urlscan.io logo urlscan.io
SecurityTrails logo

pay.tokopedia.com Open in urlscan Pro
104.75.89.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Submission: On December 14 via manual from ID
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 104.75.89.108, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is pay.tokopedia.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 18th 2019. Valid for: 2 years.
This is the only time pay.tokopedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.75.89.108 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 95.101.27.168 20940 (AKAMAI-ASN1)
2 2.16.186.16 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
8 5
1    104.75.89.108 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-108.deploy.static.akamaitechnologies.com
pay.tokopedia.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    95.101.27.168 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a95-101-27-168.deploy.static.akamaitechnologies.com
cdn.tokopedia.net
2    2.16.186.16 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-16.deploy.static.akamaitechnologies.com
ecs7.tokopedia.net
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 cdn.tokopedia.net pay.tokopedia.com
cdn.tokopedia.net
2 ecs7.tokopedia.net pay.tokopedia.com
cdn.tokopedia.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com pay.tokopedia.com
1 pay.tokopedia.com
8 5

This site contains no links.

Subject Issuer Validity Valid
*.tokopedia.com
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-10-13		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
tokopedia.net
Let's Encrypt Authority X3		 2020-10-26 -
2021-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Frame ID: 21043A030D50E11812687D678FF7AFFB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

152 kB
Transfer

512 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request KREDIVO
pay.tokopedia.com/v2/payment/thanks/ 		2 KB
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.108 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-108.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
13305ee31fe7fe04d172b50d61c3f29a6deb0ce996e4fda8caf4398409c8058c

Request headers

:method
GET
:authority
pay.tokopedia.com
:scheme
https
:path
/v2/payment/thanks/KREDIVO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
server
nginx
x-tkp-srv-id
ip-10-0-12-222
content-encoding
gzip
date
Mon, 14 Dec 2020 08:28:19 GMT
content-length
744
vary
Accept-Encoding
css
fonts.googleapis.com/ 		8 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600
Requested by
Host: pay.tokopedia.com
URL: https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ab8e10a2899594d4fc6daeb76ce2539546d1a636e51fb7d89bd0a85c3a988e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 08:28:19 GMT
server
ESF
date
Mon, 14 Dec 2020 08:28:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Dec 2020 08:28:19 GMT
90c7d2e5ed198804e75a046a6dea93bd.css
cdn.tokopedia.net/built/ 		269 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.tokopedia.net/built/90c7d2e5ed198804e75a046a6dea93bd.css
Requested by
Host: pay.tokopedia.com
URL: https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.168 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a95-101-27-168.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4a1ec0676f229a2ed0099ffa8b909dabca3e9e20e08ee06e87752d7106446a9d

Request headers

Referer
https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 08:28:19 GMT
content-encoding
br
x-oss-request-id
5FB39F52DDD9CB3630AD7B4D
content-md5
91ZaK811k//YmJYzB0V1cw==
content-length
39328
x-oss-object-type
Normal
last-modified
Tue, 17 Nov 2020 10:00:52 GMT
server
Akamai Resource Optimizer
access-control-max-age
31536000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=29208670
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9503501873839576134
x-oss-server-time
1
expires
Wed, 17 Nov 2021 09:59:29 GMT
068f9578183c45725c60e1d6dc16a1aa.js
cdn.tokopedia.net/built/ 		169 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tokopedia.net/built/068f9578183c45725c60e1d6dc16a1aa.js
Requested by
Host: pay.tokopedia.com
URL: https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.168 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a95-101-27-168.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
39a47164f94b53a2183a31bdc052085c6037db4ea9581cc2e5bc0584f8caa973

Request headers

Referer
https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 08:28:19 GMT
content-encoding
br
x-oss-request-id
5FD330FCDDD9CB3532B6C546
content-md5
D4C5w/kAXdQxfxXxW6LTPA==
content-length
46302
x-oss-object-type
Normal
last-modified
Fri, 11 Dec 2020 08:42:37 GMT
server
Akamai Resource Optimizer
access-control-max-age
31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31277731
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1859023860831226159
x-oss-server-time
64
expires
Sat, 11 Dec 2021 08:43:50 GMT
totopolis-failed.png
ecs7.tokopedia.net/img/toppay/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs7.tokopedia.net/img/toppay/totopolis-failed.png
Requested by
Host: pay.tokopedia.com
URL: https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffe0ba302cbbfe30605439b1fb880148d6a7196f5a408782e9e62d0f1b61a7f

Request headers

Referer
https://pay.tokopedia.com/v2/payment/thanks/KREDIVO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
1_1ILekY_BlIFRAwIORZM3.gQ2LlwTDv
last-modified
Thu, 08 Aug 2019 03:03:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:4005/gname:tokopedia/uname:apache/gid:1010/mode:33277/mtime:1565233325/atime:1565233385/md5:e6a2dd66132592ec82d92d089c7005a7/ctime:1565233383
x-amz-request-id
94DD169AE0C49BC5
etag
"e6a2dd66132592ec82d92d089c7005a7"
access-control-max-age
31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=25500889
date
Mon, 14 Dec 2020 08:28:19 GMT
accept-ranges
bytes
content-length
33253
x-amz-id-2
DThVB9c6X/0YUfUycvXvMtgogNnvOVD1IdzXym5rlqZWgeovP97NsxA3rvFz6bSxqrxyFv8DC50=
expires
Tue, 05 Oct 2021 12:03:08 GMT
glyph_back_black.png
ecs7.tokopedia.net/img/toppay/sprites/ 		445 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs7.tokopedia.net/img/toppay/sprites/glyph_back_black.png
Requested by
Host: cdn.tokopedia.net
URL: https://cdn.tokopedia.net/built/90c7d2e5ed198804e75a046a6dea93bd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b6be797ae2802969d6f9d3a3b98c2a2887df31626d574808f94ccf5ad6fa3b91

Request headers

Referer
https://cdn.tokopedia.net/built/90c7d2e5ed198804e75a046a6dea93bd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
heaLm8NBRP2WiRM7r8GHgTRiTXU6GMFS
last-modified
Thu, 25 Jul 2019 07:55:05 GMT
server
AmazonS3
x-amz-request-id
FAD937CAA5D89055
etag
"bc5cceb6a6a6a5c3ae9e5192854456c1"
access-control-max-age
31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=25495655
date
Mon, 14 Dec 2020 08:28:19 GMT
accept-ranges
bytes
content-length
445
x-amz-id-2
tRekKDHkQaLTeH1p3I2ezPlbV1OybPo0OTFFK/grdGYb8FcY11pBo1Bb0jo2ok6hVxr4D0QgT0M=
expires
Tue, 05 Oct 2021 10:35:54 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pay.tokopedia.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 01:25:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
111783
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Mon, 13 Dec 2021 01:25:16 GMT
OpenSans.woff
cdn.tokopedia.net/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.tokopedia.net/fonts/OpenSans.woff
Requested by
Host: cdn.tokopedia.net
URL: https://cdn.tokopedia.net/built/90c7d2e5ed198804e75a046a6dea93bd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.168 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a95-101-27-168.deploy.static.akamaitechnologies.com
Software
AliyunOSS /
Resource Hash
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Request headers

Origin
https://pay.tokopedia.com
Referer
https://cdn.tokopedia.net/built/90c7d2e5ed198804e75a046a6dea93bd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 08:28:19 GMT
x-oss-request-id
5F7AECF1D06C7B383924233E
content-md5
eVFa0HiJc8UzQF9wEt/szQ==
content-length
22660
x-oss-object-type
Normal
last-modified
Wed, 28 Feb 2018 10:03:12 GMT
server
AliyunOSS
etag
"79515AD0788973C533405F7012DFECCD"
access-control-max-age
31536000
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=25493044
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14898694852595281058
x-oss-server-time
46
expires
Tue, 05 Oct 2021 09:52:23 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| gtmEnable undefined| changePaymentReq string| selfChangeURL function| backButtonFailedProcessing function| handlePop function| handlePopAndroid function| handleBack function| handleSubscriptionBack function| callChangePayment function| isScroogeWebview function| getTypeWebView function| setCookie function| getCookie function| isIFrameMode function| toCloseButton function| toBackButton function| toIDR function| toNumber function| getMonthName function| enableButtonBayar function| disableButtonBayar function| waitButtonBayar string| communicationGateway function| initGatewayComm function| isProtectedURL object| validOrigin function| isValidOrigin function| receiveMessage function| initComunication function| postComunication function| detectWebView function| openPrismalinkWebview function| detectWebViewDomCheck object| snackbarTimeout function| openSnackbarPopup function| closeSnackbarPopup function| handleRequiredInput function| toggleButton function| initListClick function| fillInstallmentValue function| callUnfToasterSuccess function| closeToasterSuccess function| callUnfToasterError function| closeToasterError undefined| counter function| initCitiReward function| resetCounter function| openBottomSheetUnf function| closeBottomSheetUnf function| validateRegisterCitiRewards function| alertErrorRewards function| removeAlertErrorRewards function| showLoadingOTP function| showLoadOTPPage function| hideAllHCIOTPFunction function| showLoadFailedOTPPage function| requestInitSendOTP function| requestSendOTPDone function| numberWithoutCommas function| openNewBottomSheet function| closeNewBottomSheet function| openTooltips function| closeTooltips function| showPopupDialog function| hidePopupDialog function| initNewBottomSheet function| initOverlay function| initInputField function| resetInputMessage function| resetInputField function| numberBeautifier function| removeSpace function| timeConverter function| getUrlVars function| createObjectJSON function| initCollapseTips function| isUsePartialSaldo function| isUsePartialSaldoSeller function| isUsePartialOVO function| isUseCashPoints function| openIllustratedDialog function| closeIllustratedDialog function| initPrimaryActionIllustratedDialog function| initSecondaryActionIllustratedDialog function| initValidBackURL function| initCitiEasyPay function| initTabMenu function| backButtonProcessing function| linkajaInitInterval function| linkajaApplinkRedirect function| dummyFunction function| checkLinkajaStatus function| pushGTMCheckout function| pushGTMPurchase function| pushGTMPay function| pushGTMData function| getLabel function| PushGTMPromo function| $ function| jQuery boolean| enableChange boolean| showBackURL string| backURL string| isExpired

0 Cookies