flightadmin.selloffvacations.com Open in urlscan Pro
54.165.100.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://flightadmin.selloffvacations.com/?site=haha178
Submission Tags: @phish_report
Submission: On July 11 via api (July 11th 2024, 10:50:27 am UTC) from FI — Scanned from FI

Summary HTTP 28 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 54.165.100.18, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is flightadmin.selloffvacations.com.

This is the only time flightadmin.selloffvacations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.165.100.18 54.165.100.18	14618 (AMAZON-AES) (AMAZON-AES)
1	2.19.126.206 2.19.126.206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	172.67.198.249 172.67.198.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
28	7

1 54.165.100.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-100-18.compute-1.amazonaws.com

flightadmin.selloffvacations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.206 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-206.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

budaya.unrum.ac.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.198.249 (United States)

ASN13335 (CLOUDFLARENET, US)

gcdnb.pbrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	unrum.ac.id budaya.unrum.ac.id Failed	194 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	73 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	275 B
1	pbrd.co gcdnb.pbrd.co — Cisco Umbrella Rank: 285914	77 KB
1	typekit.net use.typekit.net — Cisco Umbrella Rank: 1169	7 KB
1	selloffvacations.com flightadmin.selloffvacations.com	77 KB
0	upcloudobjects.com Failed wibu.sg-sin1.upcloudobjects.com Failed
28	7

	Domain	Requested by
12	budaya.unrum.ac.id	flightadmin.selloffvacations.com budaya.unrum.ac.id
2	connect.facebook.net	flightadmin.selloffvacations.com connect.facebook.net
1	www.facebook.com	flightadmin.selloffvacations.com
1	gcdnb.pbrd.co	flightadmin.selloffvacations.com
1	use.typekit.net	flightadmin.selloffvacations.com
1	flightadmin.selloffvacations.com
0	wibu.sg-sin1.upcloudobjects.com Failed	flightadmin.selloffvacations.com
28	7

This site contains links to these domains. Also see Links.

Domain
us1poets.com
bot-untuk-semesta.fr
www.ildandyrestaurant.com
coderededucation.com
jokiwinjago.com
woolrugpads.com

Subject Issuer	Validity	Valid
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
unrum.ac.id WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-19` - `2024-07-18`	3 months	crt.sh
pbrd.co WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://flightadmin.selloffvacations.com/?site=haha178
Frame ID: 89167AEFC7800C0332F5E6F74319CD4F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

haha178 🀄 Daftar Situs Slot Gacor Mahjong Wins Terpercaya Winrate 97%

Page URL History Show full URLs

http://flightadmin.selloffvacations.com/?site=haha178 HTTP 307
https://flightadmin.selloffvacations.com/?site=haha178 HTTP 307
http://flightadmin.selloffvacations.com/?site=haha178 Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Lightbox (JavaScript Libraries) Expand

Page Statistics

28
Requests

61 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

430 kB
Transfer

2069 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://us1poets.com/
Title: Slot online

Search URL Search Domain Scan URL

URL: https://bot-untuk-semesta.fr/account/register/bolumeranti

Search URL Search Domain Scan URL

URL: https://www.ildandyrestaurant.com/
Title: infini88

Search URL Search Domain Scan URL

URL: https://coderededucation.com/
Title: okezone88

Search URL Search Domain Scan URL

URL: https://jokiwinjago.com/
Title: jokiwin

Search URL Search Domain Scan URL

URL: https://woolrugpads.com/
Title: osbet33

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://flightadmin.selloffvacations.com/?site=haha178 HTTP 307
https://flightadmin.selloffvacations.com/?site=haha178 HTTP 307
http://flightadmin.selloffvacations.com/?site=haha178 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
flightadmin.selloffvacations.com/
Redirect Chain

http://flightadmin.selloffvacations.com/?site=haha178
https://flightadmin.selloffvacations.com/?site=haha178
http://flightadmin.selloffvacations.com/?site=haha178

