URL: http://www.citpekalongan.com/
Submission Tags: falconsandbox
Submission: On October 19 via api from US — Scanned from DE

Summary

This website contacted 21 IPs in 4 countries across 22 domains to perform 73 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.citpekalongan.com.
This is the only time www.citpekalongan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
10 stootsou.net www.citpekalongan.com
stootsou.net
6 d1lxhc4jvstzrp.cloudfront.net pheegoab.click
6 pheegoab.click www.citpekalongan.com
6 fonts.gstatic.com www.citpekalongan.com
5 www.citpekalongan.com www.citpekalongan.com
www.blogger.com
4 1.bp.blogspot.com www.citpekalongan.com
3 toglooman.com iclickcdn.com
toglooman.com
3 pseepsie.com iclickcdn.com
pseepsie.com
3 dozubatan.com iclickcdn.com
dozubatan.com
2 my.rtmark.net www.citpekalongan.com
dozubatan.com
2 www.blogger.com www.citpekalongan.com
2 onmarshtompor.com phaurtuh.net
iclickcdn.com
2 dolohen.com www.citpekalongan.com
dolohen.com
2 connect.facebook.net www.citpekalongan.com
connect.facebook.net
2 phaurtuh.net www.citpekalongan.com
1 static.cdnativepush.com www.citpekalongan.com
1 bedrapiona.com iclickcdn.com
1 resources.blogblog.com www.citpekalongan.com
1 native.propellerclick.com www.citpekalongan.com
1 iclickcdn.com www.citpekalongan.com
1 blogger.googleusercontent.com www.citpekalongan.com
1 www.gstatic.com www.citpekalongan.com
0 www.facebook.com Failed connect.facebook.net
73 23

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
shopee.co.id
1.bp.blogspot.com
www.istockphoto.com
Subject Issuer Validity Valid
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-30 -
2021-10-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-12 -
2022-10-11
a year crt.sh
*.blogger.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
stootsou.net
R3
2021-09-12 -
2021-12-11
3 months crt.sh
bedrapiona.com
R3
2021-10-02 -
2021-12-31
3 months crt.sh
dozubatan.com
R3
2021-10-09 -
2022-01-07
3 months crt.sh
pseepsie.com
R3
2021-08-16 -
2021-11-14
3 months crt.sh
toglooman.com
R3
2021-09-07 -
2021-12-06
3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2020-10-27 -
2021-11-26
a year crt.sh
pheegoab.click
Sectigo RSA Domain Validation Secure Server CA
2021-04-02 -
2022-04-02
a year crt.sh
cdnativepush.com
R3
2021-10-02 -
2021-12-31
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh

This page contains 9 frames:

Primary Page: http://www.citpekalongan.com/
Frame ID: 46D7CB2E8A7BAB8AF91441FF712CF315
Requests: 53 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php
Frame ID: 9498E9332C8A3D4A0AD15D197A22BAF5
Requests: 1 HTTP requests in this frame

Frame: http://dolohen.com/fac.php
Frame ID: 3F0861E7B6DEEBD976E64410B1C3390C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
Frame ID: AE7C38C20DD095BD1ED434515648EAF4
Requests: 1 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php?OAID=ba01bce2a3b341f88755140920574ef9&oaidts=1634684530
Frame ID: 113B11B9611E463FB297F858B1AE9D10
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7A4E020E3A28CD93DF58A4895ECF622B
Requests: 1 HTTP requests in this frame

Frame: https://pheegoab.click/84493/articles/30.html
Frame ID: D7C59A0145E7511A3FA15299E8479A66
Requests: 3 HTTP requests in this frame

Frame: https://pheegoab.click/pages/5753.html
Frame ID: 481774BA0A7B23CB2E77D42C0ABB6A3A
Requests: 3 HTTP requests in this frame

Frame: https://pheegoab.click/345.html
Frame ID: F87F63706F652FFB8AE4E4A45A7D9095
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Cheat Pekalongan | Free Cit

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

73
Requests

63 %
HTTPS

45 %
IPv6

22
Domains

23
Subdomains

21
IPs

4
Countries

1687 kB
Transfer

2862 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://connect.facebook.net/en_GB/sdk.js HTTP 307
  • https://connect.facebook.net/en_GB/sdk.js
Request Chain 33
  • https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=384288681912501&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b68e3fbee63%26domain%3Dwww.citpekalongan.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.citpekalongan.com%252Ff16b7ab4caa7098%26relation%3Dparent.parent&container_width=232&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitpekalongan2020%2F&locale=en_GB&sdk=joey&show_facepile=true&small_header=false HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D384288681912501%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1b68e3fbee63%2526domain%253Dwww.citpekalongan.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.citpekalongan.com%25252Ff16b7ab4caa7098%2526relation%253Dparent.parent%26container_width%3D232%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcitpekalongan2020%252F%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
  • https://www.facebook.com/w/ HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

