urlscan.io logo urlscan.io
SecurityTrails logo

bandungtotososmed.com Open in urlscan Pro
66.29.153.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bandungslot.cc.bandungtoto07.online/
Effective URL: https://bandungtotososmed.com/
Submission: On June 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 66.29.153.69, located in United States and belongs to NAMECHEAP-NET, US. The main domain is bandungtotososmed.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 17th 2023. Valid for: a year.
This is the only time bandungtotososmed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.29.137.115 22612 (NAMECHEAP...)
2 66.29.153.69 22612 (NAMECHEAP...)
6 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 63.141.226.66 33387 (NOCIX)
1 45.10.154.11 51167 (CONTABO)
27 6
1    66.29.137.115 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium296-2.web-hosting.com
bandungslot.cc.bandungtoto07.online
2    66.29.153.69 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium249-2.web-hosting.com
bandungtotososmed.com
6    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
16    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    63.141.226.66 (United States)

ASN33387 (NOCIX, US)
PTR: uppsalarm.com
cdn.onlinewebfonts.com
1    45.10.154.11 (Los Angeles, United States)

ASN51167 (CONTABO, DE)
PTR: vmi1816527.contaboserver.net
www.pngplay.com
Apex Domain
Subdomains		 Transfer
16 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 9704
21 MB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 430
117 KB
2 bandungtotososmed.com
bandungtotososmed.com
72 KB
1 pngplay.com
www.pngplay.com — Cisco Umbrella Rank: 640176
19 KB
1 onlinewebfonts.com
cdn.onlinewebfonts.com — Cisco Umbrella Rank: 589518
30 KB
1 bandungtoto07.online
bandungslot.cc.bandungtoto07.online
173 B
0 pafilomboktengah.org Failed
pafilomboktengah.org Failed
27 7
Domain Requested by
16 blogger.googleusercontent.com bandungtotososmed.com
6 cdn.ampproject.org bandungtotososmed.com
cdn.ampproject.org
2 bandungtotososmed.com bandungtotososmed.com
1 www.pngplay.com bandungtotososmed.com
1 cdn.onlinewebfonts.com bandungtotososmed.com
1 bandungslot.cc.bandungtoto07.online 1 redirects
0 pafilomboktengah.org Failed bandungtotososmed.com
27 7
Subject Issuer Validity Valid
bandungtotososmed.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-17 -
2024-06-17		 a year crt.sh
misc-sni.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.onlinewebfonts.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-22 -
2024-11-21		 a year crt.sh
pngplay.com
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bandungtotososmed.com/
Frame ID: BB2BFA777AF0DEF5F41BACF8436C5467
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BANDUNGTOTO : Main Slot Gacor Anti Rungkat Pake Bocoran Pola

Page URL History Show full URLs

  1. https://bandungslot.cc.bandungtoto07.online/ HTTP 301
    https://bandungtotososmed.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

27
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

21681 kB
Transfer

22042 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bandungslot.cc.bandungtoto07.online/ HTTP 301
    https://bandungtotososmed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.edinburghschristmas.com/assets/imgs/layout/Basegame_BG1.png HTTP 301
  • https://abyssiniarestaurantbar.com/assets/imgs/layout/Basegame_BG1.png HTTP 301
  • https://www.monkeyboardnola.com/assets/imgs/layout/Basegame_BG1.png HTTP 301
  • https://www.safinahouston.com/assets/imgs/layout/Basegame_BG1.png HTTP 301
  • https://www.jadefountainmn.com/assets/imgs/layout/Basegame_BG1.png HTTP 301