77 KB
77 KB

1538ms
1538ms

Document
text/html

54.165.100.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://flightadmin.selloffvacations.com/?site=haha178
Protocol: HTTP/1.1
Server: 54.165.100.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-100-18.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b7b7b6b1bd3e7e314e661c405492908f8a934cee89272d765496f92338cf1e5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Jul 2024 10:50:18 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Location: http://flightadmin.selloffvacations.com/?site=haha178
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 2zn7lZ0CQOcilb4BUvXEHG2MlgydgWj3MwGMLa7jixJfezw2fFHN4UJLFRbh52jhWDjujDmqZc9h5ejkFRJhwDqhwQIuwDByjs72MkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-Y83ZW4KdhUz-AbljAu8i... Show response
use.typekit.net/ik/ 17 KB
7 KB 923ms
149ms Script
text/javascript 2.19.126.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/2zn7lZ0CQOcilb4BUvXEHG2MlgydgWj3MwGMLa7jixJfezw2fFHN4UJLFRbh52jhWDjujDmqZc9h5ejkFRJhwDqhwQIuwDByjs72MkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-Y83ZW4KdhUz-AbljAu8ieyoSabliailZKoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeyoSemkjcNCdh8qOABlZWsGpWFXOWiadAj0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoGpWg8Sc4zdeNTZfuydAmX-Y8DifuaihucO1FUiABkZWF3jAF8OcFzdPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPJV-eBCpABkZfuq-WF3deBoH6GJojtfIMMjMkMfH6GJ_jtfIMMjgkMfH6GJoGtfIMMj2PMfH6GJ_GtfIMMjIPMfqMY1zop0g6.js

Requested by

Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-206.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cd5c218aa57366a2fb6bf3254d667a39f455b95a39fffb125c27ed2377a2b268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 11 Jul 2024 10:50:19 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6738

GET modern.js
budaya.unrum.ac.id/@sqs/polyfiller/1.6/ 0
0

GET extract-css-runtime-c3c5ff11b7581fdc25fd-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET extract-css-moment-js-vendor-675f9459672cf966ca51-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET cldr-resource-pack-a682f7ad337741eb05d6-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET common-vendors-stable-f9df4447a2af25df5875-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET common-vendors-a3ebfa3c7d66af78cb71-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET common-8acacf251642d0700f75-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET commerce-b426cfc98e39ae5666a2-min.id-ID.js
budaya.unrum.ac.id/universal/scripts-compressed/ 0
0

GET
H2 200 commerce-af8809f2481c48376f6a-min.id-ID.css
budaya.unrum.ac.id/universal/styles-compressed/ 114 B
619 B 1355ms
530ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/universal/styles-compressed/commerce-af8809f2481c48376f6a-min.id-ID.css
Requested by: Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a011d24d5adb2251df37588d10decb44b5d32dab16c7362d8e965210c6c291

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "72-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtXHsl3eaFevI2OyVDppRYdSN9epdkI1qNS7%2FQdztRWTBRXLu47ZfkdNagYghf28xtTeylYHgxLQnkIXmpG7XEa7manFNiqiKLqbzHSj6Zu7byQkW7HZgIf0x8LYu2BJrS7q8%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b5e3ea89304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 123

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 642ms
109ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 10:50:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=12, mss=1392, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: P0A1WXKyhvrUWK06K6eE0BvGxN+tlwiRk0Rotj/cPxY28LAY2ziEbhSJbg9WtE9JtNwSbZEFN5CN9ZtKxuh8QA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 site.css
budaya.unrum.ac.id/static/versioned-site-css/65c5dfe68f262639611531aa/1/5c5a519771c10ba3470d8101/65c5dfe68f262639611531b3/1492/ 1 MB
114 KB 1484ms
780ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/versioned-site-css/65c5dfe68f262639611531aa/1/5c5a519771c10ba3470d8101/65c5dfe68f262639611531b3/1492/site.css
Requested by: Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c090c1105cdd313597505ba5c1b2a1b5cefe44838688f1977ab46cb4e4540a31

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "131853-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SijCxi%2BDoGAm8pL3zjRHLVSf2bLjEn1nDP6Mrl%2FfcEeyQhMxbG32Ylq3YXNCvkxRPXseZRjxocsPZoR00hpSmuMdoLplO9RHlBzM2JPFrHOwH31xQjKkFRiw3AyOkJRnk0wg%2Fbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a183b5e3eb29304-CPH
alt-svc: h3=":443"; ma=86400

GET
H2 200 static.css
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/ 129 KB
10 KB 1304ms
601ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1706811132467-QIR6O63RE5GI9HXI9ESJ/static.css
Requested by: Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec042ce78fcc2ff9912bd2a609fa03cf92de6738d89cd1f1b83df0564ac25103

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:19 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20326-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VIkNuqfqjefaAHlppR8Ij3sz%2F97vOVYPiW2duTHR7WVR%2FA3ClQgfOTFIsSrJqAKuIE5TRWLoRpLO%2BMfMLNSxR33XPvxUpFu3QzK%2BdC5ZhKYmx%2B3%2FareLf%2FAh2DFqyl%2FBNc2pPwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b5e3eae9304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 9907