73 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.citpekalongan.com/
376 KB
99 KB
Document
General
Full URL
http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fea5dc117795a570096dbbcce09dec862df8fe9a7ed6edc2d0f53c38638dbc5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.citpekalongan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Expires
Tue, 19 Oct 2021 23:02:09 GMT
Date
Tue, 19 Oct 2021 23:02:09 GMT
Cache-Control
private, max-age=0
Last-Modified
Tue, 19 Oct 2021 21:17:34 GMT
ETag
W/"d1e400af353bd709ad31fbd2b9fad98cbec858d604439c154605bbf17b96283b"
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
101094
Server
GSE
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/
12 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Oct 2021 23:02:09 GMT
AVvXsEgpmJQ1zGrfRKP6-pIoU0jcMJU6yZaAwd4c1643VVSMw5FBC6BOO-2Za0cs4EnCbcOT-6HYACQGhp1uEZQXw_EIPZuUyMqVr4nJZVE4I5ejD3ZkhALsI9vMUqFkTHkD9c8DuZSFen4l3drNVXRVzdKcZL4g2teaNxBvGqJhyibciskcHl7wLF7HrIuLUA=w3...
blogger.googleusercontent.com/img/a/
86 KB
87 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgpmJQ1zGrfRKP6-pIoU0jcMJU6yZaAwd4c1643VVSMw5FBC6BOO-2Za0cs4EnCbcOT-6HYACQGhp1uEZQXw_EIPZuUyMqVr4nJZVE4I5ejD3ZkhALsI9vMUqFkTHkD9c8DuZSFen4l3drNVXRVzdKcZL4g2teaNxBvGqJhyibciskcHl7wLF7HrIuLUA=w320-h317
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6693731937bee0e6fccea59c35815df27324c941a4d9aa5e2c7f14b4c2d2b2ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options
nosniff
server
fife
etag
"v2a9a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Tak berjudul344_20210930153521.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88280
x-xss-protection
0
expires
Wed, 20 Oct 2021 23:02:10 GMT
sprite_v1_6.css.svg
www.citpekalongan.com/responsive/
7 KB
3 KB
Other
General
Full URL
http://www.citpekalongan.com/responsive/sprite_v1_6.css.svg
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.citpekalongan.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 01:32:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
77408
Cross-Origin-Resource-Policy
cross-origin
Content-Length
2244
X-XSS-Protection
0
Last-Modified
Mon, 18 Oct 2021 21:53:57 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Tue, 26 Oct 2021 01:32:01 GMT
none
www.citpekalongan.com/
64 KB
64 KB
Image
General
Full URL
http://www.citpekalongan.com/none
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83b44c9af3ff442e12804916e8fd66f5593c7dff4bb9737aba393d0da4c79ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.citpekalongan.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
GSE
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
97568
X-XSS-Protection
1; mode=block
Expires
Mon, 01 Jan 1990 00:00:00 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/
20 KB
20 KB
Font
General
Full URL
http://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 10:52:49 GMT
X-Content-Type-Options
nosniff
Age
216560
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
20016
X-XSS-Protection
0
Last-Modified
Tue, 10 Aug 2021 00:21:51 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Mon, 17 Oct 2022 10:52:49 GMT
pubgxx.jpg
1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w1185-h272-p-k-no-nu/
55 KB
55 KB
Image
General
Full URL
https://1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w1185-h272-p-k-no-nu/pubgxx.jpg
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0f00ff479bdce5642f77e638e55777b05d4ef9fc594e79ba040993eabe286593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pubgxx.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55910
x-xss-protection
0
server
fife
etag
"v2a90"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 19 Oct 2021 19:23:53 GMT
pbxx.jpg
1.bp.blogspot.com/-EqF4GmFYlF4/YPgBXTYsdtI/AAAAAAAAKo0/BoKb_wMqRMQyGUtfgtggqdOCLuChZ065wCNcBGAsYHQ/w385-h184-p-k-no-nu/
20 KB
20 KB
Image
General
Full URL
https://1.bp.blogspot.com/-EqF4GmFYlF4/YPgBXTYsdtI/AAAAAAAAKo0/BoKb_wMqRMQyGUtfgtggqdOCLuChZ065wCNcBGAsYHQ/w385-h184-p-k-no-nu/pbxx.jpg
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9a8dcd693f1a1d7086934d9249abc48d1b0bca3d8b52fd7c36638008c8ced992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options
nosniff
server
fife
etag
"v2a8e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pbxx.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20281
x-xss-protection
0
expires
Wed, 20 Oct 2021 23:02:10 GMT
pubgxx.jpg
1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w385-h184-p-k-no-nu/
23 KB
23 KB
Image
General
Full URL
https://1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w385-h184-p-k-no-nu/pubgxx.jpg
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0c545a26218b9c4c81e5af093d4c225273f775c850da77364bad85d62e95b064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pubgxx.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23451
x-xss-protection
0
server
fife
etag
"v2a90"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 15 Oct 2021 21:31:32 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/
28 KB
29 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 07:24:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Sep 2020 17:03:43 GMT
Server
sffe
Age
142658
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
28968
X-XSS-Protection
0
Expires
Tue, 18 Oct 2022 07:24:31 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/
33 KB
34 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 11:54:09 GMT
X-Content-Type-Options
nosniff
Age
212880
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
34260
X-XSS-Protection
0
Last-Modified
Thu, 10 Sep 2020 17:02:57 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Mon, 17 Oct 2022 11:54:09 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v25/
19 KB
20 KB
Font
General
Full URL
http://fonts.gstatic.com/s/merriweather/v25/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 11:08:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 10 Aug 2021 00:22:33 GMT
Server
sffe
Age
129200
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
19728
X-XSS-Protection
0
Expires
Tue, 18 Oct 2022 11:08:49 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/
29 KB
30 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 23:58:08 GMT
X-Content-Type-Options
nosniff
Age
601441
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
29864
X-XSS-Protection
0
Last-Modified
Thu, 10 Sep 2020 17:02:34 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Wed, 12 Oct 2022 23:58:08 GMT
WwkfxPmzE06v_ZW1XnrB.woff2
fonts.gstatic.com/s/gruppo/v11/
24 KB
25 KB
Font
General
Full URL
http://fonts.gstatic.com/s/gruppo/v11/WwkfxPmzE06v_ZW1XnrB.woff2
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e73256211ee6aa3c6b8a636762c9202f60239a20189e781a0485f05f0db3e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 20:15:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 01 Sep 2020 05:34:29 GMT
Server
sffe
Age
96402
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
24648
X-XSS-Protection
0
Expires
Tue, 18 Oct 2022 20:15:27 GMT
/
phaurtuh.net/5/4191777/
3 KB
3 KB
XHR
General
Full URL
http://phaurtuh.net/5/4191777/?oo=1
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
13680131c41af257207f2a12b8f8e74868d460a411ee95c67668822afd282433

