cfd7a012d7a3e30441a1f4640248c3.jpg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 12:05:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913f9fb627b8-PRG
content-length: 137424

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 22ms
21ms XHR
text/plain 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=753332631&t=pageview&_s=1&dl=https%3A%2F%2Faccount.midtrans.com%2Flogin&ul=en-us&de=UTF-8&dt=MAP%20%7C%20Midtrans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1736455898&gjid=658231256&cid=1099746339.1632062406&tid=UA-85529823-1&_gid=653384852.1632062406&_r=1&gtm=2wg9f0K458FD6&z=1538362883

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.midtrans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 14:40:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.midtrans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
463 B 45ms
15ms XHR
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-85529823-1&cid=1099746339.1632062406&jid=1736455898&gjid=658231256&_gid=653384852.1632062406&_u=YEBAAEAAAAAAAC~&z=399775919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.midtrans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 19 Sep 2021 14:40:06 GMT
content-type: text/plain
access-control-allow-origin: https://account.midtrans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=753332631&t=pageview&_s=1&dl=https%3A%2F%2Faccount.midtrans.com%2Flogin&ul=en-us&de=UTF-8&dt=MAP%20%7C%20Midtrans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1427361013&gjid=1767473037&cid=1099746339.1632062406&tid=UA-124026079-7&_gid=653384852.1632062406&_r=1&_slc=1&z=1441144857

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.midtrans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 14:40:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.midtrans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 16ms
15ms XHR
text/plain 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=753332631&t=pageview&_s=1&dl=https%3A%2F%2Faccount.midtrans.com%2Flogin&ul=en-us&de=UTF-8&dt=MAP%20%7C%20Midtrans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=310734238&gjid=641756084&cid=1099746339.1632062406&tid=UA-85529823-1&_gid=653384852.1632062406&_r=1&_slc=1&z=1022480925

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.midtrans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 14:40:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.midtrans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=753332631&t=pageview&_s=2&dl=https%3A%2F%2Faccount.midtrans.com%2Flogin&ul=en-us&de=UTF-8&dt=MAP%20%7C%20Midtrans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1099746339.1632062406&tid=UA-124026079-7&_gid=653384852.1632062406&z=1838869092

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 02:56:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42212
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 02:56:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42212
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 43ms
8ms Script
application/javascript 13.224.193.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: account.midtrans.com
URL: https://account.midtrans.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 12515561
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: Rucf7ePEhJy9O7GwsMedv3it2QkHvK-6vHchedoHFOjhW8EkR3svsQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 23ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: illpW0P9nrlB2yvp5wrvGn1xLIsV3faPQkPq1E3qD+KHb/ca3/YuvcNmAQ2cWt5N8LmO1y+aIuLN1QoUszemOg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 19 Sep 2021 14:40:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 background-7127ca148743956b92c9f22e4ebec50712957453adcf4865d1618705ecc1f604.svg
account.midtrans.com/assets/core/ 720 B
476 B 874ms
873ms Image
image/svg+xml 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/core/background-7127ca148743956b92c9f22e4ebec50712957453adcf4865d1618705ecc1f604.svg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7127ca148743956b92c9f22e4ebec50712957453adcf4865d1618705ecc1f604

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/core/background-7127ca148743956b92c9f22e4ebec50712957453adcf4865d1618705ecc1f604.svg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 6913913fbfe527b8-PRG

GET
H2 200 Poppins-Medium-e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4.ttf
account.midtrans.com/assets/ 153 KB
153 KB 2199ms
2198ms Font
application/octet-stream 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.midtrans.com/assets/Poppins-Medium-e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4.ttf

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://account.midtrans.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
:path: /assets/Poppins-Medium-e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: account.midtrans.com
referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
Origin: https://account.midtrans.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913f9fc227b8-PRG
content-length: 156480

GET
H2 200 midtrans-icons-invisible-fb5ee1bbe434efb30c91503b99effff157c3c2419d5f9ad80156d7fd2fbe72c0.svg
account.midtrans.com/assets/core/ 776 B
525 B 874ms
874ms Image
image/svg+xml 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.midtrans.com/assets/core/midtrans-icons-invisible-fb5ee1bbe434efb30c91503b99effff157c3c2419d5f9ad80156d7fd2fbe72c0.svg