GET
H2 200 ZzQGzUt8HI4p.gif
gcdnb.pbrd.co/images/ 76 KB
77 KB 747ms
183ms Image
image/gif 172.67.198.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcdnb.pbrd.co/images/ZzQGzUt8HI4p.gif?o=1
Requested by: Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.198.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952c3443c9becf5a3240efbd49c7b8c16f2549a761fdf4cd14a770b0155e5eff

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1806
x-guploader-uploadid: ABPtcPqNVhhilkMjh3LvP0RbUcQPtZ8-J7oIU_3tppwt6M-JOlGMU1knuSsQs7ifiGqJ1wn6DhsNnvkANQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 78254
cf-bgj: h2pri,csam-hash
last-modified: Wed, 24 Apr 2024 13:01:22 GMT
server: cloudflare
etag: "8d91238a99487bfde70490bbef7ee09c"
vary: Accept-Encoding
x-goog-generation: 1713963682021790
content-type: image/gif
x-goog-hash: crc32c=JMTxNQ==, md5=jZEjiplIe/3nBJC7737gnA==
cache-control: public, max-age=14400
x-goog-expiration: Tue, 23 Jul 2024 13:01:22 GMT
x-goog-stored-content-length: 78254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHl%2ByCYlBLR5KFCd9AvXBouly2JrV6knLAvfxbejGxtFhlo%2FVi4YYETk%2FUke6r4L3hCunkGsskKnH%2B2q8w6QugftuqENZj2RNYONIyZFT%2FvKhUp1tRFo4MXWdHjxNop3"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a183b5e3e8f0bd5-AMS
expires: Thu, 11 Jul 2024 11:20:13 GMT

GET
H2 200 site-bundle.b502231aaf751bf844c833e9880528bf.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 176 KB
43 KB 776ms
776ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Requested by: Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c27ccb6847169046967ad04fa657e7d6ecb45af26447805997af6d1274ff90a

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2bec7-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbi7%2FAttdJEOLHNyAHO%2BIX319iWrSyuQ0PVGfoPOCT%2FF3slghK2BtMomVegi9J8Rqi4u8eyWDlDVBLnV2YHg%2BRYreIB6EMdsxEgEzHHXUarNXMcs1aJ6W6UgWjeKwbyhLX5dy3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b656c0d9304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 43745

GET
H2 200 1217498792744769 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 113ms
104ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1217498792744769?v=2.9.161&r=stable&domain=flightadmin.selloffvacations.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

293d50a3c71ae7e642a32f5c78a4a1d1b6832c2099c98ff61adcc8090ab7f809

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 10:50:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13796
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=58, mss=1392, tbw=64171, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: 3tzs7aub4Zego5uxijV8mr/v/qSo9p+WaRIxag2COldOmW8mfjY4yhgnle5wDnuV2EvMAjZIIqLfJ2Ygwm+xrw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 241.b38453ae9aa40e67c15b.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 8 KB
3 KB 574ms
565ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21cc-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBn%2FZstGouaWaIS7KxsK2gjlI5AaakoXabtUZuGM%2B1kEnxciTHyAig2GPx%2FWuJ5GTZWLNFrKN2K9rSpoa%2Fll6wjGLyTyrV1Ih0brMs4oKy4ftsC3T3zpur9uGD3XGpGyylv71OQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6aad0b9304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2763

GET
H2 200 4556.0de45f4f918b8d361f5c.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 13 KB
4 KB 574ms
565ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/4556.0de45f4f918b8d361f5c.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13fdb467f3914d4780b1c5dad66f4575405e547591a5cb1ec3cfee6ea2c94b04

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3357-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZuFUVq6VTjaFfy5Km6%2F7MuQmXjyfB%2FyPVZUERQS9zoZ5frP17dA6QTwl4FS65ojPVrx4ti8GM%2BTwj9NrdxkoGlRQszEyKIZPZq5gd7s6dKZc3oXKxXnz0ffm7nmgtKm0AcYUOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6aad0e9304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 4164

GET
H2 200 product-gallery.29339be9d47922d2666e.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 19 KB
6 KB 573ms
564ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/product-gallery.29339be9d47922d2666e.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ad14a2d8809fe68750afb28af65158368b2a2b0026869344ccf6b374bc3648

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4c40-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKOQwTkiDCOXtIAmzCR0%2BK7NC5xrjXB%2B4lyZfnbimdks5KTF6koGLnVKTsJ3CplIVq0eRpTpNNDsrH4IWkwJeWnjKJwz2fcblgNsvUvblpKesLcKQSD1VXuMGlU0TJPYCJJLtvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6aad0f9304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 5444