  • https://pafilomboktengah.org/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bandungtotososmed.com/
Redirect Chain
  • https://bandungslot.cc.bandungtoto07.online/
  • https://bandungtotososmed.com/
58 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.69 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium249-2.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
bfa96048e5a94e8905544f4d8d2df923a08d86c18e074d64b29b07d01e821a65

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-length
13866
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 14:47:02 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 14:47:02 GMT
location
https://bandungtotososmed.com/
server
LiteSpeed
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b111d62aa7be84683e6e2b7912e42f1ecf87989ad97311f0ae3c4e9822a61cb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 14:47:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73095
x-xss-protection
0
server
sffe
etag
"71092e69d8700e92"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 06 Jun 2024 14:47:02 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f964eaeab9623a2a207eb79e16754e752eea6c4ecf6a389405d805e76b023e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 14:47:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9659
x-xss-protection
0
server
sffe
etag
"20176d15f3dfe648"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 06 Jun 2024 14:47:02 GMT
amp-carousel-0.2.js
cdn.ampproject.org/v0/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.2.js
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1751a8124d58ce78c06d34ad132d4a7ebbd78565984db1e5f4340426b6e96dac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 14:47:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9581
x-xss-protection
0
server
sffe
etag
"f7c9a016aacfb7c2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 06 Jun 2024 14:47:02 GMT
/
pafilomboktengah.org/
Redirect Chain
  • https://www.edinburghschristmas.com/assets/imgs/layout/Basegame_BG1.png
  • https://abyssiniarestaurantbar.com/assets/imgs/layout/Basegame_BG1.png
  • https://www.monkeyboardnola.com/assets/imgs/layout/Basegame_BG1.png
  • https://www.safinahouston.com/assets/imgs/layout/Basegame_BG1.png
  • https://www.jadefountainmn.com/assets/imgs/layout/Basegame_BG1.png
  • https://pafilomboktengah.org/
0
0
/
bandungtotososmed.com/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bandungtotososmed.com/
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.69 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium249-2.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:02 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/8.0.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
content-length
13866
BANDUNG%20TOTO%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUss4J2HzNotrVKAGZyrwXEUWRBQIqB-ZmKuchmytkX50mNOw7jFD3xKJOZ56r95bUalCYxC0as-m-NjKW4aLh9X1pblr0Gd8NbAZv3W7YV5XVgkdRxzcqhg7s-IiAkak7Ze4xpgeBT9f8WibO... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUss4J2HzNotrVKAGZyrwXEUWRBQIqB-ZmKuchmytkX50mNOw7jFD3xKJOZ56r95bUalCYxC0as-m-NjKW4aLh9X1pblr0Gd8NbAZv3W7YV5XVgkdRxzcqhg7s-IiAkak7Ze4xpgeBT9f8WibOztbazm4S1eM4L2XRDl_eJTguOCs9ehsodvrhuMoFrw/s320/BANDUNG%20TOTO%20(1).png
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7815c3447bdd208af5a64c49e06d18b00864881abeb82487711d767ffde36e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v3a5"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="BANDUNG TOTO (1).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15621
