pembatalan-d4naapaylater.sekaiiwebs.rent Open in urlscan Pro
104.21.112.1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://shorturl.asia/7i514
Effective URL:
https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Submission: On December 21 via manual (December 21st 2024, 1:10:03 pm UTC) from ID — Scanned from IL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 22 HTTP transactions. The main IP is 104.21.112.1, located in and belongs to CLOUDFLARENET, US. The main domain is pembatalan-d4naapaylater.sekaiiwebs.rent.
TLS certificate: Issued by WE1 on October 31st 2024. Valid for: 3 months.

This is the only time pembatalan-d4naapaylater.sekaiiwebs.rent was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DANA (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.69.104 172.67.69.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.112.1 104.21.112.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
4	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
1	2.16.168.203 2.16.168.203	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
8	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
3	163.181.131.212 163.181.131.212	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
22	9

1 172.67.69.104 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shorturl.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.112.1 (None, )

ASN13335 (CLOUDFLARENET, US)

pembatalan-d4naapaylater.sekaiiwebs.rent	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.168.203 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-168-203.deploy.static.akamaitechnologies.com

www.dana.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.181.131.212 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

a.m.dana.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10221	11 MB
4	dana.id www.dana.id — Cisco Umbrella Rank: 255376 a.m.dana.id — Cisco Umbrella Rank: 63240	194 KB
4	github.io owlcarousel2.github.io — Cisco Umbrella Rank: 136426	52 KB
2	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com	33 KB
2	sekaiiwebs.rent pembatalan-d4naapaylater.sekaiiwebs.rent	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	989 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	991 B
1	shorturl.asia 1 redirects shorturl.asia — Cisco Umbrella Rank: 342049	673 B
22	8

	Domain	Requested by
8	blogger.googleusercontent.com	pembatalan-d4naapaylater.sekaiiwebs.rent
4	owlcarousel2.github.io	pembatalan-d4naapaylater.sekaiiwebs.rent
3	a.m.dana.id	pembatalan-d4naapaylater.sekaiiwebs.rent
2	pembatalan-d4naapaylater.sekaiiwebs.rent	pembatalan-d4naapaylater.sekaiiwebs.rent
1	encrypted-tbn0.gstatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.dana.id	pembatalan-d4naapaylater.sekaiiwebs.rent
1	fonts.googleapis.com	pembatalan-d4naapaylater.sekaiiwebs.rent
1	cdnjs.cloudflare.com	pembatalan-d4naapaylater.sekaiiwebs.rent
1	shorturl.asia	1 redirects
22	10

This site contains no links.

Subject Issuer	Validity	Valid
sekaiiwebs.rent WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
www.dana.id DigiCert TLS RSA SHA256 2020 CA1	`2024-06-09` - `2025-06-11`	a year	crt.sh
*.googleusercontent.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.m.dana.id DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-05` - `2025-03-20`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Frame ID: 12DC250396B45374C0D5385A369327C1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

𝗗𝗔𝗡𝗔 - 𝗣𝗲𝗺𝗯𝘂𝗸𝗮𝗮𝗻 𝗔𝗸𝘂𝗻 𝗗𝗔𝗡𝗔

Page URL History Show full URLs

https://shorturl.asia/7i514 HTTP 302
https://pembatalan-d4naapaylater.sekaiiwebs.rent/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

11159 kB
Transfer

11285 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://shorturl.asia/7i514 HTTP 302
https://pembatalan-d4naapaylater.sekaiiwebs.rent/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pembatalan-d4naapaylater.sekaiiwebs.rent/
Redirect Chain

https://shorturl.asia/7i514
https://pembatalan-d4naapaylater.sekaiiwebs.rent/

20 KB
7 KB

446ms
284ms

Document
text/html

104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67fc16e787ff126badb1c8e2ccbb22bc57c1d8470c51b43ddcf73eadbf5777c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f581c09fdb97da1-TLV
content-encoding: zstd
content-type: text/html
date: Sat, 21 Dec 2024 13:09:57 GMT
last-modified: Wed, 18 Dec 2024 04:36:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMzsDe4H32I8NxCjfL6%2BAP53iSfHxff8vB%2BzHtlvtFfs3BDiJhwtq0KPVdvyvoGvJQRYdO3vaPAsIcgPGNWxLNY5cOcTOozcsUvbLNNisa3cYF5C9NF4BOyPagrYr91B6PHa6gQeiZB1ewP7lLoWCtobIcY9HCJnuh%2By"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=4618&min_rtt=4575&rtt_var=755&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4001&recv_bytes=2391&delivery_rate=834016&cwnd=254&unsent_bytes=0&cid=013e7af4b402f17b&ts=294&x=0"