GET
H2 200 product-item-variants.74a651a91cdd9d1f41c4.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 9 KB
2 KB 622ms
613ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/product-item-variants.74a651a91cdd9d1f41c4.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cc51bad58358691a121e72654dbfd97a6315f589ceda227f81d5fe5eac8a736

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2247-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtgvJXNG3el66I4MZXiEEfG%2FLkMOlyt2kzaFk8hEA%2FQurhZ5UuYSjn%2BR0WuaWi297VxZYxSfNR2%2FFcN23nM9sJf%2BbRLYoHIqN7rpIneyq5WoYzR7JQjXVvB4yqQ558aERaiTAmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6afdb49304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2048

GET
H2 200 product-cart-button.383fa1398a9fc840c724.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 2 KB
1 KB 576ms
569ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/product-cart-button.383fa1398a9fc840c724.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f940ad35d0d4978179a12000d350728bf4aa74fa3448800b821797288250c5

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6e6-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbscxFuSH2SnQheokc8HPSpf%2FNGblqxSFzYQhdtvR2cWn6N3FS3txS5ZQXJCpaTGI0rnoj3fmBriHvlRpKZIGcs5rIvBuBUIae9y6ytDo3ddLo%2B6IrOJF4LanzjD5yLEBf6%2FYu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6afdb99304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 794

GET
H2 200 image-zoom.a7b37aa98fa0e356e91c.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 5 KB
2 KB 574ms
569ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/image-zoom.a7b37aa98fa0e356e91c.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26666f6880d8808e3fb3e2b8bc19def3ee8c1fae014a790624fe95f1f04c8a9a

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1274-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7JjqM6LP%2F27cxk16xOdW3m85BQaIKM0U0ufay%2F7IxMFmLTvXZbBwGzBmemIMrQ79AIfq00eDOPIa4thSVY%2F4MucjHkYvhL%2BUiMH0fAuJ5J%2FggsLZQQDw8g971Ku2FIxLH0bI50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6afdbe9304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 1740

GET
H2 200 5489.9968d09a3adcfbc5f9bc.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 24 KB
6 KB 573ms
570ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/5489.9968d09a3adcfbc5f9bc.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59d4e646bb27566f7f9b4e6cfd9d3eab1670f581c2ca16a0e871ebe2b9a4c80

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5edc-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWa95dU%2BNeKpCtN9ZrNGuxjzRB4D784%2FfCz%2B0oTLPykTj1j4zrcVyV540b6m6%2Fg%2BxyV6M%2Bnrl879QbYE6maXvFwHaBgHcba%2FhkznCuDqpxsx5%2BhnGbkvUCFaEyAS8MLW0zeO5go%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6afdc09304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 6241

GET
H2 200 lightbox.6fd96191eed3edf2e978.js Show response
budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/ 4 KB
2 KB 593ms
590ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/lightbox.6fd96191eed3edf2e978.js
Requested by: Host: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.b502231aaf751bf844c833e9880528bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26acbc9fa18249bf6d45f80c88bbe6658bac10aeef85879c328572fca36d03ff

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 10:50:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 23 Feb 2024 19:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ef5-612118edf3240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ml8mQIBwxlRur2OvXSUItPH7BZ60Fh0DCHJbAnE9WpdBoN8cltdKiKFXUPh2XlDQ4O5artg6ERNj7vRfUWkIDQyC1%2FduJP5hpfuNYS72RMTKznLs%2F5HkNjIr7c39DqqkZCBh0TM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a183b6afdc59304-CPH
alt-svc: h3=":443"; ma=86400
content-length: 1537

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 1939ms
1309ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1217498792744769&ev=PageView&dl=http%3A%2F%2Fflightadmin.selloffvacations.com%2F%3Fsite%3Dhaha178&rl=&if=false&ts=1720695021269&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720695021266.342710562720746471&cs_est=true&ler=empty&cdl=API_unavailable&it=1720695021105&coo=false&exp=f0&rqm=GET

Requested by

Host: flightadmin.selloffvacations.com
URL: http://flightadmin.selloffvacations.com/?site=haha178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://flightadmin.selloffvacations.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=1, c=10, mss=1392, tbw=2791, tp=-1, tpl=-1, uplat=96, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Jul 2024 10:50:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET sepuh.webp
wibu.sg-sin1.upcloudobjects.com/seo/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/@sqs/polyfiller/1.6/modern.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/extract-css-runtime-c3c5ff11b7581fdc25fd-min.id-ID.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/extract-css-moment-js-vendor-675f9459672cf966ca51-min.id-ID.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/cldr-resource-pack-a682f7ad337741eb05d6-min.id-ID.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.id-ID.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/common-vendors-a3ebfa3c7d66af78cb71-min.id-ID.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/common-8acacf251642d0700f75-min.id-ID.js