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
4f829db807106d18f0c97f94978989ce
Pragma
no-cache, no-cache
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://www.citpekalongan.com
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
Expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
phaurtuh.net/
64 KB
23 KB
Script
General
Full URL
http://phaurtuh.net/tag.min.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
23fcedafbba1413be63578d1d4742c3f50c8da390f6a8178bc78250ac3123565
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
22547
X-Trace-Id
f49556139e3b74fcf12c62db4b220149
Pragma
no-cache
Last-Modified
Tue, 19 Oct 2021 13:33:28 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
sdk.js
connect.facebook.net/en_GB/
Redirect Chain
  • http://connect.facebook.net/en_GB/sdk.js
  • https://connect.facebook.net/en_GB/sdk.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
36e39dccfd5d59c60f41ee661d5efc78ca31f2b4ec30050eebbc7547f2ad8540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yEQdpb1Uu+2Nn/ljwCFwPw==
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Oct 2021 23:19:36 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
PZWPzmT1feA8A2xmuY+8Frnlih7DTUGROHCtDLoXzE1LMT/O7MPH8Td8rkL9UATGIq+wq/DF0L1vIgbWHVBd2Q==
x-fb-trip-id
686109401
x-fb-content-md5
12b72085a9f84525f7cd97254c8460fc
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Oct 2021 23:02:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a5dc0a745b8b609ee96968a7fcb382a4"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.9&appId=384288681912501
Non-Authoritative-Reason
HSTS
apu.php
dolohen.com/
55 KB
22 KB
Script
General
Full URL
http://dolohen.com/apu.php?zoneid=1369047
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
139.45.197.236 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
aa8f0aedad34e77170ffba8cf00be544aed2c4e790f854c83a83b68cf1032c15
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Max-Age
86400
Connection
keep-alive
X-Trace-Id
84ed82b04b737204910b0a39b1c63241
Pragma
no-cache
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
Expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
iclickcdn.com/
64 KB
23 KB
Script
General
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23fcedafbba1413be63578d1d4742c3f50c8da390f6a8178bc78250ac3123565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
29464
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
e53b07478e2e461222cfb63535d30108
pragma
no-cache
last-modified
Tue, 19 Oct 2021 13:32:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzwV3ziCZCXkS5gxX%2FHTEM4IhvKgt6l3QcDh9DPN0EctY65xJMrUrfio06RRalkeij6q1Y72jd%2BVBowj8W%2FByj5ROzPN7ulNv0ojVKamncVNP7nvTseZu6PbdKSZeRKZ%2FZI%2Bqd%2BTq93TG40%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6a0da1e919877043-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Wed, 20 Oct 2021 14:51:06 GMT
sdk.js
connect.facebook.net/en_GB/
265 KB
76 KB
Script
General
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=ecf9b9e507ebffdf465b3a8d0436bb8d
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5dcaa0b32f37b9855e5e3485ac7f5b8410baaf690349308376ac301eb98c80aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.citpekalongan.com/
Origin
http://www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yFug0gmbA1Ck84ME2ye2/A==
cross-origin-resource-policy
cross-origin
expires
Wed, 19 Oct 2022 22:06:17 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76548
x-fb-rlafr
0
x-fb-debug
d/VQhi7B/MdwMZQKLvaWLIXSUzhXXHmY/+PWnKTioWU3XktQyy6mMbk5vnBZ2QKxqX7QObGRnLcV3NaU/jFbMg==
x-fb-trip-id
686109401
x-fb-content-md5
cb26819660994b5252a34789d1a170ab
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Oct 2021 23:02:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8cecc861e37fb2197e31971f7922b634"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fac.php
onmarshtompor.com/ Frame 9498
0
0
Document
General
Full URL
http://onmarshtompor.com/fac.php
Requested by
Host: phaurtuh.net
URL: http://phaurtuh.net/tag.min.js
Protocol
HTTP/1.1
Server
139.45.197.243 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
onmarshtompor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.citpekalongan.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/

Response headers

Server
nginx
Date
Tue, 19 Oct 2021 23:02:08 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
X-Trace-Id
de4b6f3a0520a93c982e4f43fdc598b1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age
86400
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
ntfc.php
stootsou.net/
15 KB
6 KB
Script
General
Full URL
http://stootsou.net/ntfc.php?p=4191733
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3c8625a5defa7c8eb4051b50613f86505263688bb1ce53de8b8d9dcfc78ef212

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 23:02:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 10:22:41 GMT
Server
nginx
ETag
W/"616d4af1-3b23"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
1
native.propellerclick.com/
0
0
Script
General
Full URL
http://native.propellerclick.com/1?z=2780870
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
139.45.197.235 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 23:02:10 GMT
X-Sc
4KdnrdofxFOHMlcU
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
7
penipuan.jpg
1.bp.blogspot.com/-UwR6_VdPC8k/Xlix7i3mzXI/AAAAAAAAJx4/7-a9_MoFIbcPN64N1__Z4Z_KZbc5aaNZACNcBGAsYHQ/s1600/
548 KB
549 KB
Image
General
Full URL
https://1.bp.blogspot.com/-UwR6_VdPC8k/Xlix7i3mzXI/AAAAAAAAJx4/7-a9_MoFIbcPN64N1__Z4Z_KZbc5aaNZACNcBGAsYHQ/s1600/penipuan.jpg
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
24e98f20c48962a4142fc2b04842922a253b7fbb32bb06be0401f6275cb2bbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="penipuan.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
560950
x-xss-protection
0
server
fife
etag
"v271f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 17 Oct 2021 09:20:31 GMT
3439121940-vegeclub_compiled.js
resources.blogblog.com/blogblog/data/res/
133 KB
133 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/3439121940-vegeclub_compiled.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbf5cac45e8469296a0f7d0d0ec5ca598360bfd9e16e335f43a08d40a7661cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 02:26:06 GMT
x-content-type-options
nosniff
age
419764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135791
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 22:52:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 22 Oct 2021 02:26:06 GMT
cookienotice.js
www.citpekalongan.com/js/
6 KB
7 KB
Script
General
Full URL
http://www.citpekalongan.com/js/cookienotice.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.citpekalongan.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 01:32:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Oct 2021 21:53:57 GMT
Server
sffe
Age
77409
Vary
Accept-Encoding
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
6513
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Tue, 26 Oct 2021 01:32:01 GMT
3210254948-widgets.js
www.blogger.com/static/v1/widgets/
154 KB
56 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/3210254948-widgets.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 02:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56872
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 18:53:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 18 Oct 2022 02:06:58 GMT
fac.php
dolohen.com/ Frame 3F08
0
0
Document
General
Full URL
http://dolohen.com/fac.php
Requested by
Host: dolohen.com
URL: http://dolohen.com/apu.php?zoneid=1369047
Protocol
HTTP/1.1
Server
139.45.197.236 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
dolohen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.citpekalongan.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/

Response headers

Server
nginx
Date
Tue, 19 Oct 2021 23:02:10 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
X-Trace-Id
6d39aefa2e0c89def6532277d6447e24
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age
86400
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
zone
stootsou.net/
697 B
989 B
Fetch
General
Full URL
https://stootsou.net/zone?pub=0&zone_id=4191733&is_mobile=false&domain=www.citpekalongan.com&var=&ymid=&var_3=
Requested by
Host: stootsou.net
URL: http://stootsou.net/ntfc.php?p=4191733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b5af56774123ba2a15edd68717bdf876b3f02584bde6d2e794522644cfd5b87e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
757aa3dacda9d6acbe8673814a7885f6
date
Tue, 19 Oct 2021 23:02:08 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
697
universal.min.js
stootsou.net/pfe/current/
102 KB
37 KB
Fetch
General
Full URL
https://stootsou.net/pfe/current/universal.min.js?v=3.1.330
Requested by
Host: stootsou.net
URL: http://stootsou.net/ntfc.php?p=4191733
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
63fc7b3990bfef0f5b99a6567f77bcfec3f1e4c5feca6bd2524616fb07e59f99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 23:02:08 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 10:22:41 GMT
server
nginx
etag
W/"616d4af1-196a7"
content-type
application/javascript
access-control-allow-origin
http://www.citpekalongan.com
cache-control
no-cache
access-control-allow-credentials
true
/
bedrapiona.com/5/4191674/
3 KB
3 KB
XHR
General
Full URL
https://bedrapiona.com/5/4191674/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1f5d41db440e14a92fe368c4bb6e3669b3aae5953c9cbe2b59a6c7d85c3e5eb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
076a5102f5d1d77c8145958e81781513
pragma
no-cache, no-cache
date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
http://www.citpekalongan.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
styles.css
pheegoab.click/
0
0

stats
www.citpekalongan.com/b/
412 B
559 B
XHR
General
Full URL
http://www.citpekalongan.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCc8pOoBRVd06qFHqSfR-JeK5XX9O6SbnG6f9P0J8IBjY5rNfjUhvkxy8oCpYcTi-2NeuxXJDyBWpABV90413o8j4MeQQ
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3210254948-widgets.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
483ab2785288e4226bc1e3c0974f347bcc1b94c34e66867cc62565fc9d7f819e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.citpekalongan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.citpekalongan.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
GSE
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0
Content-Length
264
X-XSS-Protection
1; mode=block
Expires
Tue, 19 Oct 2021 23:02:10 GMT
blogger_logo_round_35.png
www.blogger.com/img/
2 KB
3 KB
Image
General
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:10:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Oct 2021 11:49:44 GMT
server
sffe
age
114704
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 25 Oct 2021 15:10:26 GMT
/
www.facebook.com/login/ Frame AE7C
Redirect Chain
  • https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=384288681912501&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b6...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D384288681912501%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
  • https://www.facebook.com/w/
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
0
0

4191671
dozubatan.com/400/
85 KB
30 KB
Script
General
Full URL
https://dozubatan.com/400/4191671
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
aec1639efe1524394ee2eb2a08e456ee00016d843ed18ee398b8448bc4244754
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
7a5b06df5dd72ad445d1638b7fd122b6
pragma
no-cache
date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
tag.min.js
pseepsie.com/pfe/current/
15 KB
6 KB
Script
General
Full URL
https://pseepsie.com/pfe/current/tag.min.js?z=4191673
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fae4152391150e39b8373408d33f536534b630a3ab7f7af52ee22ff054c7947a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 10:22:47 GMT
server
nginx
etag
W/"616d4af7-3bfd"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
1
toglooman.com/
6 KB
4 KB
Script
General
Full URL
https://toglooman.com/1?z=4191672
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8dea5b7e0827b4b7c92ccfa84605b8cddcada6be2bb28076ecb9e0ad080b43ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
gzip
x-sc
Ccvx6lXXX62Z50DPZ1YSccZTegzXVvG5VdZCeTqnWVmsE8g4N9tCuQZkzLc_6wLquz-IqtOB-hiBoxwAMlCU937c6PM=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
fac.php
onmarshtompor.com/ Frame 113B
0
0
Document
General
Full URL
http://onmarshtompor.com/fac.php?OAID=ba01bce2a3b341f88755140920574ef9&oaidts=1634684530
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Server
139.45.197.243 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
onmarshtompor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.citpekalongan.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/

Response headers

Server
nginx
Date
Tue, 19 Oct 2021 23:02:08 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
X-Trace-Id
2d9c56fb44da40a28d27a6837c6dc26f
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age
86400
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
custom
stootsou.net/ Frame
0
0
Preflight
General
Full URL
https://stootsou.net/custom
Protocol
H2
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 19 Oct 2021 23:02:08 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
stootsou.net/
39 B
328 B
Fetch
General
Full URL
https://stootsou.net/custom
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.citpekalongan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
bc9ae11e0d1d730fca2fbc7cce645e9c
date
Tue, 19 Oct 2021 23:02:08 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/
65 B
548 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=d8a1d4e2c14141ffa40d341bdc41f46e&zoneId=4191733&checkDuplicate=true&ymid=&var=
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d1e7a869c302108f51dd86b899fc33e49e97c39ae8bcbd670e16a524e7f81e76
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:02 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
bundle.css
pheegoab.click/
0
0

zone
pseepsie.com/
666 B
957 B
Fetch
General
Full URL
https://pseepsie.com/zone?pub=0&zone_id=4191673&is_mobile=false&domain=www.citpekalongan.com&var=&ymid=&var_3=
Requested by
Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4191673
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
79b3395a7a7a780f136d3f1bd931de688b9e5be5da7027be4e48f838c80e0209
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
83a99250ba846eff640051a617853e47
date
Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
666
universal.min.js
pseepsie.com/pfe/current/
102 KB
37 KB
Fetch
General
Full URL
https://pseepsie.com/pfe/current/universal.min.js?v=3.1.330
Requested by
Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4191673
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
63fc7b3990bfef0f5b99a6567f77bcfec3f1e4c5feca6bd2524616fb07e59f99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 23:02:08 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 10:22:41 GMT
server
nginx
etag
W/"616d4af1-196a7"
content-type
application/javascript
access-control-allow-origin
http://www.citpekalongan.com
cache-control
no-cache
access-control-allow-credentials
true
defaultSkin.min.js
stootsou.net/pfe/current/
56 KB
19 KB
Fetch
General
Full URL
https://stootsou.net/pfe/current/defaultSkin.min.js
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 23:02:08 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 10:22:41 GMT
server
nginx
etag
W/"616d4af1-df63"
content-type
application/javascript
access-control-allow-origin
http://www.citpekalongan.com
cache-control
no-cache
access-control-allow-credentials
true
d6b556cbfbafc6e12f0b3533d885f1c2
toglooman.com/27/
374 KB
123 KB
Script
General
Full URL
https://toglooman.com/27/d6b556cbfbafc6e12f0b3533d885f1c2
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=4191672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0aafc0af9d98c6f5295f26152310c1dd85af77c66743d9596c0ff41181f927a6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Oct 2021 07:24:40 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cache-control
max-age:290304000, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Thu, 13 Nov 2081 07:24:40 GMT
38
toglooman.com/42/
0
495 B
Script
General
Full URL
https://toglooman.com/42/38?z=4191672
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=4191672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 23:02:10 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 7A4E
255 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
stootsou.net/
39 B
329 B
Fetch
General
Full URL
https://stootsou.net/custom
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.citpekalongan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0f396d355aa3058072ac0dcf438bc398
date
Tue, 19 Oct 2021 23:02:08 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
stootsou.net/ Frame
0
0
Preflight
General
Full URL
https://stootsou.net/custom
Protocol
H2
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 19 Oct 2021 23:02:08 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
config.json
pheegoab.click/
0
0

config.json
pheegoab.click/ Frame
0
0
Preflight
General
Full URL
https://pheegoab.click/config.json
Protocol
HTTP/1.1
Server
185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,token
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 19 Oct 2021 23:02:10 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
169
error.png
pheegoab.click/
0
0

30.html
pheegoab.click/84493/articles/ Frame D7C5
886 B
685 B
Document
General
Full URL
https://pheegoab.click/84493/articles/30.html
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905

Request headers

Host
pheegoab.click
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.citpekalongan.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Oct 2021 23:02:10 GMT
Server
nginx
Vary
Accept-Encoding
X-Redirect
skenzo
Content-Length
486
config.json
pheegoab.click/
0
0

config.json
pheegoab.click/ Frame
0
0
Preflight
General
Full URL
https://pheegoab.click/config.json
Protocol
HTTP/1.1
Server
185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
token
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 19 Oct 2021 23:02:10 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
169
gid.js
my.rtmark.net/
65 B
547 B
XHR
General
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4191671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d1e7a869c302108f51dd86b899fc33e49e97c39ae8bcbd670e16a524e7f81e76
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 23:02:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
error.png
pheegoab.click/
0
0

resources.json
pheegoab.click/
0
0

resources.json
pheegoab.click/ Frame
0
0
Preflight
General
Full URL
https://pheegoab.click/resources.json
Protocol
HTTP/1.1
Server
185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
token
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 19 Oct 2021 23:02:10 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
169
5753.html
pheegoab.click/pages/ Frame 4817
886 B
685 B
Document
General
Full URL
https://pheegoab.click/pages/5753.html
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905

Request headers

Host
pheegoab.click
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.citpekalongan.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Oct 2021 23:02:10 GMT
Server
nginx
Vary
Accept-Encoding
X-Redirect
skenzo
Content-Length
486
4191671
dozubatan.com/500/ Frame
0
0
Preflight
General
Full URL
https://dozubatan.com/500/4191671?excludes=&oaid=d8a1d4e2c14141ffa40d341bdc41f46e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=10&pl=http%3A%2F%2Fwww.citpekalongan.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 19 Oct 2021 23:02:10 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
http://www.citpekalongan.com
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
4191671
dozubatan.com/500/
1 KB
1 KB
XHR
General
Full URL
https://dozubatan.com/500/4191671?excludes=&oaid=d8a1d4e2c14141ffa40d341bdc41f46e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=10&pl=http%3A%2F%2Fwww.citpekalongan.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4191671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
022ccf5875b60764c8c7b12d02bf8b0165670182c8f7c1bc91c8047864a7a96c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.citpekalongan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
62dff25f05fcdf764e1d16ff02db2dd7
pragma
no-cache
date
Tue, 19 Oct 2021 23:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
http://www.citpekalongan.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
345.html
pheegoab.click/ Frame F87F
886 B
685 B
Document
General
Full URL
https://pheegoab.click/345.html
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905