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5ee1bbe434efb30c91503b99effff157c3c2419d5f9ad80156d7fd2fbe72c0

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

:path: /assets/core/midtrans-icons-invisible-fb5ee1bbe434efb30c91503b99effff157c3c2419d5f9ad80156d7fd2fbe72c0.svg
pragma: no-cache
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: account.midtrans.com
referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 6913913fbfe627b8-PRG

GET
H2 200 Poppins-Regular-78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527.ttf
account.midtrans.com/assets/ 154 KB
155 KB 2052ms
2052ms Font
application/octet-stream 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.midtrans.com/assets/Poppins-Regular-78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527.ttf

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://account.midtrans.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
:path: /assets/Poppins-Regular-78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: account.midtrans.com
referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
Origin: https://account.midtrans.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913fafc727b8-PRG
content-length: 158192

GET
H2 200 Poppins-SemiBold-bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759.ttf
account.midtrans.com/assets/ 152 KB
152 KB 1919ms
1919ms Font
application/octet-stream 104.17.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.midtrans.com/assets/Poppins-SemiBold-bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759.ttf

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.3.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://account.midtrans.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _hera_sesssion=28816e5f0ee0f606c21b9d3021a6585f; _muffin_session=2d59b67d2f2d479cb878418690a00ed6; _gcl_au=1.1.696089919.1632062406; _ga=GA1.2.1099746339.1632062406; _gid=GA1.2.653384852.1632062406; _gat_UA-85529823-1=1; _gat=1; _gat_shared=1
:path: /assets/Poppins-SemiBold-bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: account.midtrans.com
referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://account.midtrans.com/assets/midtrans-new-31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f.css
Origin: https://account.midtrans.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
cf-cache-status: MISS
last-modified: Fri, 21 May 2021 05:04:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
content-security-policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com *.nr-data.net www.google.com www.gstatic.com cdn.optimizely.com *.google-analytics.com *.cloudfront.net *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com; connect-src api.mixpanel.com *.google-analytics.com *.facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com *.nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' *.cloudfront.net *.google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com *.googletagmanager.com *.facebook.net *.facebook.com www.facebook.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6913913fafcb27b8-PRG
content-length: 155192

GET
H/1.1 200
OK atrk.gif
d5nxst8fruw4z.cloudfront.net/ 43 B
551 B 52ms
7ms Image
image/gif 13.224.193.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5nxst8fruw4z.cloudfront.net/atrk.gif?account=0VtQk1a4SBe05T
Requested by: Host: account.midtrans.com
URL: https://account.midtrans.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 19 Sep 2021 03:30:15 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 40192
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: -uVvmnHOwkNWveRzs-j241xSxQCWXP56SwpkyZ4I3FqRllCnxEaErg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 48ms
24ms XHR
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-85529823-1&cid=1099746339.1632062406&jid=310734238&gjid=641756084&_gid=653384852.1632062406&_u=aEDAAEABAAAAAC~&z=658028328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.midtrans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 19 Sep 2021 14:40:07 GMT
content-type: text/plain
access-control-allow-origin: https://account.midtrans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2774972982749469 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 70ms
62ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2774972982749469?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

d91e63238798025d36bb9259dc038185c2532448ac647828d1ce90b95105f351

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: CPFp2pueYMa9Rj59LI1mx/U1wEH0yfaSkH2QEqq1Q7KumAIDAZRPAS67CR66hmFIkWkPjkyIu8Ex30p8jnEBMA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 19 Sep 2021 14:40:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 40ms
7ms Image
image/gif 13.224.193.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=MAP%20%7C%20Midtrans&time=1632062407655&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Faccount.midtrans.com%2Flogin&random_number=3023844589&sess_cookie=ae67a6fa17bfe8003e643e620ca&sess_cookie_flag=1&user_cookie=ae67a6fa17bfe8003e643e620ca&user_cookie_flag=1&dynamic=true&domain=veritrans.co.id&account=0VtQk1a4SBe05T&jsv=20130128&user_lang=en-US
Requested by: Host: account.midtrans.com
URL: https://account.midtrans.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-75.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 19 Sep 2021 03:30:15 GMT
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 40192
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: pD21ayT5dQ1D36pq5mYlnuIt3Beg0ioVLgG9UN88uzIfTKa_G-ptIg==

