www.ebooking.tianrosandhy.com Open in urlscan Pro
103.145.227.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ebooking.tianrosandhy.com/
Effective URL:
https://www.ebooking.tianrosandhy.com/styling/
Submission: On May 08 via automatic, source certstream-suspicious (May 8th 2023, 6:39:53 am UTC) — Scanned from DE

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 23 domains to perform 81 HTTP transactions. The main IP is 103.145.227.134, located in Indonesia and belongs to IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID. The main domain is www.ebooking.tianrosandhy.com.
TLS certificate: Issued by R3 on May 8th 2023. Valid for: 3 months.

This is the only time www.ebooking.tianrosandhy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 28	103.145.227.134 103.145.227.134	139456 (IDNIC-NSR...) (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	159.89.208.39 159.89.208.39	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 5	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	184.31.93.220 184.31.93.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.39.185.87 3.39.185.87	16509 (AMAZON-02) (AMAZON-02)
1	3.35.89.61 3.35.89.61	16509 (AMAZON-02) (AMAZON-02)
1 2	121.53.104.194 121.53.104.194	() ()
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	103.243.202.190 103.243.202.190	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	222.230.178.131 222.230.178.131	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
81	26

28 103.145.227.134 (Indonesia) 2 redirects

ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID)
PTR: sgx11.dewaweb.com

www.ebooking.tianrosandhy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.89.208.39 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

widget.jpnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:903 (United States)

ASN13335 (CLOUDFLARENET, US)

photo.jpnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.93.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-93-220.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.39.185.87 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-39-185-87.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.35.89.61 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-89-61.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.53.104.194 (None, ) 1 redirects

ASN- ()

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 222.230.178.131 (Bannaguro, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	tianrosandhy.com 2 redirects www.ebooking.tianrosandhy.com	4 MB
11	jpnn.com widget.jpnn.com photo.jpnn.com	360 KB
6	gstatic.com fonts.gstatic.com	125 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9100	4 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 160	6 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 storage.googleapis.com — Cisco Umbrella Rank: 378	3 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16321	69 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 29849 api.dable.io — Cisco Umbrella Rank: 27074 r-log.dable.io — Cisco Umbrella Rank: 29987	39 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 200	14 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 805 syndication.twitter.com — Cisco Umbrella Rank: 1119	132 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	89 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793	31 KB
1	gssprt.jp cs.gssprt.jp — Cisco Umbrella Rank: 26761	82 B
1	toast.com cm-exchange.toast.com — Cisco Umbrella Rank: 7565	607 B
1	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 215	410 B
1	kakao.com act.ds.kakao.com	492 B
1	daum.net 1 redirects analytics.ad.daum.net	568 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	186 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 3863	58 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	52 KB
1	google.com apis.google.com — Cisco Umbrella Rank: 110	21 KB
0	alexametrics.com Failed certify-js.alexametrics.com Failed
81	23

	Domain	Requested by
28	www.ebooking.tianrosandhy.com	2 redirects www.ebooking.tianrosandhy.com
6	fonts.gstatic.com	fonts.googleapis.com
6	photo.jpnn.com	widget.jpnn.com
5	mc.yandex.com	2 redirects widget.jpnn.com
5	sb.scorecardresearch.com	1 redirects widget.jpnn.com
5	widget.jpnn.com	www.ebooking.tianrosandhy.com widget.jpnn.com
3	cdn.izooto.com	www.googletagmanager.com cdn.izooto.com
3	cdnjs.cloudflare.com	widget.jpnn.com cdnjs.cloudflare.com
3	fonts.googleapis.com	www.ebooking.tianrosandhy.com widget.jpnn.com
2	connect.facebook.net	widget.jpnn.com connect.facebook.net
2	maxcdn.bootstrapcdn.com	widget.jpnn.com
2	platform.twitter.com	widget.jpnn.com platform.twitter.com
1	cs.gssprt.jp
1	cm-exchange.toast.com
1	cm.g.doubleclick.net
1	act.ds.kakao.com
1	analytics.ad.daum.net	1 redirects
1	r-log.dable.io	static.dable.io
1	api.dable.io	static.dable.io
1	www.facebook.com	widget.jpnn.com
1	storage.googleapis.com	www.ebooking.tianrosandhy.com
1	static.dable.io	www.ebooking.tianrosandhy.com
1	www.google-analytics.com	www.googletagmanager.com
1	syndication.twitter.com	platform.twitter.com
1	mc.yandex.ru	widget.jpnn.com
1	www.googletagmanager.com	widget.jpnn.com
1	apis.google.com	widget.jpnn.com
0	certify-js.alexametrics.com Failed	widget.jpnn.com www.ebooking.tianrosandhy.com
81	28

This site contains no links.