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
img_241918.png
cdn.onlinewebfonts.com/svg/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onlinewebfonts.com/svg/img_241918.png
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.141.226.66 , United States, ASN33387 (NOCIX, US),
Reverse DNS
uppsalarm.com
Software
nginx /
Resource Hash
25b1b8a3acf057c25d034ac1b5ba0e54abb2184a93b78f77be6d80901ceaea6a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:41:45 GMT
server
nginx
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=86400,must-revalidate
access-control-allow-headers
X-Requested-With
content-length
30420
Checklist-Logo-Download-Free-PNG.png
www.pngplay.com/wp-content/uploads/7/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngplay.com/wp-content/uploads/7/Checklist-Logo-Download-Free-PNG.png
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.10.154.11 Los Angeles, United States, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1816527.contaboserver.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2989ec7f906bf06d902202a8a537bbe3c5ac764336180278be197fc99bea9a3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 14:47:03 GMT
Last-Modified
Thu, 12 Aug 2021 17:58:30 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61156146-4c02"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19458
Expires
Thu, 31 Dec 2037 23:55:55 GMT
06.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbBpPCTr0CpJb2Byr21eMM7X8uch0pTy35o_t3sW89VbmYU6p9l9gpQkiMFbFaWx_46PcV6JZi4OdnV6lMo9jQKi5-6RWdfZiVymdQqZPh9nHs2W2xfiqfJQni72sCMrgFUaPiHHWy8XgUipGH... 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbBpPCTr0CpJb2Byr21eMM7X8uch0pTy35o_t3sW89VbmYU6p9l9gpQkiMFbFaWx_46PcV6JZi4OdnV6lMo9jQKi5-6RWdfZiVymdQqZPh9nHs2W2xfiqfJQni72sCMrgFUaPiHHWy8XgUipGHz2pd3V0DNMk8bHmjDCqN5m4Kv4W1nqRYwVN9gpH9rA/s16000/06.gif
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bfd8bb6d4580e6f78baa8bf0d4f1ae40d6bd1a68abe077d2b2766273be5f0b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v361"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="06.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4459869
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
Facebook_Logo_(2019).webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOWE3mVzxqc2tHRdSoe0zu5wqCCZmdIKfygZKaOa8sdsatE83aM8y3rNE8OHA49h4bZs7rgO8WvhZFbccNFhc7GNdfDlhELA4apoc3ZpF5lEm__eOqgng6bJCHyQ-hfPpgzo9irhEpDCXgEtkD... 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOWE3mVzxqc2tHRdSoe0zu5wqCCZmdIKfygZKaOa8sdsatE83aM8y3rNE8OHA49h4bZs7rgO8WvhZFbccNFhc7GNdfDlhELA4apoc3ZpF5lEm__eOqgng6bJCHyQ-hfPpgzo9irhEpDCXgEtkDfajy0oN-1xpe-2x8ykmZM2OBBv69x3FttEFKFczGgg/s16000/Facebook_Logo_(2019).webp
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
23f0edd0d5dbc649d04da05fa827bafbe8ea6ed6654f8fee3b14bce3ddfe1585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v363"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Facebook_Logo_(2019).png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35870
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
2048px-Instagram_icon.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNwLzKEFuyTDAmlWtm6UkSnuGVPAdVWZ2hlGQi9FOVp_8B9QuQ_5xhY5mCVesihreIa5QIsi_Xul5xNw6SrLH0A2HMPoXv5lIVG2FnrSP6naIy_FJjfViAuV5uxSy-ivgpH3f6w0GZjhP1nww4... 		1024 KB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNwLzKEFuyTDAmlWtm6UkSnuGVPAdVWZ2hlGQi9FOVp_8B9QuQ_5xhY5mCVesihreIa5QIsi_Xul5xNw6SrLH0A2HMPoXv5lIVG2FnrSP6naIy_FJjfViAuV5uxSy-ivgpH3f6w0GZjhP1nww4D547rXtG7SOVDdhbEX_XbBNhxz_f4-CXdWyNwtRREw/s16000/2048px-Instagram_icon.png
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
79a80f98bead7cbc5f54ac344ed9e4192bf112e4ac88dd8f079cddd20cd1893a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v36b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="2048px-Instagram_icon.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1048427
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
3938028.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0uM89K-pBEpNXl0rIME_CN8obKmaCQNtQJjHNQCAp94Tw2kTX5f1XjxQrNggKFZZVwtZ7d6KdvfoYENarLkoREpdQr9h_COGkTsOCyAnx1Gjc5GkgkvSSvCfr8h6B-QrL_W0364fX38niMR_6... 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0uM89K-pBEpNXl0rIME_CN8obKmaCQNtQJjHNQCAp94Tw2kTX5f1XjxQrNggKFZZVwtZ7d6KdvfoYENarLkoREpdQr9h_COGkTsOCyAnx1Gjc5GkgkvSSvCfr8h6B-QrL_W0364fX38niMR_6jrCoBlIc3gV9bCGycnCKIKzL2ps8aoNmEEDFjMT0uA/s16000/3938028.png
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1040fdde5616fdad21162bed6e6f81d11193e0ec1aa965f8722e6c34c3701f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v375"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3938028.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18358
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
Telegram_logo.svg.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhewODFsgMfqcGfQ58DF4c00hig0U0-4j8F8IoBDCE1mbup97zUphY8zBsGfgjgfvO1IIla-jPSXvvRChyIDOMqfE3WUQ-xk3dJwG_lbkVSpJ1T04ZP-CQSckgvbp59U55y9__4LgoIKp2U-G48... 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhewODFsgMfqcGfQ58DF4c00hig0U0-4j8F8IoBDCE1mbup97zUphY8zBsGfgjgfvO1IIla-jPSXvvRChyIDOMqfE3WUQ-xk3dJwG_lbkVSpJ1T04ZP-CQSckgvbp59U55y9__4LgoIKp2U-G48mtlAMUy8lG2Qvv6c6rBqeQc7-R4eqmoY8R6Y7BDPIw/s16000/Telegram_logo.svg.png
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02e07abcda7f4713918ad5d489326c1cc49ced35628f1b321a050e8e538f3faa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v373"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Telegram_logo.svg.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20616
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
turnover.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV6mtBgMq3W23AW_L-SnRdFmf93izt1_X85HvEYDzfyc320o5JLEeDiiM5q3OYO0I5YA9kiFysp3dgX4voYu_lXiGmNpZXJfyE-lpLe29UH-5BnwUJvC55bzTk5x_5cxmGNdYJUDCsWAB4e5xI... 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV6mtBgMq3W23AW_L-SnRdFmf93izt1_X85HvEYDzfyc320o5JLEeDiiM5q3OYO0I5YA9kiFysp3dgX4voYu_lXiGmNpZXJfyE-lpLe29UH-5BnwUJvC55bzTk5x_5cxmGNdYJUDCsWAB4e5xI7DtxMIFAzjtLzerFifEPRdZvLaqwN4gG06oRVlohpw/s16000/turnover.jpg
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9266e290c6ea0ac72d702898feaa42289b40eed71094ef1e8e693758a275bb0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v3a2"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="turnover.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153676
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
rtp%20(1)-min.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMgzQOvgbs1tYq6ljoXRLsZQXSnIbavk6ytJXpQ7e5Bf1Dk3XWvX7TMdFwkbeJGlYlpS9wli83m2SZLKsX5D6WLUCiLKhARO73MxtQrEMXI5QOtl3Pt6AfhTQdBLsAxmOjda6XtLXwEv3IgWip... 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMgzQOvgbs1tYq6ljoXRLsZQXSnIbavk6ytJXpQ7e5Bf1Dk3XWvX7TMdFwkbeJGlYlpS9wli83m2SZLKsX5D6WLUCiLKhARO73MxtQrEMXI5QOtl3Pt6AfhTQdBLsAxmOjda6XtLXwEv3IgWipjay7LsiCyAOYx0qdjiaCz9P4mzl6kR_rCDAhI3envw/s320/rtp%20(1)-min.gif
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6c3e66a4510aefa0fef7b1282fb6d7cd685b34d90202b5efc13ceabb8350bac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v97"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="rtp (1)-min.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4235745
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:06 GMT
prediksi1-min.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwVWfOThkktgXSAznvADtfwOHwUYTQwCPXnbA8YOWVF6FRW63TA30YyWQLnt1YY_AGLgn4DLD2cyTgLxMPhUKDDnbkgjLsWXaANMltVkYh_kRjLoEz3gtxYSY_xxy6ZQ4kt2csAZbo1H5XqoMc... 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwVWfOThkktgXSAznvADtfwOHwUYTQwCPXnbA8YOWVF6FRW63TA30YyWQLnt1YY_AGLgn4DLD2cyTgLxMPhUKDDnbkgjLsWXaANMltVkYh_kRjLoEz3gtxYSY_xxy6ZQ4kt2csAZbo1H5XqoMcZfLBF39wHhKlQQZ6ongTvFh5TEfrc9NyMvL9K9KOLA/s320/prediksi1-min.gif
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
be57cd67f5ff7552cc4af370fc2f9e8b01a75ce9021515e23fc43e76e0286039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v94"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="prediksi1-min.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3622062
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:05 GMT
promosi%20(1)-min.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC3Rs_a30t3J9nRbh_d_Bz8ttFR-lgIOPNtJJNVgko4volc_rDQLDHCAZjGajVYIInELVF2W0DMxbI1WEPDbdSEGPAf-syYqFhg7v1SOxDzHf-ecK03PAm1tTjnRKaj5211OCHogz-T4egpOIc... 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjC3Rs_a30t3J9nRbh_d_Bz8ttFR-lgIOPNtJJNVgko4volc_rDQLDHCAZjGajVYIInELVF2W0DMxbI1WEPDbdSEGPAf-syYqFhg7v1SOxDzHf-ecK03PAm1tTjnRKaj5211OCHogz-T4egpOIcJOv1EkDZLT-C1_UInyNj_-qTCJnaHU79z_NzJ17S4Q/s320/promosi%20(1)-min.gif
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f28d68502d76570d1d3b67a650b62a0633c470c2533167731550999ff5e2bfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v96"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="promosi (1)-min.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4097661
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:05 GMT
bukti%20jp-min.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqYAey4Xjn3n9Iq1cy_s4qvYyiYHN-3kBJ6C9yCXWEiXRfytpXEA8dEUIXDeFar6Ga_ysB9Iv6--5q50sv9sgWf3-sfdoCzZVFRkk6krL-vJiOCd_EI3oLUsPkd7xifJoux1nvY3fkfJiD8JKz... 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqYAey4Xjn3n9Iq1cy_s4qvYyiYHN-3kBJ6C9yCXWEiXRfytpXEA8dEUIXDeFar6Ga_ysB9Iv6--5q50sv9sgWf3-sfdoCzZVFRkk6krL-vJiOCd_EI3oLUsPkd7xifJoux1nvY3fkfJiD8JKz5yQ82Qx4naxnnsVFO4BUGsi0rkRC_KFzOHUj17-c_g/s320/bukti%20jp-min.gif
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b3fd80fd65a477b9db19f0ad7deb9d170cb559033a45eaa27c10c269bdbdd046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v95"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bukti jp-min.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3837770
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:05 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012405231944000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ccd9843a25ef16f1676fc8b8ab3b4fc85e73a32a41f41330f0136dd41443aa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Origin
https://bandungtotososmed.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jun 2024 19:02:44 GMT
age
157459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2976
x-xss-protection
0
server
sffe
etag
"a0d535beb194cb9d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Jun 2025 19:02:44 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012405231944000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3a9604f4bfd4e9f9c6066b3da2374f247f569368384a546891deab5bb91634c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Origin
https://bandungtotososmed.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jun 2024 19:02:44 GMT
age
157459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3928
x-xss-protection