Redirect headers

access-control-allow-origin: https://www.shorturl.asia
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f581c044e3ad296-FRA
content-type: text/html; charset=UTF-8
date: Sat, 21 Dec 2024 13:09:57 GMT
expires: Sat, 21 Dec 2024 14:09:57 GMT
location: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BHP2%2B59C3rd8RhBAsKxdZHta201cI86V7nzjdZzeb8Btd5Nv0RP8KSVeq3xcYLEjPdDoyUcERSVHbUWV%2FYy72wJnGuvbgJrSV0CajOWvKCs3C%2B2ewakRpFVN%2FW0yJ8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=52547&min_rtt=52421&rtt_var=11143&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2383&delivery_rate=73546&cwnd=253&unsent_bytes=0&cid=da66299ee3846105&ts=783&x=0"
vary: User-Agent

GET
H3 200 reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ 773 B
991 B 168ms
81ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f23-305"
age: 238543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gM8ptMbM%2ByQB6qI0OaJbwUWH16tNxfyKCYYz91abO2moqdCjQB1t%2F8xs6%2FPZ44rfJePNj3f%2BFsHs8YP4zBgGt%2Baz8tts9nl0mnftxcy%2FbOMUvzxqy9UxyUqQnxniFbxP6yW2YT1s"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 13:09:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 21 Dec 2024 13:09:57 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f581c0c6ae3c231-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 333
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 2 KB
989 B 384ms
128ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round&display=swap

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

ESF /

Resource Hash

d144d92ad388cf8f35465af047943e92b78b78fce585a28284a3b2086424646d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 21 Dec 2024 13:00:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 404 style.css
pembatalan-d4naapaylater.sekaiiwebs.rent/ 0
0 676ms
672ms Stylesheet
text/html 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/style.css
Requested by: Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2Bhoq679XtuCws9MXIlkNL42u4hwF8dtNkN%2Bd3E0fjKWQDQJTNwsVDLaUr7peGVG6Eynm4uSZtFrIsMEFxA7rsNNVJJMFMtTb%2Bb6S1JNyl6e6P4muQe0HY1TwWzqjtRbnoFF%2BCXfKvycPfkPRw3OVPmyXaKWDX6xHMVM"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f581c0beff57da1-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4629&min_rtt=4575&rtt_var=101&sent=21&recv=21&lost=0&retrans=0&sent_bytes=11822&recv_bytes=2527&delivery_rate=2190941&cwnd=257&unsent_bytes=0&cid=013e7af4b402f17b&ts=989&x=0"
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 361ms
115ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-fastly-request-id: 01af53ef7e98346d378891c66e285d76e7eaf267
content-encoding: gzip
etag: W/"5ad9e9ac-d17"
age: 548
x-github-request-id: 51EF:227911:D965ED:DFE757:675072E9
expires: Wed, 04 Dec 2024 15:29:05 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
x-served-by: cache-fra-eddf8230132-FRA
x-cache-hits: 2
vary: Accept-Encoding
cache-control: max-age=600
x-timer: S1734786598.010198,VS0,VE1
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1068
x-origin-cache: HIT
server: GitHub.com

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
651 B 361ms
115ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-fastly-request-id: 5bf5c5d1ded71f4eb0c44511a08538a62a5d9c6f
content-encoding: gzip
etag: W/"5ad9e9ac-3f5"
age: 356
x-github-request-id: 9E20:15DA9:5A2176:5C523E:6758C9CA
expires: Tue, 10 Dec 2024 23:17:54 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
x-served-by: cache-fra-eddf8230132-FRA
x-cache-hits: 1
vary: Accept-Encoding
cache-control: max-age=600
x-timer: S1734786598.010195,VS0,VE3
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 479
x-origin-cache: HIT
server: GitHub.com