Subject Issuer	Validity	Valid
ebooking.tianrosandhy.com R3	`2023-05-08` - `2023-08-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.jpnn.com GlobalSign RSA OV SSL CA 2018	`2022-10-31` - `2023-12-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
jpnn.com Cloudflare Inc ECC CA-3	`2022-08-20` - `2023-08-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
static.dable.io R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-30` - `2023-07-31`	a year	crt.sh
cs.gssprt.jp GeoTrust RSA CA 2018	`2023-01-06` - `2024-02-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.ebooking.tianrosandhy.com/styling/
Frame ID: 86475F4880BFA5CAD37FECBC4B4EFB4D
Requests: 31 HTTP requests in this frame

Frame: https://widget.jpnn.com/terbaru/landscape
Frame ID: 850D2E664A69DC18BD57069C41A83A3F
Requests: 48 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwidget.jpnn.com
Frame ID: 848DF98762881348E4AA95AF934D85BB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 11CE80AF72CA6025EF188592DBAA028F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

E-Booking PGN

Page URL History Show full URLs

https://www.ebooking.tianrosandhy.com/ HTTP 302
https://www.ebooking.tianrosandhy.com/styling HTTP 301
https://www.ebooking.tianrosandhy.com/styling/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

93 %
HTTPS

56 %
IPv6

23
Domains

28
Subdomains

26
IPs

7
Countries

5087 kB
Transfer

7005 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ebooking.tianrosandhy.com/ HTTP 302
https://www.ebooking.tianrosandhy.com/styling HTTP 301
https://www.ebooking.tianrosandhy.com/styling/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://sb.scorecardresearch.com/cs/36655557/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 73

https://mc.yandex.com/watch/46643340?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A705275410445%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A458235948%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/46643340/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A705275410445%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A458235948%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 74

https://mc.yandex.com/watch/46068570?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A0%3Als%3A1356047155064%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A949061903%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/46068570/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A0%3Als%3A1356047155064%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A949061903%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 77

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230508%22,%22u%22:%2200000000.0000000000000%22%7D%7D

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ebooking.tianrosandhy.com/styling/
Redirect Chain

https://www.ebooking.tianrosandhy.com/
https://www.ebooking.tianrosandhy.com/styling
https://www.ebooking.tianrosandhy.com/styling/

17 KB
4 KB

166ms
166ms

Document
text/html

103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

1dd993fe2665659cec72d369cf669ea40d776e241f76890d3d5e3995796417e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 May 2023 06:39:46 GMT
server: LiteSpeed
strict-transport-security: max-age=15552000;includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/7.4.33

Redirect headers

content-length: 707
content-type: text/html
date: Mon, 08 May 2023 06:39:45 GMT
location: https://www.ebooking.tianrosandhy.com/styling/
server: LiteSpeed
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 May 2023 05:47:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 May 2023 06:39:46 GMT

GET
H3 200 bootstrap.css
www.ebooking.tianrosandhy.com/styling/assets/css/ 189 KB
30 KB 173ms
172ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/css/bootstrap.css

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

1768d054d5d2c8483154a4586877a02c511b2ef0414b84c65455fe2699c480a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 30842
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 select2.min.css
www.ebooking.tianrosandhy.com/styling/assets/vendor/select2/css/ 15 KB
2 KB 202ms
201ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/select2/css/select2.min.css?v=1.0.0

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

c6b67fd8ed254d3734360dd19addf19767353ede64b65f1baaac12b47b34301d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Thu, 05 Mar 2020 04:20:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2006
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 bootstrap-datetimepicker.min.css
www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap-datetimepicker/ 8 KB
1 KB 203ms
202ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap-datetimepicker/bootstrap-datetimepicker.min.css

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

ff29faf5a8c9c7a2339b71f5300b9120e734ed1a68fa359df3c31ac043396f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1290
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 additional.css
www.ebooking.tianrosandhy.com/styling/assets/css/ 3 KB
1016 B 204ms
204ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/css/additional.css?v=1.0.4

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

de608d229ada01345746f90517f31ddc197aace91a75636050a69dca2ff9a6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Thu, 05 Mar 2020 04:25:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 969
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 swiper.css
www.ebooking.tianrosandhy.com/styling/assets/vendor/swiper/ 15 KB
4 KB 205ms
205ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/swiper/swiper.css

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

882086637da4b64c2913ba1e55d09a9828e9446b357a82e001528f7dbca0ff84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4361
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 logo.png
www.ebooking.tianrosandhy.com/styling/assets/images/ 66 KB
67 KB 571ms
569ms Image
image/png 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/logo.png

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

62fa176b4f21062758721fcc4a0033aa2e09881767c5e9035b243ea8a01de231

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 68015
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 example-3.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 522 KB
522 KB 572ms
569ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-3.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

ea3af4a1e7a1ea9a7d4958a7359a7dd1bdb5028fcd553e87baf1e7a7afa07e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:11 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 534509
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 example-4.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 670 KB
670 KB 1168ms
1166ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-4.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

7dbb8639777880d599f62fa9baa6933775e4141b8537722d99c557e1bb91cf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 685906
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 example-5.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 166 KB
167 KB 1250ms
1248ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-5.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

f808d2947805b22847920e3d60684d42415f8df6d6dc7989d6f0715c0d9c5eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 170442
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 example-1.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 655 KB
655 KB 1169ms
1167ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-1.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

11ac1e4ca5c828553b2493b447ffb15cc4e01e1ec3f940aece35ca2854362ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:11 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 670757
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 example-2.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 73 KB
73 KB 1164ms
1162ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-2.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

238c036a1ff54bfdbd3bd3870de98db779eb8a962a5157f5119d0b733fbd1733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:11 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 74389
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 example-6.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 948 KB
948 KB 1170ms
1168ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-6.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

0508076d71963034aff7853ac29d0fc9cb51956ed6595a288cdc5b7a7eca4798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 970610
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 example-7.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 481 KB
481 KB 1171ms
1169ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-7.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

8a84d93d2639afdd8907f788b0e82de80f11dce933994f67ad5ce7994991798f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 492262
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 example-8.jpg
www.ebooking.tianrosandhy.com/styling/assets/images/ 198 KB
198 KB 1165ms
1163ms Image
image/jpeg 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/images/example-8.jpg

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

23c076e35c35c77d6533b3c13f7a45f6269cb2f90f540b5268eaab801316ecbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 16:49:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 202447
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 jquery-3.4.1.min.js Show response
www.ebooking.tianrosandhy.com/styling/assets/js/ 86 KB
31 KB 208ms
207ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/js/jquery-3.4.1.min.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31718
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 bootstrap.bundle.js Show response
www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap/ 223 KB
50 KB 351ms
349ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap/bootstrap.bundle.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

675b7ec3167b121e53d6c2ba69e3d63211103a0851e236552f08f0ad464045e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 51125
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 select2.min.js Show response
www.ebooking.tianrosandhy.com/styling/assets/vendor/select2/js/ 65 KB
19 KB 417ms
415ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/select2/js/select2.min.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18938
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 moment.js Show response
www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap-datetimepicker/ 52 KB
18 KB 444ms
441ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap-datetimepicker/moment.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17944
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 bootstrap-datetimepicker.min.js Show response
www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap-datetimepicker/ 37 KB
10 KB 518ms
516ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/bootstrap-datetimepicker/bootstrap-datetimepicker.min.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

6d8a1ac09eb11e48c0742020da1b8b444b4c929d9d7cd17dae19defc7ee4c299

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9751
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 additional.js Show response
www.ebooking.tianrosandhy.com/styling/assets/js/ 2 KB
439 B 529ms
527ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/js/additional.js?v=1.0.0

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

6ac1b6730a7d010d7fea161c2220b41aebc8c3366d696387e29c433a94ad0b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Thu, 05 Mar 2020 04:25:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 392
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 swiper.min.js Show response
www.ebooking.tianrosandhy.com/styling/assets/vendor/swiper/ 136 KB
36 KB 529ms
527ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/vendor/swiper/swiper.min.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

f094cd2c4e88f831d445c2d65a82829afd7a803cf0d05a78237e0edb2e34bc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 36498
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H3 200 jquery.row-grid.min.js Show response
www.ebooking.tianrosandhy.com/styling/assets/js/ 2 KB
1017 B 570ms
568ms Script
application/javascript 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/js/jquery.row-grid.min.js

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

389dfde585d6145f324bc5122111e0e1f0f9e72bc08d59f47c0de78a1d6c4f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Wed, 04 Mar 2020 16:49:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 970
expires: Mon, 15 May 2023 06:39:46 GMT

GET
H2 200 landscape Show response
widget.jpnn.com/terbaru/ Frame 850D 22 KB
6 KB 671ms
285ms Document
text/html 159.89.208.39
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.jpnn.com/terbaru/landscape

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.89.208.39 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PHP/5.5.38

Resource Hash

62340e24ba9ea23225fcc5d4660e658c2a5f237c2ea391339d7e5e7ff021b9c7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ebooking.tianrosandhy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 08 May 2023 06:39:46 GMT
server: nginx
vary: Accept-Encoding
x-cache-by-kid: MISS
x-powered-by: PHP/5.5.38
x-whom: PARTNER
x-xss-protection: 1; mode=block

GET
H3 200 homepage.css
www.ebooking.tianrosandhy.com/styling/assets/css/partials/ 4 KB
947 B 1122ms
1120ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/css/partials/homepage.css

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/assets/css/additional.css?v=1.0.4

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

77dbca5c17c10e7e1fb2281042e66abd61b39eddfc508467bc2bd2c382a0e64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/assets/css/additional.css?v=1.0.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Wed, 04 Mar 2020 16:49:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 923
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H3 200 login.css
www.ebooking.tianrosandhy.com/styling/assets/css/partials/ 1 KB
332 B 1122ms
1121ms Stylesheet
text/css 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/css/partials/login.css

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/assets/css/additional.css?v=1.0.4

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

b5af0284aab2b8e5d9511b75f4af9af49c18681ee6742581eb60df69cd95a27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ebooking.tianrosandhy.com/styling/assets/css/additional.css?v=1.0.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000;includeSubDomains; preload
last-modified: Wed, 04 Mar 2020 16:49:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 308
expires: Mon, 15 May 2023 06:39:47 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 850D 54 KB
21 KB 61ms
17ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?publisherid=105440276395813137928

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5007dac1365dd925963e4bc2ff805516823a6d61e200ca67066b8e0b843887be

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 06:39:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21024
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "56986aef804b04b0"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 May 2023 06:39:46 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 850D 91 KB
28 KB 44ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 06:39:46 GMT
Content-Encoding: gzip
Age: 329
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (amb/6B85)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 850D 118 KB
20 KB 42ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.jpnn.com/
Origin: https://widget.jpnn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1082
age: 325691
cdn-cachedat: 01/05/2023 13:19:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a1a041b9031f4b1eb4ad3dd1c3d76099
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c3fb51df9233aa4-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.bxslider.min.css
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/ Frame 850D 3 KB
1 KB 37ms
12ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/jquery.bxslider.min.css

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fccf706e6186e617e0ab0ae98fef2bf4929635a4d9d30746563af6c4765b310

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4220714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-ba2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEaHVT9ZYtxyPnWPEDWQwpQlf0KsWhiFtVWAX76IqUEGnv4fi0dFu7FUUHIyScR%2FNRjikdIfQtn4sMV2U%2Bza%2BuHouQhVM0KimScFw1ar0o21JI44%2Bn2ajSlmTtt9olKKPIeEcF8thDaizMxfqn%2FXhdQ9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c3fb51df82d03a6-FRA
expires: Sat, 27 Apr 2024 06:39:46 GMT

GET
H2 200 default.css
widget.jpnn.com/assets/css/ Frame 850D 2 KB
1 KB 186ms
182ms Stylesheet
text/css 159.89.208.39
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.jpnn.com/assets/css/default.css
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.208.39 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3a8e818d526b5710fad9fb67364e3deb9d48bec4ddac07b2c52146819316454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/terbaru/landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: public
date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2017 07:39:43 GMT
server: nginx
etag: W/"596f0cbf-9d5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
widget.jpnn.com/assets/js/ Frame 850D 94 KB
33 KB 191ms
187ms Script
application/javascript 159.89.208.39
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.jpnn.com/assets/js/jquery-1.11.0.min.js
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.208.39 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/terbaru/landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: public
date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2017 07:39:43 GMT
server: nginx
etag: W/"596f0cbf-1787d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 850D 36 KB
11 KB 36ms
14ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.jpnn.com/
Origin: https://widget.jpnn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 325691
cdn-cachedat: 11/15/2022 10:30:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dede2d0eb82fab805ae9c2466f6da5fe
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c3fb51df9243aa4-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.bxslider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/ Frame 850D 23 KB
6 KB 33ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/jquery.bxslider.min.js