0
server
sffe
etag
"e3ef08d045080c7f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Jun 2025 19:02:44 GMT
123123.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuM_1fnTm7sEoUKzkVvTGlsHQfpZpQ1co4umqJqzVv9Qlx4jSEK3LzqYnDr5HIqLUodi6u3TnHMXYeQHcc7yOwbdpstgS0-VadjJm2IlndwUYbwBrI1ncHn21xzbpCqKh88DwQev2qKTIi8LO-... 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuM_1fnTm7sEoUKzkVvTGlsHQfpZpQ1co4umqJqzVv9Qlx4jSEK3LzqYnDr5HIqLUodi6u3TnHMXYeQHcc7yOwbdpstgS0-VadjJm2IlndwUYbwBrI1ncHn21xzbpCqKh88DwQev2qKTIi8LO-aXZ-Bka-eI8EFc0BuNBxTgjRPnQgNqFmFyCcenHRvQ/s16000/123123.jpg
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7aec5f266a06a36cf6d28cb9f3978b142621c682669f1ceb6f72ecdf857e4f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:03 GMT
x-content-type-options
nosniff
server
fife
etag
"v365"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="123123.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129382
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:03 GMT
02.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXlYhjzLvZz5Lo6SqN0p0WjNse7bCM420YaWXzZtN1P6WViGUtl03g2SVuG7CXme5BDwwGTSaShSkGTVi7fLQkIF9kkqtc-uxDF1WRKkIjpRFsR53baAQhdb_5HTYBWwYS6YfAQJyhHYcpFkEC... 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXlYhjzLvZz5Lo6SqN0p0WjNse7bCM420YaWXzZtN1P6WViGUtl03g2SVuG7CXme5BDwwGTSaShSkGTVi7fLQkIF9kkqtc-uxDF1WRKkIjpRFsR53baAQhdb_5HTYBWwYS6YfAQJyhHYcpFkECrcCNkJmNLyo1NqVq-P72G1IOcLDuPCdhlSVRjH3m_w/s16000/02.jpg
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1a27c92676b80ec69f90fadac541661244b362ce0274724ce44bf1290c8de6a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v35f"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="02.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128814
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
01.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6u04K7F83p4eMQmMGBH1aO2luNxPpiODU4Pa0RBohy1z_RstqTQq_GnJvD9dFvDiqREVmwZWHvesySZnFMKxiNVTwCH3dAKf98f5qcozYqDYl8yS3ZMKR2XZZBgnzdFXmFKnBJ3xxG_loKPir... 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6u04K7F83p4eMQmMGBH1aO2luNxPpiODU4Pa0RBohy1z_RstqTQq_GnJvD9dFvDiqREVmwZWHvesySZnFMKxiNVTwCH3dAKf98f5qcozYqDYl8yS3ZMKR2XZZBgnzdFXmFKnBJ3xxG_loKPirU15ac-bOolwXm4Z9Xzwcv0e647JfpMKEWrjTDjJ6eg/s16000/01.jpg
Requested by
Host: bandungtotososmed.com
URL: https://bandungtotososmed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fa157ccca79076616bf5db37b5a7feb8e564523e796a2093e4ad092c7a8d42de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v35e"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="01.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119474
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:04 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/rtv/012405231944000/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
401e74906def908166263aad727073769fb7a294ecbb855b1b051b3e390eb4af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Origin
https://bandungtotososmed.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jun 2024 19:02:44 GMT
age
157460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19071
x-xss-protection
0
server
sffe
etag
"45a6e921b268cbd4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Jun 2025 19:02:44 GMT
fav-icon-bandung.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLJmVbPmWFMQiMeuVRAGYbvNL7paGBQ9jdF_5j2FNn3x9-1x4C2h0V5ocs_JANVGHn-hHaNTZ9soZ6gJjJ1CZfiJwcn3CdWPHQRMOevi7DJIw-PRW8S_8AyvVFvOIUfpYT9Fmm3ZiZA_8TJohz... 		20 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLJmVbPmWFMQiMeuVRAGYbvNL7paGBQ9jdF_5j2FNn3x9-1x4C2h0V5ocs_JANVGHn-hHaNTZ9soZ6gJjJ1CZfiJwcn3CdWPHQRMOevi7DJIw-PRW8S_8AyvVFvOIUfpYT9Fmm3ZiZA_8TJohzfpLdR6gT_PaXEnk7P0l9Vulv8CqLSgOJhj2dhdh4eQ/s1600/fav-icon-bandung.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
292ef7a21d0cf6d012620c3c36a238686d538a2220051280a16c74a133c89662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v3a6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fav-icon-bandung.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20330
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:09 GMT
fav-icon-bandung.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLJmVbPmWFMQiMeuVRAGYbvNL7paGBQ9jdF_5j2FNn3x9-1x4C2h0V5ocs_JANVGHn-hHaNTZ9soZ6gJjJ1CZfiJwcn3CdWPHQRMOevi7DJIw-PRW8S_8AyvVFvOIUfpYT9Fmm3ZiZA_8TJohz... 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLJmVbPmWFMQiMeuVRAGYbvNL7paGBQ9jdF_5j2FNn3x9-1x4C2h0V5ocs_JANVGHn-hHaNTZ9soZ6gJjJ1CZfiJwcn3CdWPHQRMOevi7DJIw-PRW8S_8AyvVFvOIUfpYT9Fmm3ZiZA_8TJohzfpLdR6gT_PaXEnk7P0l9Vulv8CqLSgOJhj2dhdh4eQ/s1600/fav-icon-bandung.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
292ef7a21d0cf6d012620c3c36a238686d538a2220051280a16c74a133c89662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bandungtotososmed.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 14:47:09 GMT
x-content-type-options
nosniff
server
fife
etag
"v3a6"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fav-icon-bandung.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20330
x-xss-protection
0
expires
Fri, 07 Jun 2024 14:47:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pafilomboktengah.org
URL
https://pafilomboktengah.org/

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bandungslot.cc.bandungtoto07.online
bandungtotososmed.com
blogger.googleusercontent.com
cdn.ampproject.org
cdn.onlinewebfonts.com
pafilomboktengah.org
www.pngplay.com
pafilomboktengah.org
2a00:1450:4001:812::2001
2a00:1450:4001:831::2001
45.10.154.11
63.141.226.66
66.29.137.115
66.29.153.69
02e07abcda7f4713918ad5d489326c1cc49ced35628f1b321a050e8e538f3faa
1040fdde5616fdad21162bed6e6f81d11193e0ec1aa965f8722e6c34c3701f99
1751a8124d58ce78c06d34ad132d4a7ebbd78565984db1e5f4340426b6e96dac
1a27c92676b80ec69f90fadac541661244b362ce0274724ce44bf1290c8de6a7
23f0edd0d5dbc649d04da05fa827bafbe8ea6ed6654f8fee3b14bce3ddfe1585
25b1b8a3acf057c25d034ac1b5ba0e54abb2184a93b78f77be6d80901ceaea6a
292ef7a21d0cf6d012620c3c36a238686d538a2220051280a16c74a133c89662
2989ec7f906bf06d902202a8a537bbe3c5ac764336180278be197fc99bea9a3f
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
401e74906def908166263aad727073769fb7a294ecbb855b1b051b3e390eb4af
6c3e66a4510aefa0fef7b1282fb6d7cd685b34d90202b5efc13ceabb8350bac1
7815c3447bdd208af5a64c49e06d18b00864881abeb82487711d767ffde36e34
79a80f98bead7cbc5f54ac344ed9e4192bf112e4ac88dd8f079cddd20cd1893a
7aec5f266a06a36cf6d28cb9f3978b142621c682669f1ceb6f72ecdf857e4f99
9266e290c6ea0ac72d702898feaa42289b40eed71094ef1e8e693758a275bb0f
b111d62aa7be84683e6e2b7912e42f1ecf87989ad97311f0ae3c4e9822a61cb3
b3f964eaeab9623a2a207eb79e16754e752eea6c4ecf6a389405d805e76b023e
b3fd80fd65a477b9db19f0ad7deb9d170cb559033a45eaa27c10c269bdbdd046
be57cd67f5ff7552cc4af370fc2f9e8b01a75ce9021515e23fc43e76e0286039
bfa96048e5a94e8905544f4d8d2df923a08d86c18e074d64b29b07d01e821a65
bfd8bb6d4580e6f78baa8bf0d4f1ae40d6bd1a68abe077d2b2766273be5f0b89
c5ccd9843a25ef16f1676fc8b8ab3b4fc85e73a32a41f41330f0136dd41443aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f28d68502d76570d1d3b67a650b62a0633c470c2533167731550999ff5e2bfce
f3a9604f4bfd4e9f9c6066b3da2374f247f569368384a546891deab5bb91634c
fa157ccca79076616bf5db37b5a7feb8e564523e796a2093e4ad092c7a8d42de