Domain: budaya.unrum.ac.id
URL: https://budaya.unrum.ac.id/universal/scripts-compressed/commerce-b426cfc98e39ae5666a2-min.id-ID.js

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1217498792744769&ev=PageView&dl=http%3A%2F%2Fflightadmin.selloffvacations.com%2F%3Fsite%3Dhaha178&rl=&if=false&ts=1720695021269&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720695021266.342710562720746471&cs_est=true&ler=empty&cdl=API_unavailable&it=1720695021105&coo=false&exp=f0&rqm=FGET

Domain: wibu.sg-sin1.upcloudobjects.com
URL: https://wibu.sg-sin1.upcloudobjects.com/seo/sepuh.webp

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.selloffvacations.com/	1970-01-21 00:07:51	Name: _fbp Value: fb.1.1720695021266.342710562720746471

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/@sqs/polyfiller/1.6/modern.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/@sqs/polyfiller/1.6/modern.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178(Line 1509) Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/extract-css-runtime-c3c5ff11b7581fdc25fd-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/extract-css-runtime-c3c5ff11b7581fdc25fd-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/extract-css-moment-js-vendor-675f9459672cf966ca51-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/extract-css-moment-js-vendor-675f9459672cf966ca51-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/common-vendors-a3ebfa3c7d66af78cb71-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/common-vendors-a3ebfa3c7d66af78cb71-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/common-8acacf251642d0700f75-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/common-8acacf251642d0700f75-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/commerce-b426cfc98e39ae5666a2-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/commerce-b426cfc98e39ae5666a2-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://flightadmin.selloffvacations.com/?site=haha178 Message: Access to script at 'https://budaya.unrum.ac.id/universal/scripts-compressed/cldr-resource-pack-a682f7ad337741eb05d6-min.id-ID.js' from origin 'http://flightadmin.selloffvacations.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://budaya.unrum.ac.id/universal/scripts-compressed/cldr-resource-pack-a682f7ad337741eb05d6-min.id-ID.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

budaya.unrum.ac.id
connect.facebook.net
flightadmin.selloffvacations.com
gcdnb.pbrd.co
use.typekit.net
wibu.sg-sin1.upcloudobjects.com
www.facebook.com
budaya.unrum.ac.id
wibu.sg-sin1.upcloudobjects.com
www.facebook.com
157.240.253.1
157.240.253.35
172.67.198.249
188.114.97.3
2.19.126.206
54.165.100.18
01ad14a2d8809fe68750afb28af65158368b2a2b0026869344ccf6b374bc3648
09a011d24d5adb2251df37588d10decb44b5d32dab16c7362d8e965210c6c291
13fdb467f3914d4780b1c5dad66f4575405e547591a5cb1ec3cfee6ea2c94b04
26666f6880d8808e3fb3e2b8bc19def3ee8c1fae014a790624fe95f1f04c8a9a
26acbc9fa18249bf6d45f80c88bbe6658bac10aeef85879c328572fca36d03ff
293d50a3c71ae7e642a32f5c78a4a1d1b6832c2099c98ff61adcc8090ab7f809
2c27ccb6847169046967ad04fa657e7d6ecb45af26447805997af6d1274ff90a
38f940ad35d0d4978179a12000d350728bf4aa74fa3448800b821797288250c5
4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6
8cc51bad58358691a121e72654dbfd97a6315f589ceda227f81d5fe5eac8a736
952c3443c9becf5a3240efbd49c7b8c16f2549a761fdf4cd14a770b0155e5eff
b7b7b6b1bd3e7e314e661c405492908f8a934cee89272d765496f92338cf1e5f
c090c1105cdd313597505ba5c1b2a1b5cefe44838688f1977ab46cb4e4540a31
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cd5c218aa57366a2fb6bf3254d667a39f455b95a39fffb125c27ed2377a2b268
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59d4e646bb27566f7f9b4e6cfd9d3eab1670f581c2ca16a0e871ebe2b9a4c80
ec042ce78fcc2ff9912bd2a609fa03cf92de6738d89cd1f1b83df0564ac25103

flightadmin.selloffvacations.com Open in urlscan Pro 54.165.100.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

61 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

430 kBTransfer

2069 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

16 Console Messages

Indicators

flightadmin.selloffvacations.com Open in urlscan Pro
54.165.100.18 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

61 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

430 kB
Transfer

2069 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions