www.citpekalongan.com Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.citpekalongan.com/
Submission Tags: falconsandbox
Submission: On October 19 via api (October 19th 2021, 11:02:15 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 22 domains to perform 73 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.citpekalongan.com.

This is the only time www.citpekalongan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
13	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
1	139.45.197.235 139.45.197.235	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	185.53.178.11 185.53.178.11	61969 (TEAMINTER...) (TEAMINTERNET-AS)
1	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
6	2600:9000:211... 2600:9000:211e:c600:1f:4100:9540:21	16509 (AMAZON-02) (AMAZON-02)
73	21

5 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.citpekalongan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (Ascension Island)

ASN9002 (RETN-AS, GB)

phaurtuh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (Ascension Island)

ASN9002 (RETN-AS, GB)

dolohen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 139.45.197.250 (Ascension Island)

ASN9002 (RETN-AS, GB)

stootsou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.235 (Ascension Island)

ASN9002 (RETN-AS, GB)

native.propellerclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (Ascension Island)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (Ascension Island)

ASN9002 (RETN-AS, GB)

dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (Ascension Island)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.53.178.11 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

pheegoab.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.188 (Ascension Island)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211e:c600:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)

d1lxhc4jvstzrp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	stootsou.net stootsou.net	65 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	162 KB
6	cloudfront.net d1lxhc4jvstzrp.cloudfront.net	3 KB
6	pheegoab.click pheegoab.click Failed	2 KB
5	citpekalongan.com www.citpekalongan.com	173 KB
4	blogspot.com 1.bp.blogspot.com	646 KB
3	toglooman.com toglooman.com	127 KB
3	pseepsie.com pseepsie.com	44 KB
3	dozubatan.com dozubatan.com	32 KB
2	rtmark.net my.rtmark.net	1 KB
2	blogger.com www.blogger.com	59 KB
2	onmarshtompor.com onmarshtompor.com
2	dolohen.com dolohen.com	22 KB
2	facebook.net connect.facebook.net	78 KB
2	phaurtuh.net phaurtuh.net	26 KB
1	cdnativepush.com static.cdnativepush.com	3 KB
1	bedrapiona.com bedrapiona.com	3 KB
1	blogblog.com resources.blogblog.com	133 KB
1	propellerclick.com native.propellerclick.com
1	iclickcdn.com iclickcdn.com	23 KB
1	googleusercontent.com blogger.googleusercontent.com	87 KB
0	facebook.com Failed www.facebook.com Failed
73	22

	Domain	Requested by
10	stootsou.net	www.citpekalongan.com stootsou.net
6	d1lxhc4jvstzrp.cloudfront.net	pheegoab.click
6	pheegoab.click	www.citpekalongan.com
6	fonts.gstatic.com	www.citpekalongan.com
5	www.citpekalongan.com	www.citpekalongan.com www.blogger.com
4	1.bp.blogspot.com	www.citpekalongan.com
3	toglooman.com	iclickcdn.com toglooman.com
3	pseepsie.com	iclickcdn.com pseepsie.com
3	dozubatan.com	iclickcdn.com dozubatan.com
2	my.rtmark.net	www.citpekalongan.com dozubatan.com
2	www.blogger.com	www.citpekalongan.com
2	onmarshtompor.com	phaurtuh.net iclickcdn.com
2	dolohen.com	www.citpekalongan.com dolohen.com
2	connect.facebook.net	www.citpekalongan.com connect.facebook.net
2	phaurtuh.net	www.citpekalongan.com
1	static.cdnativepush.com	www.citpekalongan.com
1	bedrapiona.com	iclickcdn.com
1	resources.blogblog.com	www.citpekalongan.com
1	native.propellerclick.com	www.citpekalongan.com
1	iclickcdn.com	www.citpekalongan.com
1	blogger.googleusercontent.com	www.citpekalongan.com
1	www.gstatic.com	www.citpekalongan.com
0	www.facebook.com Failed	connect.facebook.net
73	23

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
shopee.co.id
1.bp.blogspot.com
www.istockphoto.com

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-30` - `2021-10-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-12` - `2022-10-11`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
stootsou.net R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
bedrapiona.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
dozubatan.com R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
pseepsie.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
toglooman.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
pheegoab.click Sectigo RSA Domain Validation Secure Server CA	`2021-04-02` - `2022-04-02`	a year	crt.sh
cdnativepush.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://www.citpekalongan.com/
Frame ID: 46D7CB2E8A7BAB8AF91441FF712CF315
Requests: 53 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php
Frame ID: 9498E9332C8A3D4A0AD15D197A22BAF5
Requests: 1 HTTP requests in this frame

Frame: http://dolohen.com/fac.php
Frame ID: 3F0861E7B6DEEBD976E64410B1C3390C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
Frame ID: AE7C38C20DD095BD1ED434515648EAF4
Requests: 1 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php?OAID=ba01bce2a3b341f88755140920574ef9&oaidts=1634684530
Frame ID: 113B11B9611E463FB297F858B1AE9D10
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7A4E020E3A28CD93DF58A4895ECF622B
Requests: 1 HTTP requests in this frame

Frame: https://pheegoab.click/84493/articles/30.html
Frame ID: D7C59A0145E7511A3FA15299E8479A66
Requests: 3 HTTP requests in this frame

Frame: https://pheegoab.click/pages/5753.html
Frame ID: 481774BA0A7B23CB2E77D42C0ABB6A3A
Requests: 3 HTTP requests in this frame

Frame: https://pheegoab.click/345.html
Frame ID: F87F63706F652FFB8AE4E4A45A7D9095
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cheat Pekalongan | Free Cit

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

73
Requests

63 %
HTTPS

45 %
IPv6

22
Domains

23
Subdomains

21
IPs

4
Countries

1687 kB
Transfer

2862 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/13536274179353654377
Title: Pekalongan Community

Search URL Search Domain Scan URL

URL: https://shopee.co.id/dienka_collections?smtt=0.0.9

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-UwR6_VdPC8k/Xlix7i3mzXI/AAAAAAAAJx4/7-a9_MoFIbcPN64N1__Z4Z_KZbc5aaNZACNcBGAsYHQ/s1600/penipuan.jpg

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Diberdayakan oleh Blogger

Search URL Search Domain Scan URL

URL: http://www.istockphoto.com/portfolio/merrymoonmary?platform=blogger
Title: merrymoonmary

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://connect.facebook.net/en_GB/sdk.js HTTP 307
https://connect.facebook.net/en_GB/sdk.js

Request Chain 33

https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=384288681912501&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b68e3fbee63%26domain%3Dwww.citpekalongan.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.citpekalongan.com%252Ff16b7ab4caa7098%26relation%3Dparent.parent&container_width=232&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcitpekalongan2020%2F&locale=en_GB&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D384288681912501%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1b68e3fbee63%2526domain%253Dwww.citpekalongan.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.citpekalongan.com%25252Ff16b7ab4caa7098%2526relation%253Dparent.parent%26container_width%3D232%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcitpekalongan2020%252F%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F HTTP 302
https://www.facebook.com/w/ HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.citpekalongan.com/ 376 KB
99 KB 576ms
540ms Document
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fea5dc117795a570096dbbcce09dec862df8fe9a7ed6edc2d0f53c38638dbc5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.citpekalongan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Tue, 19 Oct 2021 23:02:09 GMT
Date: Tue, 19 Oct 2021 23:02:09 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 19 Oct 2021 21:17:34 GMT
ETag: W/"d1e400af353bd709ad31fbd2b9fad98cbec858d604439c154605bbf17b96283b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 101094
Server: GSE

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 46ms
16ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3475
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Oct 2021 23:02:09 GMT

GET
H2 200 AVvXsEgpmJQ1zGrfRKP6-pIoU0jcMJU6yZaAwd4c1643VVSMw5FBC6BOO-2Za0cs4EnCbcOT-6HYACQGhp1uEZQXw_EIPZuUyMqVr4nJZVE4I5ejD3ZkhALsI9vMUqFkTHkD9c8DuZSFen4l3drNVXRVzdKcZL4g2teaNxBvGqJhyibciskcHl7wLF7HrIuLUA=w3...
blogger.googleusercontent.com/img/a/ 86 KB
87 KB 551ms
519ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgpmJQ1zGrfRKP6-pIoU0jcMJU6yZaAwd4c1643VVSMw5FBC6BOO-2Za0cs4EnCbcOT-6HYACQGhp1uEZQXw_EIPZuUyMqVr4nJZVE4I5ejD3ZkhALsI9vMUqFkTHkD9c8DuZSFen4l3drNVXRVzdKcZL4g2teaNxBvGqJhyibciskcHl7wLF7HrIuLUA=w320-h317

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6693731937bee0e6fccea59c35815df27324c941a4d9aa5e2c7f14b4c2d2b2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v2a9a"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Tak berjudul344_20210930153521.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88280
x-xss-protection: 0
expires: Wed, 20 Oct 2021 23:02:10 GMT

GET
H/1.1 200
OK sprite_v1_6.css.svg
www.citpekalongan.com/responsive/ 7 KB
3 KB 13ms
11ms Other
image/svg+xml 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.citpekalongan.com/responsive/sprite_v1_6.css.svg

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.citpekalongan.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 01:32:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 77408
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 2244
X-XSS-Protection: 0
Last-Modified: Mon, 18 Oct 2021 21:53:57 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 26 Oct 2021 01:32:01 GMT

GET
H/1.1 404
Not Found none
www.citpekalongan.com/ 64 KB
64 KB 423ms
420ms Image
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.citpekalongan.com/none

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83b44c9af3ff442e12804916e8fd66f5593c7dff4bb9737aba393d0da4c79ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.citpekalongan.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 97568
X-XSS-Protection: 1; mode=block
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 17 Oct 2021 10:52:49 GMT
X-Content-Type-Options: nosniff
Age: 216560
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20016
X-XSS-Protection: 0
Last-Modified: Tue, 10 Aug 2021 00:21:51 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Mon, 17 Oct 2022 10:52:49 GMT

GET
H2 200 pubgxx.jpg
1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w1185-h272-p-k-no-nu/ 55 KB
55 KB 608ms
585ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w1185-h272-p-k-no-nu/pubgxx.jpg

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f00ff479bdce5642f77e638e55777b05d4ef9fc594e79ba040993eabe286593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pubgxx.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55910
x-xss-protection: 0
server: fife
etag: "v2a90"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Oct 2021 19:23:53 GMT

GET
H2 200 pbxx.jpg
1.bp.blogspot.com/-EqF4GmFYlF4/YPgBXTYsdtI/AAAAAAAAKo0/BoKb_wMqRMQyGUtfgtggqdOCLuChZ065wCNcBGAsYHQ/w385-h184-p-k-no-nu/ 20 KB
20 KB 213ms
191ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-EqF4GmFYlF4/YPgBXTYsdtI/AAAAAAAAKo0/BoKb_wMqRMQyGUtfgtggqdOCLuChZ065wCNcBGAsYHQ/w385-h184-p-k-no-nu/pbxx.jpg

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9a8dcd693f1a1d7086934d9249abc48d1b0bca3d8b52fd7c36638008c8ced992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v2a8e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pbxx.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20281
x-xss-protection: 0
expires: Wed, 20 Oct 2021 23:02:10 GMT

GET
H2 200 pubgxx.jpg
1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w385-h184-p-k-no-nu/ 23 KB
23 KB 212ms
190ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cFIit7o2_Nw/YPgCLBajcMI/AAAAAAAAKo8/KC0s5sblHtw_HUh98fTkOHL_z1_i7nYDwCNcBGAsYHQ/w385-h184-p-k-no-nu/pubgxx.jpg

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c545a26218b9c4c81e5af093d4c225273f775c850da77364bad85d62e95b064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pubgxx.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23451
x-xss-protection: 0
server: fife
etag: "v2a90"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 15 Oct 2021 21:31:32 GMT

GET
H/1.1 200
OK 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
29 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 07:24:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Sep 2020 17:03:43 GMT
Server: sffe
Age: 142658
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28968
X-XSS-Protection: 0
Expires: Tue, 18 Oct 2022 07:24:31 GMT

GET
H/1.1 200
OK 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 17 Oct 2021 11:54:09 GMT
X-Content-Type-Options: nosniff
Age: 212880
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34260
X-XSS-Protection: 0
Last-Modified: Thu, 10 Sep 2020 17:02:57 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Mon, 17 Oct 2022 11:54:09 GMT

GET
H/1.1 200
OK u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
20 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v25/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 11:08:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Aug 2021 00:22:33 GMT
Server: sffe
Age: 129200
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 19728
X-XSS-Protection: 0
Expires: Tue, 18 Oct 2022 11:08:49 GMT

GET
H/1.1 200
OK 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 29 KB
30 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 23:58:08 GMT
X-Content-Type-Options: nosniff
Age: 601441
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29864
X-XSS-Protection: 0
Last-Modified: Thu, 10 Sep 2020 17:02:34 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 12 Oct 2022 23:58:08 GMT

GET
H/1.1 200
OK WwkfxPmzE06v_ZW1XnrB.woff2
fonts.gstatic.com/s/gruppo/v11/ 24 KB
25 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/gruppo/v11/WwkfxPmzE06v_ZW1XnrB.woff2

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e73256211ee6aa3c6b8a636762c9202f60239a20189e781a0485f05f0db3e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 20:15:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Sep 2020 05:34:29 GMT
Server: sffe
Age: 96402
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 24648
X-XSS-Protection: 0
Expires: Tue, 18 Oct 2022 20:15:27 GMT

GET
H/1.1 200
OK / Show response
phaurtuh.net/5/4191777/ 3 KB
3 KB 36ms
25ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://phaurtuh.net/5/4191777/?oo=1
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Server: 139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 13680131c41af257207f2a12b8f8e74868d460a411ee95c67668822afd282433

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 4f829db807106d18f0c97f94978989ce
Pragma: no-cache, no-cache
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://www.citpekalongan.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
phaurtuh.net/ 64 KB
23 KB 36ms
25ms Script
text/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://phaurtuh.net/tag.min.js

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

23fcedafbba1413be63578d1d4742c3f50c8da390f6a8178bc78250ac3123565

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 22547
X-Trace-Id: f49556139e3b74fcf12c62db4b220149
Pragma: no-cache
Last-Modified: Tue, 19 Oct 2021 13:33:28 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_GB/
Redirect Chain

http://connect.facebook.net/en_GB/sdk.js
https://connect.facebook.net/en_GB/sdk.js

3 KB
2 KB

28ms
10ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36e39dccfd5d59c60f41ee661d5efc78ca31f2b4ec30050eebbc7547f2ad8540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yEQdpb1Uu+2Nn/ljwCFwPw==
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Oct 2021 23:19:36 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: PZWPzmT1feA8A2xmuY+8Frnlih7DTUGROHCtDLoXzE1LMT/O7MPH8Td8rkL9UATGIq+wq/DF0L1vIgbWHVBd2Q==
x-fb-trip-id: 686109401
x-fb-content-md5: 12b72085a9f84525f7cd97254c8460fc
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 19 Oct 2021 23:02:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a5dc0a745b8b609ee96968a7fcb382a4"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.9&appId=384288681912501
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK apu.php Show response
dolohen.com/ 55 KB
22 KB 37ms
26ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://dolohen.com/apu.php?zoneid=1369047

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

139.45.197.236 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aa8f0aedad34e77170ffba8cf00be544aed2c4e790f854c83a83b68cf1032c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Connection: keep-alive
X-Trace-Id: 84ed82b04b737204910b0a39b1c63241
Pragma: no-cache
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 64 KB
23 KB 67ms
33ms Script
text/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fcedafbba1413be63578d1d4742c3f50c8da390f6a8178bc78250ac3123565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 29464
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: e53b07478e2e461222cfb63535d30108
pragma: no-cache
last-modified: Tue, 19 Oct 2021 13:32:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzwV3ziCZCXkS5gxX%2FHTEM4IhvKgt6l3QcDh9DPN0EctY65xJMrUrfio06RRalkeij6q1Y72jd%2BVBowj8W%2FByj5ROzPN7ulNv0ojVKamncVNP7nvTseZu6PbdKSZeRKZ%2FZI%2Bqd%2BTq93TG40%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6a0da1e919877043-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Wed, 20 Oct 2021 14:51:06 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 265 KB
76 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=ecf9b9e507ebffdf465b3a8d0436bb8d

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dcaa0b32f37b9855e5e3485ac7f5b8410baaf690349308376ac301eb98c80aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.citpekalongan.com/
Origin: http://www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yFug0gmbA1Ck84ME2ye2/A==
cross-origin-resource-policy: cross-origin
expires: Wed, 19 Oct 2022 22:06:17 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76548
x-fb-rlafr: 0
x-fb-debug: d/VQhi7B/MdwMZQKLvaWLIXSUzhXXHmY/+PWnKTioWU3XktQyy6mMbk5vnBZ2QKxqX7QObGRnLcV3NaU/jFbMg==
x-fb-trip-id: 686109401
x-fb-content-md5: cb26819660994b5252a34789d1a170ab
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 19 Oct 2021 23:02:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8cecc861e37fb2197e31971f7922b634"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame 9498 0
0 32ms
23ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onmarshtompor.com/fac.php

Requested by

Host: phaurtuh.net
URL: http://phaurtuh.net/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.243 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.citpekalongan.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/

Response headers

Server: nginx
Date: Tue, 19 Oct 2021 23:02:08 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
X-Trace-Id: de4b6f3a0520a93c982e4f43fdc598b1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ntfc.php Show response
stootsou.net/ 15 KB
6 KB 35ms
24ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://stootsou.net/ntfc.php?p=4191733
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3c8625a5defa7c8eb4051b50613f86505263688bb1ce53de8b8d9dcfc78ef212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 23:02:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 10:22:41 GMT
Server: nginx
ETag: W/"616d4af1-3b23"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 404
Not Found 1
native.propellerclick.com/ 0
0 60ms
48ms Script
text/plain 139.45.197.235
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://native.propellerclick.com/1?z=2780870
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Server: 139.45.197.235 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 23:02:10 GMT
X-Sc: 4KdnrdofxFOHMlcU
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 7

GET
H2 200 penipuan.jpg
1.bp.blogspot.com/-UwR6_VdPC8k/Xlix7i3mzXI/AAAAAAAAJx4/7-a9_MoFIbcPN64N1__Z4Z_KZbc5aaNZACNcBGAsYHQ/s1600/ 548 KB
549 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UwR6_VdPC8k/Xlix7i3mzXI/AAAAAAAAJx4/7-a9_MoFIbcPN64N1__Z4Z_KZbc5aaNZACNcBGAsYHQ/s1600/penipuan.jpg

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

24e98f20c48962a4142fc2b04842922a253b7fbb32bb06be0401f6275cb2bbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="penipuan.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 560950
x-xss-protection: 0
server: fife
etag: "v271f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Oct 2021 09:20:31 GMT

GET
H2 200 3439121940-vegeclub_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 133 KB
133 KB 48ms
10ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/3439121940-vegeclub_compiled.js

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbf5cac45e8469296a0f7d0d0ec5ca598360bfd9e16e335f43a08d40a7661cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 02:26:06 GMT
x-content-type-options: nosniff
age: 419764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135791
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 22:52:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 22 Oct 2021 02:26:06 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.citpekalongan.com/js/ 6 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.citpekalongan.com/js/cookienotice.js

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.citpekalongan.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 01:32:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Oct 2021 21:53:57 GMT
Server: sffe
Age: 77409
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6513
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 26 Oct 2021 01:32:01 GMT

GET
H2 200 3210254948-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 48ms
9ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3210254948-widgets.js

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 02:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56872
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 18:53:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 18 Oct 2022 02:06:58 GMT

GET
H/1.1 204
No Content fac.php
dolohen.com/ Frame 3F08 0
0 13ms
12ms Document
text/html 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://dolohen.com/fac.php

Requested by

Host: dolohen.com
URL: http://dolohen.com/apu.php?zoneid=1369047

Protocol

HTTP/1.1

Server

139.45.197.236 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: dolohen.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.citpekalongan.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/

Response headers

Server: nginx
Date: Tue, 19 Oct 2021 23:02:10 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
X-Trace-Id: 6d39aefa2e0c89def6532277d6447e24
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 zone Show response
stootsou.net/ 697 B
989 B 45ms
18ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://stootsou.net/zone?pub=0&zone_id=4191733&is_mobile=false&domain=www.citpekalongan.com&var=&ymid=&var_3=

Requested by

Host: stootsou.net
URL: http://stootsou.net/ntfc.php?p=4191733

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b5af56774123ba2a15edd68717bdf876b3f02584bde6d2e794522644cfd5b87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 757aa3dacda9d6acbe8673814a7885f6
date: Tue, 19 Oct 2021 23:02:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 697

GET
H2 200 universal.min.js Show response
stootsou.net/pfe/current/ 102 KB
37 KB 39ms
12ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stootsou.net/pfe/current/universal.min.js?v=3.1.330
Requested by: Host: stootsou.net
URL: http://stootsou.net/ntfc.php?p=4191733
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 63fc7b3990bfef0f5b99a6567f77bcfec3f1e4c5feca6bd2524616fb07e59f99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 23:02:08 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 10:22:41 GMT
server: nginx
etag: W/"616d4af1-196a7"
content-type: application/javascript
access-control-allow-origin: http://www.citpekalongan.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 / Show response
bedrapiona.com/5/4191674/ 3 KB
3 KB 64ms
30ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/4191674/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1f5d41db440e14a92fe368c4bb6e3669b3aae5953c9cbe2b59a6c7d85c3e5eb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 076a5102f5d1d77c8145958e81781513
pragma: no-cache, no-cache
date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://www.citpekalongan.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET styles.css
pheegoab.click/ 0
0

GET
H/1.1 200
OK stats Show response
www.citpekalongan.com/b/ 412 B
559 B 189ms
188ms XHR
text/html 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.citpekalongan.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCc8pOoBRVd06qFHqSfR-JeK5XX9O6SbnG6f9P0J8IBjY5rNfjUhvkxy8oCpYcTi-2NeuxXJDyBWpABV90413o8j4MeQQ

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3210254948-widgets.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

483ab2785288e4226bc1e3c0974f347bcc1b94c34e66867cc62565fc9d7f819e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.citpekalongan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.citpekalongan.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 23:02:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 264
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Oct 2021 23:02:10 GMT

GET
H2 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 15:10:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Oct 2021 11:49:44 GMT
server: sffe
age: 114704
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2531
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 25 Oct 2021 15:10:26 GMT

GET

/
www.facebook.com/login/ Frame AE7C
Redirect Chain

https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=384288681912501&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b6...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D384288681912501%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F
https://www.facebook.com/w/
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

0
0

GET
H2 200 4191671 Show response
dozubatan.com/400/ 85 KB
30 KB 63ms
21ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/4191671

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aec1639efe1524394ee2eb2a08e456ee00016d843ed18ee398b8448bc4244754

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 7a5b06df5dd72ad445d1638b7fd122b6
pragma: no-cache
date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
pseepsie.com/pfe/current/ 15 KB
6 KB 50ms
13ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4191673
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: fae4152391150e39b8373408d33f536534b630a3ab7f7af52ee22ff054c7947a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 10:22:47 GMT
server: nginx
etag: W/"616d4af7-3bfd"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
toglooman.com/ 6 KB
4 KB 81ms
44ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=4191672
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8dea5b7e0827b4b7c92ccfa84605b8cddcada6be2bb28076ecb9e0ad080b43ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: gzip
x-sc: Ccvx6lXXX62Z50DPZ1YSccZTegzXVvG5VdZCeTqnWVmsE8g4N9tCuQZkzLc_6wLquz-IqtOB-hiBoxwAMlCU937c6PM=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame 113B 0
0 12ms
12ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onmarshtompor.com/fac.php?OAID=ba01bce2a3b341f88755140920574ef9&oaidts=1634684530

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.243 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.citpekalongan.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/

Response headers

Server: nginx
Date: Tue, 19 Oct 2021 23:02:08 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
X-Trace-Id: 2d9c56fb44da40a28d27a6837c6dc26f
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

OPTIONS
H2 200 custom
stootsou.net/ Frame 0
0 13ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stootsou.net/custom
Protocol: H2
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 19 Oct 2021 23:02:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
stootsou.net/ 39 B
328 B 13ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://stootsou.net/custom

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.citpekalongan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: bc9ae11e0d1d730fca2fbc7cce645e9c
date: Tue, 19 Oct 2021 23:02:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
548 B 48ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=d8a1d4e2c14141ffa40d341bdc41f46e&zoneId=4191733&checkDuplicate=true&ymid=&var=

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1e7a869c302108f51dd86b899fc33e49e97c39ae8bcbd670e16a524e7f81e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET bundle.css
pheegoab.click/ 0
0

GET
H2 200 zone Show response
pseepsie.com/ 666 B
957 B 15ms
15ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4191673&is_mobile=false&domain=www.citpekalongan.com&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4191673

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

79b3395a7a7a780f136d3f1bd931de688b9e5be5da7027be4e48f838c80e0209

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 83a99250ba846eff640051a617853e47
date: Tue, 19 Oct 2021 23:02:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 666

GET
H2 200 universal.min.js Show response
pseepsie.com/pfe/current/ 102 KB
37 KB 39ms
13ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.330
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4191673
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 63fc7b3990bfef0f5b99a6567f77bcfec3f1e4c5feca6bd2524616fb07e59f99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 23:02:08 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 10:22:41 GMT
server: nginx
etag: W/"616d4af1-196a7"
content-type: application/javascript
access-control-allow-origin: http://www.citpekalongan.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 defaultSkin.min.js Show response
stootsou.net/pfe/current/ 56 KB
19 KB 13ms
13ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stootsou.net/pfe/current/defaultSkin.min.js
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 23:02:08 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 10:22:41 GMT
server: nginx
etag: W/"616d4af1-df63"
content-type: application/javascript
access-control-allow-origin: http://www.citpekalongan.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 d6b556cbfbafc6e12f0b3533d885f1c2 Show response
toglooman.com/27/ 374 KB
123 KB 25ms
25ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/d6b556cbfbafc6e12f0b3533d885f1c2

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=4191672

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0aafc0af9d98c6f5295f26152310c1dd85af77c66743d9596c0ff41181f927a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Oct 2021 07:24:40 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Thu, 13 Nov 2081 07:24:40 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 46ms
46ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=4191672
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=4191672
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 23:02:10 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7A4E 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 custom Show response
stootsou.net/ 39 B
329 B 13ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://stootsou.net/custom

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.citpekalongan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 0f396d355aa3058072ac0dcf438bc398
date: Tue, 19 Oct 2021 23:02:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
stootsou.net/ Frame 0
0 13ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stootsou.net/custom
Protocol: H2
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 19 Oct 2021 23:02:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST config.json
pheegoab.click/ 0
0

OPTIONS
H/1.1 403
Forbidden config.json
pheegoab.click/ Frame 0
0 38ms
8ms Preflight
text/html 185.53.178.11
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pheegoab.click/config.json
Protocol: HTTP/1.1
Server: 185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,token
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Oct 2021 23:02:10 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 169

GET error.png
pheegoab.click/ 0
0

GET
H/1.1 200
OK 30.html Show response
pheegoab.click/84493/articles/ Frame D7C5 886 B
685 B 252ms
212ms Document
text/html 185.53.178.11
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pheegoab.click/84493/articles/30.html
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905

Request headers

Host: pheegoab.click
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.citpekalongan.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Oct 2021 23:02:10 GMT
Server: nginx
Vary: Accept-Encoding
X-Redirect: skenzo
Content-Length: 486

GET config.json
pheegoab.click/ 0
0

OPTIONS
H/1.1 403
Forbidden config.json
pheegoab.click/ Frame 0
0 14ms
14ms Preflight
text/html 185.53.178.11
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pheegoab.click/config.json
Protocol: HTTP/1.1
Server: 185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: token
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Oct 2021 23:02:10 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 169

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 13ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4191671

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1e7a869c302108f51dd86b899fc33e49e97c39ae8bcbd670e16a524e7f81e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 23:02:03 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET error.png
pheegoab.click/ 0
0

GET resources.json
pheegoab.click/ 0
0

OPTIONS
H/1.1 403
Forbidden resources.json
pheegoab.click/ Frame 0
0 8ms
8ms Preflight
text/html 185.53.178.11
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pheegoab.click/resources.json
Protocol: HTTP/1.1
Server: 185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: token
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Oct 2021 23:02:10 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 169

GET
H/1.1 200
OK 5753.html Show response
pheegoab.click/pages/ Frame 4817 886 B
685 B 231ms
231ms Document
text/html 185.53.178.11
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pheegoab.click/pages/5753.html
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905

Request headers

Host: pheegoab.click
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.citpekalongan.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Oct 2021 23:02:10 GMT
Server: nginx
Vary: Accept-Encoding
X-Redirect: skenzo
Content-Length: 486

OPTIONS
H2 200 4191671
dozubatan.com/500/ Frame 0
0 38ms
12ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/500/4191671?excludes=&oaid=d8a1d4e2c14141ffa40d341bdc41f46e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=10&pl=http%3A%2F%2Fwww.citpekalongan.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 19 Oct 2021 23:02:10 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: http://www.citpekalongan.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 4191671 Show response
dozubatan.com/500/ 1 KB
1 KB 17ms
17ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4191671

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

022ccf5875b60764c8c7b12d02bf8b0165670182c8f7c1bc91c8047864a7a96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.citpekalongan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 62dff25f05fcdf764e1d16ff02db2dd7
pragma: no-cache
date: Tue, 19 Oct 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://www.citpekalongan.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 345.html Show response
pheegoab.click/ Frame F87F 886 B
685 B 260ms
218ms Document
text/html 185.53.178.11
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pheegoab.click/345.html
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.178.11 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905

Request headers

Host: pheegoab.click
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.citpekalongan.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 19 Oct 2021 23:02:10 GMT
Server: nginx
Vary: Accept-Encoding
X-Redirect: skenzo
Content-Length: 486

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 61ms
13ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.citpekalongan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 23:02:10 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

GET
H2 200 style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame D7C5 829 B
658 B 38ms
7ms Stylesheet
text/css 2600:9000:211e:c600:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by: Host: pheegoab.click
URL: https://pheegoab.click/84493/articles/30.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pheegoab.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 13:57:10 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 14:25:52 GMT
server: nginx
age: 32700
etag: W/"5ebab1f0-33d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ys-pzxmEfT1NS9_SkEHDnyR-qBoQ65QRSxRJpZrpF4pTFFcPYTqWiw==

GET
H2 200 skenzo.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame D7C5 345 B
522 B 38ms
8ms Stylesheet
text/css 2600:9000:211e:c600:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/skenzo.css
Requested by: Host: pheegoab.click
URL: https://pheegoab.click/84493/articles/30.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pheegoab.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 07:25:02 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 14:25:52 GMT
server: nginx
age: 56228
etag: W/"5ebab1f0-159"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 3JPe-aBum5aXd0vMMzIPxmidjRFweRzWrC7YsgXux_HChCk5o79FOg==

GET
H2 200 style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame 4817 829 B
657 B 8ms
7ms Stylesheet
text/css 2600:9000:211e:c600:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by: Host: pheegoab.click
URL: https://pheegoab.click/pages/5753.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pheegoab.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 13:57:10 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 14:25:52 GMT
server: nginx
age: 32700
etag: W/"5ebab1f0-33d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fjNdZDgas7_Nbp8QZT76WUrf7_TJSdk8iOIbfF0cmmsVIFZyLutEpA==

GET
H2 200 skenzo.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame 4817 345 B
522 B 8ms
8ms Stylesheet
text/css 2600:9000:211e:c600:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/skenzo.css
Requested by: Host: pheegoab.click
URL: https://pheegoab.click/pages/5753.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pheegoab.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 07:25:02 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 14:25:52 GMT
server: nginx
age: 56228
etag: W/"5ebab1f0-159"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: oaIoc-8yOXCs8FmXQwpEU25xtH6XryUZ_wp5gEWkg2SEk23b3U0miQ==

GET
H2 200 style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame F87F 829 B
657 B 8ms
7ms Stylesheet
text/css 2600:9000:211e:c600:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by: Host: pheegoab.click
URL: https://pheegoab.click/345.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pheegoab.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 13:57:10 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 14:25:52 GMT
server: nginx
age: 32700
etag: W/"5ebab1f0-33d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: nPsJWjrds433fhjqAC8qKXPdqa8XM4gqyxchVuHE4N_v_bgIFPoreA==

GET
H2 200 skenzo.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame F87F 345 B
522 B 8ms
8ms Stylesheet
text/css 2600:9000:211e:c600:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/assets/skenzo.css
Requested by: Host: pheegoab.click
URL: https://pheegoab.click/345.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c600:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pheegoab.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 07:25:02 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 14:25:52 GMT
server: nginx
age: 56228
etag: W/"5ebab1f0-159"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: f4d2SGp4cAndcngawzE0GFpb_KHoCY0JN5LjpZV-tz5CNEyLZVLIbQ==

POST
H2 200 custom Show response
stootsou.net/ 39 B
328 B 13ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://stootsou.net/custom

Requested by

Host: www.citpekalongan.com
URL: http://www.citpekalongan.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.citpekalongan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c3b3acc1eb312dfdac76e8ecee40672b
date: Tue, 19 Oct 2021 23:02:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
stootsou.net/ Frame 0
0 12ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stootsou.net/custom
Protocol: H2
Server: 139.45.197.250 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.citpekalongan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 19 Oct 2021 23:02:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://www.citpekalongan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pheegoab.click
URL: https://pheegoab.click/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fw%2F

Domain: pheegoab.click
URL: https://pheegoab.click/bundle.css?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=

Domain: pheegoab.click
URL: https://pheegoab.click/config.json

Domain: pheegoab.click
URL: https://pheegoab.click/error.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx

Domain: pheegoab.click
URL: https://pheegoab.click/config.json

Domain: pheegoab.click
URL: https://pheegoab.click/error.png?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=

Domain: pheegoab.click
URL: https://pheegoab.click/resources.json

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
toglooman.com/42	1970-01-20 06:50:20	Name: OAID Value: ad435691cf4d49c087d7bb51e1e9e827
toglooman.com/42	1970-01-20 06:50:20	Name: oaidts Value: 1634684530
bedrapiona.com/	1970-01-20 06:50:20	Name: OAID Value: ba01bce2a3b341f88755140920574ef9
bedrapiona.com/	1970-01-20 06:50:20	Name: oaidts Value: 1634684530
my.rtmark.net/	1970-01-20 06:50:20	Name: ID Value: d8a1d4e2c14141ffa40d341bdc41f46e
toglooman.com/	1970-01-20 06:50:20	Name: scm Value: 1
toglooman.com/	1970-01-20 06:50:20	Name: OAID Value: ad435691cf4d49c087d7bb51e1e9e827
toglooman.com/	1970-01-20 06:50:20	Name: oaidts Value: 1634684530
dozubatan.com/	1970-01-20 06:50:20	Name: OAID Value: d8a1d4e2c14141ffa40d341bdc41f46e

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://native.propellerclick.com/1?z=2780870 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.citpekalongan.com/none Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to CSS stylesheet at 'https://pheegoab.click/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/styles.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to XMLHttpRequest at 'https://pheegoab.click/config.json' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/config.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to image at 'https://pheegoab.click/error.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/error.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yNzgwODcx Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to CSS stylesheet at 'https://pheegoab.click/bundle.css?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/bundle.css?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to image at 'https://pheegoab.click/error.png?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw=' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/error.png?aHR0cHM6Ly96ZWVncmVlbi5uZXQvbG9nLmpzP3o9NDE5MTY3MyZmPXB1c2hlci11bml2ZXJzYWw= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to XMLHttpRequest at 'https://pheegoab.click/config.json' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/config.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.citpekalongan.com/ Message: Access to XMLHttpRequest at 'https://pheegoab.click/resources.json' from origin 'http://www.citpekalongan.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pheegoab.click/resources.json Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://pheegoab.click/84493/articles/30.html(Line 16) Message: Mixed Content: The page at 'https://pheegoab.click/84493/articles/30.html' was loaded over HTTPS, but requested an insecure frame 'http://iyfnz.com/?dn=pheegoab.click&pid=9PO755G95'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://pheegoab.click/pages/5753.html(Line 16) Message: Mixed Content: The page at 'https://pheegoab.click/pages/5753.html' was loaded over HTTPS, but requested an insecure frame 'http://iyfnz.com/?dn=pheegoab.click&pid=9PO755G95'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://pheegoab.click/345.html(Line 16) Message: Mixed Content: The page at 'https://pheegoab.click/345.html' was loaded over HTTPS, but requested an insecure frame 'http://iyfnz.com/?dn=pheegoab.click&pid=9PO755G95'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
bedrapiona.com
blogger.googleusercontent.com
connect.facebook.net
d1lxhc4jvstzrp.cloudfront.net
dolohen.com
dozubatan.com
fonts.gstatic.com
iclickcdn.com
my.rtmark.net
native.propellerclick.com
onmarshtompor.com
phaurtuh.net
pheegoab.click
pseepsie.com
resources.blogblog.com
static.cdnativepush.com
stootsou.net
toglooman.com
www.blogger.com
www.citpekalongan.com
www.facebook.com
www.gstatic.com
pheegoab.click
www.facebook.com
139.45.195.8
139.45.197.188
139.45.197.234
139.45.197.235
139.45.197.236
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.243
139.45.197.250
185.53.178.11
2600:9000:211e:c600:1f:4100:9540:21
2606:4700:20::681a:c76
2a00:1450:4001:802::2009
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2013
2a00:1450:4001:82b::2003
2a03:2880:f01c:8012:face:b00c:0:3
022ccf5875b60764c8c7b12d02bf8b0165670182c8f7c1bc91c8047864a7a96c
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0aafc0af9d98c6f5295f26152310c1dd85af77c66743d9596c0ff41181f927a6
0c545a26218b9c4c81e5af093d4c225273f775c850da77364bad85d62e95b064
0f00ff479bdce5642f77e638e55777b05d4ef9fc594e79ba040993eabe286593
13680131c41af257207f2a12b8f8e74868d460a411ee95c67668822afd282433
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1f5d41db440e14a92fe368c4bb6e3669b3aae5953c9cbe2b59a6c7d85c3e5eb2
23fcedafbba1413be63578d1d4742c3f50c8da390f6a8178bc78250ac3123565
24e98f20c48962a4142fc2b04842922a253b7fbb32bb06be0401f6275cb2bbea
2e73256211ee6aa3c6b8a636762c9202f60239a20189e781a0485f05f0db3e0a
36e39dccfd5d59c60f41ee661d5efc78ca31f2b4ec30050eebbc7547f2ad8540
3c8625a5defa7c8eb4051b50613f86505263688bb1ce53de8b8d9dcfc78ef212
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
483ab2785288e4226bc1e3c0974f347bcc1b94c34e66867cc62565fc9d7f819e
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
5dcaa0b32f37b9855e5e3485ac7f5b8410baaf690349308376ac301eb98c80aa
63fc7b3990bfef0f5b99a6567f77bcfec3f1e4c5feca6bd2524616fb07e59f99
6693731937bee0e6fccea59c35815df27324c941a4d9aa5e2c7f14b4c2d2b2ea
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
79b3395a7a7a780f136d3f1bd931de688b9e5be5da7027be4e48f838c80e0209
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
83b44c9af3ff442e12804916e8fd66f5593c7dff4bb9737aba393d0da4c79ff3
8dea5b7e0827b4b7c92ccfa84605b8cddcada6be2bb28076ecb9e0ad080b43ee
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
9a8dcd693f1a1d7086934d9249abc48d1b0bca3d8b52fd7c36638008c8ced992
aa8f0aedad34e77170ffba8cf00be544aed2c4e790f854c83a83b68cf1032c15
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
aec1639efe1524394ee2eb2a08e456ee00016d843ed18ee398b8448bc4244754
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b5af56774123ba2a15edd68717bdf876b3f02584bde6d2e794522644cfd5b87e
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
d1e7a869c302108f51dd86b899fc33e49e97c39ae8bcbd670e16a524e7f81e76
d47482902c8e9ef5e6601032600c541cacd5c8cea5c93e822db5e53e2307e905
db30f3956434fa476f2f5a605696e792a57398e8ded3af2feb7913c731ad7ab8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fae4152391150e39b8373408d33f536534b630a3ab7f7af52ee22ff054c7947a
fbf5cac45e8469296a0f7d0d0ec5ca598360bfd9e16e335f43a08d40a7661cc3
fea5dc117795a570096dbbcce09dec862df8fe9a7ed6edc2d0f53c38638dbc5d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.citpekalongan.com Open in urlscan Pro 2a00:1450:4001:813::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

63 %HTTPS

45 %IPv6

22 Domains

23 Subdomains

21 IPs

4 Countries

1687 kBTransfer

2862 kBSize

9 Cookies

6 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.citpekalongan.com Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

63 %
HTTPS

45 %
IPv6

22
Domains

23
Subdomains

21
IPs

4
Countries

1687 kB
Transfer

2862 kB
Size

9
Cookies

73 HTTP transactions
1 data transactions