GET x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
0

GET 2528720.js
js.hs-scripts.com/ 0
0

GET /
b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 25ms
10ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2774972982749469&ev=PageView&dl=https%3A%2F%2Faccount.midtrans.com%2Flogin&rl=&if=false&ts=1632062407783&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632062407780.1536252193&it=1632062407651&coo=false&exp=p0&rqm=GET

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 19 Sep 2021 14:40:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2774972982749469&ev=Microdata&dl=https%3A%2F%2Faccount.midtrans.com%2Flogin&rl=&if=false&ts=1632062409289&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MAP%20%7C%20Midtrans%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632062407780.1536252193&it=1632062407651&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: account.midtrans.com
URL: https://account.midtrans.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:40:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 19 Sep 2021 14:40:09 GMT

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 41ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: account.midtrans.com
URL: https://account.midtrans.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: 3700EJ4ZWWQ4P78Z
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by: cache-hhn4074-HHN
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1632062411.726491,VS0,VE0
date: Sun, 19 Sep 2021 14:40:10 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 22279

GET
H/1.1 200
OK 534502d1f9 Show response
bam.nr-data.net/1/ 57 B
322 B 552ms
106ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/534502d1f9?a=22681843&v=1210.e2a3f80&to=cQtfTEJYXAlVFB8QU0EXWFdeRB8LVRE%3D&rst=7811&ck=1&ref=https://account.midtrans.com/login&ap=11&be=2788&fe=7762&dc=4685&perf=%7B%22timing%22:%7B%22of%22:1632062402926,%22n%22:0,%22f%22:1841,%22dn%22:1841,%22dne%22:1841,%22c%22:1841,%22ce%22:1841,%22rq%22:1843,%22rp%22:2741,%22rpe%22:2930,%22dl%22:2754,%22di%22:4684,%22ds%22:4685,%22de%22:4702,%22dc%22:7762,%22l%22:7762,%22le%22:7765%7D,%22navigation%22:%7B%7D%7D&fp=4711&fcp=4711&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.midtrans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png

Domain: js.hs-scripts.com
URL: https://js.hs-scripts.com/2528720.js

Domain: b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com
URL: https://b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com/

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.midtrans.com/	1970-01-19 21:21:16	Name: _hera_sesssion Value: 28816e5f0ee0f606c21b9d3021a6585f
account.midtrans.com/	1970-01-19 21:21:24	Name: _muffin_session Value: 2d59b67d2f2d479cb878418690a00ed6
.midtrans.com/	1970-01-19 23:30:38	Name: _gcl_au Value: 1.1.696089919.1632062406
.midtrans.com/	1970-01-20 14:52:14	Name: _ga Value: GA1.2.1099746339.1632062406
.midtrans.com/	1970-01-19 21:22:28	Name: _gid Value: GA1.2.653384852.1632062406
.midtrans.com/	1970-01-19 21:21:02	Name: _gat_UA-85529823-1 Value: 1
.midtrans.com/	1970-01-19 21:21:02	Name: _gat Value: 1
.midtrans.com/	1970-01-19 21:21:02	Name: _gat_shared Value: 1
.midtrans.com/	1970-01-19 23:30:38	Name: _fbp Value: fb.1.1632062407780.1536252193
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8a28676880dc93a6