Request headers

Host
pheegoab.click
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.citpekalongan.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Oct 2021 23:02:10 GMT
Server
nginx
Vary
Accept-Encoding
X-Redirect
skenzo
Content-Length
486
01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/
2 KB
3 KB
Image
General
Full URL
https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.citpekalongan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 23:02:10 GMT
Last-Modified
Thu, 01 Jul 2021 09:13:54 GMT
Server
nginx
ETag
"60dd8752-86d"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
2157
style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame D7C5
829 B
658 B
Stylesheet
General
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by
Host: pheegoab.click
URL: https://pheegoab.click/84493/articles/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pheegoab.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:57:10 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:25:52 GMT
server
nginx
age
32700
etag
W/"5ebab1f0-33d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ys-pzxmEfT1NS9_SkEHDnyR-qBoQ65QRSxRJpZrpF4pTFFcPYTqWiw==
skenzo.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame D7C5
345 B
522 B
Stylesheet
General
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/skenzo.css
Requested by
Host: pheegoab.click
URL: https://pheegoab.click/84493/articles/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pheegoab.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 07:25:02 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:25:52 GMT
server
nginx
age
56228
etag
W/"5ebab1f0-159"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
3JPe-aBum5aXd0vMMzIPxmidjRFweRzWrC7YsgXux_HChCk5o79FOg==
style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame 4817
829 B
657 B
Stylesheet
General
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by
Host: pheegoab.click
URL: https://pheegoab.click/pages/5753.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pheegoab.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:57:10 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:25:52 GMT
server
nginx
age
32700
etag
W/"5ebab1f0-33d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
fjNdZDgas7_Nbp8QZT76WUrf7_TJSdk8iOIbfF0cmmsVIFZyLutEpA==
skenzo.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame 4817
345 B
522 B
Stylesheet
General
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/skenzo.css
Requested by
Host: pheegoab.click
URL: https://pheegoab.click/pages/5753.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pheegoab.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 07:25:02 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:25:52 GMT
server
nginx
age
56228
etag
W/"5ebab1f0-159"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
oaIoc-8yOXCs8FmXQwpEU25xtH6XryUZ_wp5gEWkg2SEk23b3U0miQ==
style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame F87F
829 B
657 B
Stylesheet
General
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by
Host: pheegoab.click
URL: https://pheegoab.click/345.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pheegoab.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:57:10 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:25:52 GMT
server
nginx
age
32700
etag
W/"5ebab1f0-33d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
nPsJWjrds433fhjqAC8qKXPdqa8XM4gqyxchVuHE4N_v_bgIFPoreA==
skenzo.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame F87F
345 B
522 B
Stylesheet
General
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/skenzo.css
Requested by
Host: pheegoab.click
URL: https://pheegoab.click/345.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pheegoab.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 07:25:02 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:25:52 GMT
server
nginx
age
56228
etag
W/"5ebab1f0-159"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
f4d2SGp4cAndcngawzE0GFpb_KHoCY0JN5LjpZV-tz5CNEyLZVLIbQ==
custom
stootsou.net/
39 B
328 B
Fetch
General
Full URL
https://stootsou.net/custom
Requested by
Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.citpekalongan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
c3b3acc1eb312dfdac76e8ecee40672b
date
Tue, 19 Oct 2021 23:02:09 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
stootsou.net/ Frame
0
0
Preflight
General
Full URL
https://stootsou.net/custom
Protocol
H2
Server
139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.citpekalongan.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 19 Oct 2021 23:02:09 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
http://www.citpekalongan.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pheegoab.click
URL
https://pheegoab.click/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
Domain
pheegoab.click
URL
https://pheegoab.click/bundle.css?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=
Domain
pheegoab.click
URL
https://pheegoab.click/config.json
Domain
pheegoab.click
URL
https://pheegoab.click/error.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx
Domain
pheegoab.click
URL
https://pheegoab.click/config.json
Domain
pheegoab.click
URL
https://pheegoab.click/error.png?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=
Domain
pheegoab.click
URL
https://pheegoab.click/resources.json

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle string| k object| _g0b2kroxwc8 object| x6edc5q1ihb object| zfgformats function| setImmediate function| clearImmediate function| _murlyn function| _fxemw function| ClipboardJS object| _0x1b4c function| _0xc24d string| zfgaabversion number| zfgsct number| zfggt function| _vxviwxul function| _blgoqdkx object| FB function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| _mqy7kjwr4us function| _aeerg function| _voujtj object| _0xbc13 function| _hyoelv function| _mppocwj function| zfgproxyhttp function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| closure_lm_700575 object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| webpushlogs boolean| zfgloadednative boolean| _retranberw object| onClickExcludes object| regeneratorRuntime function| _retranber

9 Cookies

Domain/Path Name / Value
toglooman.com/42 Name: OAID
Value: ad435691cf4d49c087d7bb51e1e9e827
toglooman.com/42 Name: oaidts
Value: 1634684530
bedrapiona.com/ Name: OAID
Value: ba01bce2a3b341f88755140920574ef9
bedrapiona.com/ Name: oaidts
Value: 1634684530
my.rtmark.net/ Name: ID
Value: d8a1d4e2c14141ffa40d341bdc41f46e
toglooman.com/ Name: scm
Value: 1
toglooman.com/ Name: OAID
Value: ad435691cf4d49c087d7bb51e1e9e827
toglooman.com/ Name: oaidts
Value: 1634684530
dozubatan.com/ Name: OAID
Value: d8a1d4e2c14141ffa40d341bdc41f46e

19 Console Messages

Source Level URL
Text
network error URL: http://native.propellerclick.com/1?z=2780870
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.citpekalongan.com/none
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://www.citpekalongan.com/
Message:
Access to CSS stylesheet at 'https://pheegoab.click/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.citpekalongan.com/
Message:
Access to XMLHttpRequest at 'https://pheegoab.click/config.json' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/config.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.citpekalongan.com/
Message:
Access to image at 'https://pheegoab.click/error.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/error.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.citpekalongan.com/
Message:
Access to CSS stylesheet at 'https://pheegoab.click/bundle.css?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/bundle.css?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.citpekalongan.com/
Message:
Access to image at 'https://pheegoab.click/error.png?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/error.png?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.citpekalongan.com/
Message:
Access to XMLHttpRequest at 'https://pheegoab.click/config.json' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/config.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.citpekalongan.com/
Message:
Access to XMLHttpRequest at 'https://pheegoab.click/resources.json' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://pheegoab.click/resources.json
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://pheegoab.click/84493/articles/30.html(Line 16)
Message:
Mixed Content: The page at 'https://pheegoab.click/84493/articles/30.html' was loaded over HTTPS, but requested an insecure frame 'http://iyfnz.com/?dn=pheegoab.click&pid=9PO755G95'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://pheegoab.click/pages/5753.html(Line 16)
Message:
Mixed Content: The page at 'https://pheegoab.click/pages/5753.html' was loaded over HTTPS, but requested an insecure frame 'http://iyfnz.com/?dn=pheegoab.click&pid=9PO755G95'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://pheegoab.click/345.html(Line 16)
Message:
Mixed Content: The page at 'https://pheegoab.click/345.html' was loaded over HTTPS, but requested an insecure frame 'http://iyfnz.com/?dn=pheegoab.click&pid=9PO755G95'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
bedrapiona.com
blogger.googleusercontent.com
connect.facebook.net
d1lxhc4jvstzrp.cloudfront.net
dolohen.com
dozubatan.com
fonts.gstatic.com
iclickcdn.com
my.rtmark.net
native.propellerclick.com
onmarshtompor.com
phaurtuh.net
pheegoab.click
pseepsie.com
resources.blogblog.com
static.cdnativepush.com
stootsou.net
toglooman.com
www.blogger.com
www.citpekalongan.com
www.facebook.com
www.gstatic.com
pheegoab.click
www.facebook.com
139.45.195.8
139.45.197.188
139.45.197.234
139.45.197.235
139.45.197.236
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.243
139.45.197.250
185.53.178.11
2600:9000:211e:c600:1f:4100:9540:21
2606:4700:20::681a:c76
2a00:1450:4001:802::2009
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2013
2a00:1450:4001:82b::2003
2a03:2880:f01c:8012:face:b00c:0:3
022ccf5875b60764c8c7b12d02bf8b0165670182c8f7c1bc91c8047864a7a96c
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0aafc0af9d98c6f5295f26152310c1dd85af77c66743d9596c0ff41181f927a6
0c545a26218b9c4c81e5af093d4c225273f775c850da77364bad85d62e95b064
0f00ff479bdce5642f77e638e55777b05d4ef9fc594e79ba040993eabe286593
13680131c41af257207f2a12b8f8e74868d460a411ee95c67668822afd282433
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1f5d41db440e14a92fe368c4bb6e3669b3aae5953c9cbe2b59a6c7d85c3e5eb2
23fcedafbba1413be63578d1d4742c3f50c8da390f6a8178bc78250ac3123565
24e98f20c48962a4142fc2b04842922a253b7fbb32bb06be0401f6275cb2bbea
2e73256211ee6aa3c6b8a636762c9202f60239a20189e781a0485f05f0db3e0a
36e39dccfd5d59c60f41ee661d5efc78ca31f2b4ec30050eebbc7547f2ad8540
3c8625a5defa7c8eb4051b50613f86505263688bb1ce53de8b8d9dcfc78ef212
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
483ab2785288e4226bc1e3c0974f347bcc1b94c34e66867cc62565fc9d7f819e
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
5dcaa0b32f37b9855e5e3485ac7f5b8410baaf690349308376ac301eb98c80aa
63fc7b3990bfef0f5b99a6567f77bcfec3f1e4c5feca6bd2524616fb07e59f99
6693731937bee0e6fccea59c35815df27324c941a4d9aa5e2c7f14b4c2d2b2ea
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
79b3395a7a7a780f136d3f1bd931de688b9e5be5da7027be4e48f838c80e0209
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
83b44c9af3ff442e12804916e8fd66f5593c7dff4bb9737aba393d0da4c79ff3
8dea5b7e0827b4b7c92ccfa84605b8cddcada6be2bb28076ecb9e0ad080b43ee
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
9a8dcd693f1a1d7086934d9249abc48d1b0bca3d8b52fd7c36638008c8ced992
aa8f0aedad34e77170ffba8cf00be544aed2c4e790f854c83a83b68cf1032c15
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
aec1639efe1524394ee2eb2a08e456ee00016d843ed18ee398b8448bc4244754
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b5af56774123ba2a15edd68717bdf876b3f02584bde6d2e794522644cfd5b87e
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
d1e7a869c302108f51dd86b899fc33e49e97c39ae8bcbd670e16a524e7f81e76
d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905
db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fae4152391150e39b8373408d33f536534b630a3ab7f7af52ee22ff054c7947a
fbf5cac45e8469296a0f7d0d0ec5ca598360bfd9e16e335f43a08d40a7661cc3
fea5dc117795a570096dbbcce09dec862df8fe9a7ed6edc2d0f53c38638dbc5d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881