GET
H2 200 jquery.min.js Show response
owlcarousel2.github.io/OwlCarousel2/assets/vendors/ 85 KB
30 KB 362ms
116ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/vendors/jquery.min.js
Requested by: Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-fastly-request-id: 41d4bf0484ea91f5ce431cf2a3429459764729e1
content-encoding: gzip
etag: W/"5ad9e9ac-1538f"
age: 82
x-github-request-id: B580:2FDC63:3CEDC5:3F947F:6757F3D9
expires: Tue, 10 Dec 2024 08:04:27 GMT
x-proxy-cache: HIT
x-cache: HIT
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
x-served-by: cache-fra-eddf8230132-FRA
x-cache-hits: 1
vary: Accept-Encoding
cache-control: max-age=600
x-timer: S1734786598.010397,VS0,VE3
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30544
x-origin-cache: HIT
server: GitHub.com

GET
H2 200 owl.carousel.js Show response
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/ 88 KB
20 KB 444ms
199ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/owl.carousel.js
Requested by: Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-fastly-request-id: 06c6fde20f29bbe46fa2605ee32e9264928d3e94
content-encoding: gzip
etag: W/"5ad9e9ac-15f88"
age: 256
x-github-request-id: 9225:7F7E3:43E132:45F5ED:6750E966
expires: Wed, 04 Dec 2024 23:54:38 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
x-served-by: cache-fra-eddf8230132-FRA
x-cache-hits: 1
vary: Accept-Encoding
cache-control: max-age=600
x-timer: S1734786598.010532,VS0,VE7
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20465
x-origin-cache: HIT
server: GitHub.com

GET
H2 200 dana-logo.fe46647.png
www.dana.id/_nuxt/img/ 12 KB
14 KB 431ms
131ms Image
image/png 2.16.168.203
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dana.id/_nuxt/img/dana-logo.fe46647.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.168.203 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-16-168-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';frame-src .google.com .youtube.com a.m.dana.id bytedance: sslocal:;img-src https: 'self' data: a.m.dana.id analytics.tiktok.com;style-src 'self' 'unsafe-inline' .dana.id fonts.googleapis.com ;media-src 'self' .dana.id blob:;font-src 'self' .dana.id data: fonts.gstatic.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' .dana.id app.link cdn.lr-ingest.io cdnjs.cloudflare.com .google-analytics.com cdn.jsdelivr.net static.cloudflareinsights.com googletagmanager.com .googletagmanager.com .google.com .gstatic.com .cloudflare.com unpkg.com .go-mpulse.net analytics.tiktok.com;connect-src 'self' dana.test .dana.id .branch.io .zendesk.com .google-analytics.com r.lr-ingest.io stats.g.doubleclick.net .instagram.com .googleusercontent.com .google.com *.gstatic.com blob: analytics.tiktok.com;worker-src 'self' data: blob:;form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

etag: W/"31f2-18c44d19c88"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1734786597927_34679916_62027501_352_13973_52_153_182";dur=1
x-ua-compatible: IE=Edge
date: Sat, 21 Dec 2024 13:09:58 GMT
content-type: image/png
last-modified: Thu, 07 Dec 2023 15:07:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';frame-src *.google.com *.youtube.com a.m.dana.id bytedance: sslocal:;img-src https: 'self' data: a.m.dana.id analytics.tiktok.com;style-src 'self' 'unsafe-inline' *.dana.id fonts.googleapis.com *;media-src 'self' *.dana.id blob:;font-src 'self' *.dana.id data: fonts.gstatic.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.dana.id app.link cdn.lr-ingest.io cdnjs.cloudflare.com *.google-analytics.com cdn.jsdelivr.net static.cloudflareinsights.com googletagmanager.com *.googletagmanager.com *.google.com *.gstatic.com *.cloudflare.com unpkg.com *.go-mpulse.net analytics.tiktok.com;connect-src 'self' dana.test *.dana.id *.branch.io *.zendesk.com *.google-analytics.com r.lr-ingest.io stats.g.doubleclick.net *.instagram.com *.googleusercontent.com *.google.com *.gstatic.com blob: analytics.tiktok.com;worker-src 'self' data: blob:;form-action 'self'
cache-control: public, no-transform, max-age=7028227
x-dns-prefetch-control: off
referrer-policy: origin
x-download-options: noopen
accept-ranges: bytes
content-length: 12786
x-xss-protection: 0, 1; mode=block

GET
H2 200 dana%20(1).gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQNzpuGIS5QM3WWvZJ7AogiYO798-n74QBGu6JctzygKBRSUxjNvdOzHq4B-arPIBbJ-7-ePR-o0Wfz8Zn_WrtZEG8NckwnrTEKLqDWs4e2Z6WGchWHRPFPe4XU77DhDEqTIkcXMLmVQvhH77A... 9 MB
9 MB 2007ms
1698ms Image
image/gif 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQNzpuGIS5QM3WWvZJ7AogiYO798-n74QBGu6JctzygKBRSUxjNvdOzHq4B-arPIBbJ-7-ePR-o0Wfz8Zn_WrtZEG8NckwnrTEKLqDWs4e2Z6WGchWHRPFPe4XU77DhDEqTIkcXMLmVQvhH77ARkJ9OLvJxO9Hx-Kf5TpN9evFCbrZ4fdY5QughuS2V4Y/s400/dana%20(1).gif

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

f7ee67fb273b1127901372faa0ad888110b7189b617e2a25daf2e1324c388124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v110e"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9948095
date: Sat, 21 Dec 2024 13:09:59 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="dana (1).gif"

GET
H2 200 1706678558-WebBanner-DANAscaVAngerHunt-500x300px.png
a.m.dana.id/danaweb/promo/ 88 KB
89 KB 510ms
237ms Image
image/png 163.181.131.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.m.dana.id/danaweb/promo/1706678558-WebBanner-DANAscaVAngerHunt-500x300px.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.131.212 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

321a1d5b95c63688dbccd24b27f66f18a4f1d57cd50fe6e006b23c0bcfeb04f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-oss-cdn-auth: success
content-md5: ZCU1LdowKXHZgPjzYavqAA==
x-oss-storage-class: Standard
etag: "6425352DDA302971D980F8F361ABEA00"
age: 1022848
x-oss-object-type: Normal
access-control-allow-methods: GET
x-cache: HIT TCP_HIT dirn:7:68211748
date: Mon, 09 Dec 2024 17:02:30 GMT
x-oss-server-time: 17
content-type: image/png
vary: Origin
last-modified: Wed, 31 Jan 2024 05:22:38 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 1724275
timing-allow-origin: *
x-oss-hash-crc64ecma: 14781076384737412473
via: ens-cache11.l2de3[0,0,200-0,H], ens-cache9.l2de3[1,0], ens-cache6.de7[0,27,200-0,H], ens-cache4.de7[57,0]
ali-swift-global-savetime: 1733763750
x-swift-savetime: Thu, 19 Dec 2024 18:04:35 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b5839817347865985152689e
content-length: 90503
x-oss-request-id: 675722A613185C31343E72A4
server: Tengine

GET
H2 200 1706850538-010224-EIS157-eMAS_10__Cashback-Web_Banner-Thumbnails.png
a.m.dana.id/danaweb/promo/ 57 KB
58 KB 392ms
338ms Image
image/png 163.181.131.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.m.dana.id/danaweb/promo/1706850538-010224-EIS157-eMAS_10__Cashback-Web_Banner-Thumbnails.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.131.212 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

fa8bd76fc016aa0440c100a6552c083b59503283941443ba3bb5f9706c4aad2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-oss-cdn-auth: success
content-md5: 04xyAQ+e2K/bzcWT6kcE4A==
x-oss-storage-class: Standard
etag: "D38C72010F9ED8AFDBCDC593EA4704E0"
age: 1023026
x-oss-object-type: Normal
access-control-allow-methods: GET
x-cache: HIT TCP_HIT dirn:0:16383366
date: Mon, 09 Dec 2024 16:59:32 GMT
x-oss-server-time: 16
content-type: image/png
vary: Origin
last-modified: Fri, 02 Feb 2024 05:08:58 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 1647399
timing-allow-origin: *
x-oss-hash-crc64ecma: 14184959022794736628
via: cache22.l2fr1[0,0,200-0,H], cache5.l2fr1[1,0], ens-cache5.de7[0,58,200-0,H], ens-cache4.de7[60,0]
ali-swift-global-savetime: 1733763572
x-swift-savetime: Fri, 20 Dec 2024 15:22:53 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b5839817347865985152692e
content-length: 58746
x-oss-request-id: 675721F43135E43832770C98
server: Tengine

GET
H2 200 1707410449-e-MAS_CB_75K_-_Website_Thumbnail_500x300p.png
a.m.dana.id/danaweb/promo/ 33 KB
34 KB 217ms
163ms Image
image/png 163.181.131.212
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.m.dana.id/danaweb/promo/1707410449-e-MAS_CB_75K_-_Website_Thumbnail_500x300p.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.131.212 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

870bb715451067c3d735293e32b480227fe798f6b6d18beb80c4048b628ad828

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

x-oss-cdn-auth: success
content-md5: s7g+f2lbrQqAMDbF8gvWhw==
x-oss-storage-class: Standard
etag: "B3B83E7F695BAD0A803036C5F20BD687"
age: 1023026
x-oss-object-type: Normal
access-control-allow-methods: GET
x-cache: MISS TCP_MISS dirn:12:19459835
date: Mon, 09 Dec 2024 16:59:32 GMT
x-oss-server-time: 22
content-type: image/png
vary: Origin
last-modified: Thu, 08 Feb 2024 16:40:49 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 1568974
timing-allow-origin: *
x-oss-hash-crc64ecma: 14656377402812564418
via: cache18.l2fr1[0,0,200-0,H], cache34.l2fr1[1,0], ens-cache2.de7[27,28,200-0,M], ens-cache4.de7[31,0]
ali-swift-global-savetime: 1733763572
x-swift-savetime: Sat, 21 Dec 2024 13:09:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b5839817347865985152695e
content-length: 34159
x-oss-request-id: 675721F49E67023239E05935
server: Tengine

GET
H2 200 AddText_12-21-12.32.33.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRuW6U6dh3zHya46wmfDGBPxD1VxQW3A6T7pe6jFaBvjEigmXH0OJfqnxoGSpDQ6_BkBIg6BWwon94vEqDib5OKCYcQSXVHLt2U5oZ_T4LcynKiK08F3mJlCzD90mhxocCY0IVuKCGXKtOk2eK... 321 KB
322 KB 432ms
430ms Image
image/jpeg 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRuW6U6dh3zHya46wmfDGBPxD1VxQW3A6T7pe6jFaBvjEigmXH0OJfqnxoGSpDQ6_BkBIg6BWwon94vEqDib5OKCYcQSXVHLt2U5oZ_T4LcynKiK08F3mJlCzD90mhxocCY0IVuKCGXKtOk2eKo5KkrlcjcUF_Uewa5f-j5_u5Dm7ZlQQyoYycQuw7rE8/s1080/AddText_12-21-12.32.33.jpg

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

cfab4d9559c5b12016386dedfebd77cda62d31984ff0cd965de46346def6f1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vd64"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329151
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="AddText_12-21-12.32.33.jpg"

GET
H2 200 AddText_12-21-12.44.48.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkZAkIZGHEXRjc_FpkfEsXMrXRTzj8Qbd9tfZCVCM5oBTJ1aappFW8gcWIIiE_Bx9xs92V43KRwFtXqxlWVXL0X4xJK65urazsQOM2rf2KqW41Iu4Kqsci2opoQYLXDIeOaP5o7qfHkHeAt3la... 170 KB
170 KB 690ms
688ms Image
image/jpeg 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkZAkIZGHEXRjc_FpkfEsXMrXRTzj8Qbd9tfZCVCM5oBTJ1aappFW8gcWIIiE_Bx9xs92V43KRwFtXqxlWVXL0X4xJK65urazsQOM2rf2KqW41Iu4Kqsci2opoQYLXDIeOaP5o7qfHkHeAt3la_alR2e7Oc9B0Wm_4-XgELyqZ43a31yTDwjT-ax4BT4I/s1080/AddText_12-21-12.44.48.jpg

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

6563b4709dfbc135783c9cee377408cd5c25316913e511de8daf8c136e197aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vd65"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173685
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="AddText_12-21-12.44.48.jpg"

GET
H2 200 AddText_12-25-01.43.43.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1DlNIZMZwlCLmLWLKDIQI8wIMl54h-fyVu1xDTk5LqBsgDWj_G-NirAlcTi4P8aXnspoes5dyt-xp9pdIFG-MdBRhKJJB5un6s713vA7GZNwIspuuE2QR_quy_wL1xJ2htXc5_38pU4xFQDRr... 268 KB
269 KB 678ms
676ms Image
image/jpeg 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1DlNIZMZwlCLmLWLKDIQI8wIMl54h-fyVu1xDTk5LqBsgDWj_G-NirAlcTi4P8aXnspoes5dyt-xp9pdIFG-MdBRhKJJB5un6s713vA7GZNwIspuuE2QR_quy_wL1xJ2htXc5_38pU4xFQDRrjX3K0JkI_eEojnRJYTXj3fgipX0atm8VZjdfDSSbHAo/s1080/AddText_12-25-01.43.43.jpg

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

3e8320d7ef90b3b47a135981af85921a52cf0ee39796d286c70e04f727a2cfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vd8f"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274902
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="AddText_12-25-01.43.43.jpg"

GET
H2 200 AddText_02-05-05.34.58.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYo-GsnUUKLNEPq8tvu2jEOSBVFmtKIl-4NO3rCBHwMFehYhF3DWiR7c0tgnAlb1sWhjoCC6B82S6ypZJ13t-2FB851EHm6SzCpI3YGlVtTi1Hldf4MORJPdxKQ1ghCWf7x4ilcKtTxPurpQAu... 285 KB
285 KB 751ms
750ms Image
image/jpeg 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYo-GsnUUKLNEPq8tvu2jEOSBVFmtKIl-4NO3rCBHwMFehYhF3DWiR7c0tgnAlb1sWhjoCC6B82S6ypZJ13t-2FB851EHm6SzCpI3YGlVtTi1Hldf4MORJPdxKQ1ghCWf7x4ilcKtTxPurpQAudh9nAgziFkImNZuaTo80538roOfUyhqEtY-QLYyavss/s1080/AddText_02-05-05.34.58.jpg

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

27daa276c39caf6224741897b2677db7f81c5497f7324dc734f3b332f89b4a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vfbc"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292070
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="AddText_02-05-05.34.58.jpg"

GET
H2 200 load_bg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8hbZEfutKvr9pkj0-mkJYWt-1SBtt3gw-HFOEZc0172okrp0SFHLaW3PRGVDm1U0P7WWEMELIw4nlq1_1gCgyZBo3cxf-OJNpguNamdJryCkGU-hTHiW3RyOv5JD9eIjXTFtrJFCVn0ae4RxG... 8 KB
8 KB 527ms
525ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8hbZEfutKvr9pkj0-mkJYWt-1SBtt3gw-HFOEZc0172okrp0SFHLaW3PRGVDm1U0P7WWEMELIw4nlq1_1gCgyZBo3cxf-OJNpguNamdJryCkGU-hTHiW3RyOv5JD9eIjXTFtrJFCVn0ae4RxG4Oi-czAP20tEaJI3OstxFAbtOwtFxp6RvOHc6NZL/s1600/load_bg.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

9f2f502509f3cdd2e98dc540b4f7dd57a7962524012e0210e1ef64cee17d79ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v60c"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7768
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="load_bg.png"

GET
H2 200 load_spin.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhl9xJVYWF_a9vAhgW5QQgozvZVADTaJgIX64iO7a5sQuMpSoPBK3zfKjvT6xc9fZPfxZz39mjk1H_oZOOOtYvO1l7DkWNqiD5LJyGYdwDNyHuyqLk_Ix6eFs3aLCG2yUXVwtsnj0BXTA40WZme... 5 KB
5 KB 663ms
662ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhl9xJVYWF_a9vAhgW5QQgozvZVADTaJgIX64iO7a5sQuMpSoPBK3zfKjvT6xc9fZPfxZz39mjk1H_oZOOOtYvO1l7DkWNqiD5LJyGYdwDNyHuyqLk_Ix6eFs3aLCG2yUXVwtsnj0BXTA40WZmecyLyCIm_ff0xNkkOvkuKBOl6yfS-QjI_EJrIyGtU/s1600/load_spin.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

f386554dbf390b4ab08123fb5466f5d833c12de955344ce9ea722e1182cc473f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v60d"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4995
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="load_spin.png"

GET
H2 200 1704436332522.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW-3Xsq1r5wVb5r0tfUzFr9KzB9hy1r0-W4GkBcDTnYujbw_NNeMWw-l8MZCk4RYNJpcSZRf5tv-TPa5HnYvv_x-EzticmLwx1vO4bIlqTJAiyk4-i96QjCFlPHT8BMy9nF15ISyjxVVOz2DAv... 90 KB
90 KB 778ms
777ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW-3Xsq1r5wVb5r0tfUzFr9KzB9hy1r0-W4GkBcDTnYujbw_NNeMWw-l8MZCk4RYNJpcSZRf5tv-TPa5HnYvv_x-EzticmLwx1vO4bIlqTJAiyk4-i96QjCFlPHT8BMy9nF15ISyjxVVOz2DAv8osBBR9onrE3lJf96Vw5erolKuss9ZrTFAFhoJAU4Js/s1080/1704436332522.png

Requested by

Host: pembatalan-d4naapaylater.sekaiiwebs.rent
URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

fife /

Resource Hash

00126c88e5f527e92a6095ca9dc1daa3cde773531debdd68257550f1eb99b638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vdf7"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92417
date: Sat, 21 Dec 2024 13:09:58 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="1704436332522.png"

GET
H3 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v20/ 21 KB
21 KB 243ms
116ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v20/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pembatalan-d4naapaylater.sekaiiwebs.rent
Referer: https://fonts.googleapis.com/

Response headers

age: 390781
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 00:36:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 00:36:57 GMT
last-modified: Wed, 15 Feb 2023 23:41:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21808
x-xss-protection: 0
server: sffe

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 11 KB
12 KB 397ms
133ms Other
image/jpeg 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQZ9dATs_nkzyO-gSoQWbtIhJV7bG51r3gOKg&usqp=CAU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

0546f98f9019a3d2afbe9372ba08aba895e2aa716bd0fec8e78ff5879162f134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pembatalan-d4naapaylater.sekaiiwebs.rent/

Response headers

age: 0
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Sun, 21 Dec 2025 13:10:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Dec 2024 13:10:01 GMT
last-modified: Sun, 15 Sep 2019 17:10:09 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 11540
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DANA (Financial)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pembatalan-d4naapaylater.sekaiiwebs.rent/style.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.m.dana.id
blogger.googleusercontent.com
cdnjs.cloudflare.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
owlcarousel2.github.io
pembatalan-d4naapaylater.sekaiiwebs.rent
shorturl.asia
www.dana.id
104.17.25.14
104.21.112.1
142.250.181.227
142.250.186.110
163.181.131.212
172.217.16.202
172.67.69.104
185.199.111.153
2.16.168.203
216.58.206.33
00126c88e5f527e92a6095ca9dc1daa3cde773531debdd68257550f1eb99b638
0546f98f9019a3d2afbe9372ba08aba895e2aa716bd0fec8e78ff5879162f134
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd
27daa276c39caf6224741897b2677db7f81c5497f7324dc734f3b332f89b4a6e
321a1d5b95c63688dbccd24b27f66f18a4f1d57cd50fe6e006b23c0bcfeb04f1
3e8320d7ef90b3b47a135981af85921a52cf0ee39796d286c70e04f727a2cfa5
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
6563b4709dfbc135783c9cee377408cd5c25316913e511de8daf8c136e197aa2
67fc16e787ff126badb1c8e2ccbb22bc57c1d8470c51b43ddcf73eadbf5777c0
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
870bb715451067c3d735293e32b480227fe798f6b6d18beb80c4048b628ad828
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9f2f502509f3cdd2e98dc540b4f7dd57a7962524012e0210e1ef64cee17d79ae
c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853
cfab4d9559c5b12016386dedfebd77cda62d31984ff0cd965de46346def6f1b2
d144d92ad388cf8f35465af047943e92b78b78fce585a28284a3b2086424646d
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
f386554dbf390b4ab08123fb5466f5d833c12de955344ce9ea722e1182cc473f
f7ee67fb273b1127901372faa0ad888110b7189b617e2a25daf2e1324c388124
fa8bd76fc016aa0440c100a6552c083b59503283941443ba3bb5f9706c4aad2a

pembatalan-d4naapaylater.sekaiiwebs.rent Open in urlscan Pro 104.21.112.1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

9 IPs

4 Countries

11159 kBTransfer

11285 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

pembatalan-d4naapaylater.sekaiiwebs.rent Open in urlscan Pro
104.21.112.1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

11159 kB
Transfer

11285 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!