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-K458FD6(Line 32) Message: Refused to load the script 'https://www.googleadservices.com/pagead/conversion_async.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com .nr-data.net www.google.com www.gstatic.com cdn.optimizely.com .google-analytics.com .cloudfront.net .googletagmanager.com .facebook.net .facebook.com www.facebook.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://account.midtrans.com/login Message: Refused to load the image 'https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png' because it violates the following Content Security Policy directive: "img-src 'self' 'unsafe-inline' .cloudfront.net .google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com .googletagmanager.com .facebook.net *.facebook.com www.facebook.com".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-K458FD6(Line 252) Message: Refused to load the script 'https://js.hs-scripts.com/2528720.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com .nr-data.net www.google.com www.gstatic.com cdn.optimizely.com .google-analytics.com .cloudfront.net .googletagmanager.com .facebook.net .facebook.com www.facebook.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-K458FD6(Line 252) Message: Refused to load the script 'https://b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com/' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com .nr-data.net www.google.com www.gstatic.com cdn.optimizely.com .google-analytics.com .cloudfront.net .googletagmanager.com .facebook.net .facebook.com www.facebook.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' ajax.googleapis.com cdn.mxpnl.com js-agent.newrelic.com .nr-data.net www.google.com www.gstatic.com cdn.optimizely.com .google-analytics.com .cloudfront.net .googletagmanager.com .facebook.net .facebook.com www.facebook.com; connect-src api.mixpanel.com .google-analytics.com .facebook.net stats.g.doubleclick.net bam.nr-data.net; child-src www.google.com .nr-data.net stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src 'self' 'unsafe-inline' fonts.gstatic.com; img-src 'self' 'unsafe-inline' .cloudfront.net .google-analytics.com certify.alexametrics.com cloudfront-labs.amazonaws.com .googletagmanager.com .facebook.net .facebook.com www.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.midtrans.com
ajax.googleapis.com
b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com
bam.nr-data.net
certify.alexametrics.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
d5nxst8fruw4z.cloudfront.net
dashboard.midtrans.com
fonts.googleapis.com
js-agent.newrelic.com
js.hs-scripts.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
b510d560e2ae43f2965e27d307c9a1b1.js.ubembed.com
js.hs-scripts.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
www.googleadservices.com
104.17.3.81
13.224.193.10
13.224.193.36
13.224.193.75
142.250.185.170
142.250.185.72
142.250.186.106
151.101.130.137
162.247.242.19
172.217.18.110
185.60.216.19
185.60.216.35
64.233.167.157
0b9e3144b7242340b000b233100c7d5cc5470a4182b347146097fd843d5f2eeb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2793bca049d97bbb0d4b789f6c2bb9424e03467d3a5d2ed22446fb44b6bbdb7f
2f0514afc69ec184f85121c1ef8d58555208786cf8df7bcea102be8eecc738d3
31c8ebb2964764d0adb7d9a3afccea5e54ef4c8ea9c60f96d4ebcdf543e6df1f
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3a5ac77cd3110b28b32cb590fc968f296d2123e686591d636bd51b276f6ed034
54f023a3af04c4dfbd416575c176b9b45f59e173904788f83e16135ae48e1a42
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7127ca148743956b92c9f22e4ebec50712957453adcf4865d1618705ecc1f604
73f51d3ee80d050cc936cfc7745e43bf293a76a05310aef62c3f228e72273008
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a7bfe1158a5169572600b5d5190315e472776a4ecc2bf3b7b7b942786feb1b3f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bf9c1ff640acc8bb5441a9b564360943f9db90969742aa33a36329b2828d2759
cd648a639504c849810bafb1cf81f141f534823177dea209e360ee7ecdff0883
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d17ccc761a7ab02f1feb62da6d543f8715cfd7a012d7a3e30441a1f4640248c3
d91e63238798025d36bb9259dc038185c2532448ac647828d1ce90b95105f351
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e554db189b5d944ef0e6f98ee0e4e8c75f69e95315dc9f4ae0c616a8756a2ba4
f33b2ecf794cc58b97530e779268583e5a36d80ef6a59472f9cc66ba1d2516fc
fb5ee1bbe434efb30c91503b99effff157c3c2419d5f9ad80156d7fd2fbe72c0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

account.midtrans.com Open in urlscan Pro 104.17.3.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

90 %HTTPS

0 %IPv6

15 Domains

18 Subdomains

14 IPs

3 Countries

1289 kBTransfer

1942 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

account.midtrans.com Open in urlscan Pro
104.17.3.81 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

90 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

14
IPs

3
Countries

1289 kB
Transfer

1942 kB
Size

10
Cookies

39 HTTP transactions
0 data transactions