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 871556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5394
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-5bf7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45akVJU3%2BmMJwjSBNqjOfRj7BrjTzDRQGvVN4hH46YeT19HwaEiaM1Ji4YaofM65ZwFe%2BoUMEv%2Bf7x4Gak340aG1knOqGf3fucCLZgyzGc33l02BbkJ9c5uuC3qm40LnDjI0pijlhTbVgYpjppjkM9Vr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c3fb51df82f03a6-FRA
expires: Sat, 27 Apr 2024 06:39:46 GMT

GET
H2 200 clipboard.min.js Show response
widget.jpnn.com/assets/plugin/clipboard/ Frame 850D 10 KB
3 KB 371ms
369ms Script
application/javascript 159.89.208.39
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.jpnn.com/assets/plugin/clipboard/clipboard.min.js
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.208.39 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/terbaru/landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: public
date: Mon, 08 May 2023 06:39:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2017 07:39:43 GMT
server: nginx
etag: W/"596f0cbf-2780"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 timthumb.php
photo.jpnn.com/ Frame 850D 51 KB
51 KB 555ms
314ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photo.jpnn.com/timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/08/tim-regu-putra-artistik-pencak-silat-indonesia-anggi-faisal-9afv.jpg&h=300&zc=1

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.30

Resource Hash

741688363f54b8a7eb314e205e221b0c659e374db9c77296222dad6117be08a9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
x-cache-by-kid: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.30
x-whom: S3LOKAL
content-length: 52100
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: cloudflare
uri: /timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/08/tim-regu-putra-artistik-pencak-silat-indonesia-anggi-faisal-9afv.jpg&h=300&zc=1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2i9p3kjpf6N%2BhZNjC3S%2BjCd1fnMX%2Bjh%2Bmt2fsIQeCabaDZkADHjnyzmsNocv1lKHVipy9%2FVn%2Fh2udqhlcdeTHnMCE1q1utS%2BTgKtrpzHm9ButbjVUglytfK%2FadU9IuYyLISEt3jAK7yFJr2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000, must-revalidate
accept-ranges: bytes
cf-ray: 7c3fb521ae292ba8-FRA
expires: Thu, 18 May 2023 06:39:47 GMT

GET
H2 200 timthumb.php
photo.jpnn.com/ Frame 850D 61 KB
62 KB 556ms
317ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photo.jpnn.com/timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/08/bupati-bandung-barat-hengki-kurniawan-menyerahkan-secara-sim-5rgq.jpg&h=300&zc=1

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.30

Resource Hash

33675f92dcc44cc15832bdbbfe2a347c7211974ff35afb583f2724e8a80f6e8e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
x-cache-by-kid: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.30
x-whom: S3LOKAL
content-length: 62841
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: cloudflare
uri: /timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/08/bupati-bandung-barat-hengki-kurniawan-menyerahkan-secara-sim-5rgq.jpg&h=300&zc=1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLERyB%2FHWqHUOQwpkNLuhod9Evfnls9CKYGwJHSrsG2j%2B0Da%2B3zh63KuSx4Mj0cdHb9tYkL5snkSgTsUcLida6S64bpDlWXKu42e%2BeHOp6znELIO41B%2Fz03t0rg%2FpNGdFoabaeswSCvT58IT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000, must-revalidate
accept-ranges: bytes
cf-ray: 7c3fb521ae2a2ba8-FRA
expires: Thu, 18 May 2023 06:39:47 GMT

GET
H2 200 timthumb.php
photo.jpnn.com/ Frame 850D 24 KB
25 KB 621ms
392ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photo.jpnn.com/timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/03/21/ilustrasi-penembakan-antaraho-avk2z-l2xk.jpg&h=300&zc=1

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.30

Resource Hash

2631381af5e3c8f3efe04b6e21fb42bda7cd73faf00a4cf217c9782e889eae3a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
x-cache-by-kid: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.30
x-whom: S3LOKAL
content-length: 24753
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: cloudflare
uri: /timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/03/21/ilustrasi-penembakan-antaraho-avk2z-l2xk.jpg&h=300&zc=1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHLwdjQ4LKHEhW%2FqFjhKKykXq4YJO5nZVd60Kqg2q5yWaY49%2FHtMVblPdXhsEQa1WcdvwZcwn%2FMOPgR8rhW%2Brhy%2Fb1PpGukQzMfjwS4bCqlk%2Bbhn5wjrL1otSKRp5aBngk6cboxwyPJisH3K"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000, must-revalidate
accept-ranges: bytes
cf-ray: 7c3fb521ae2b2ba8-FRA
expires: Thu, 18 May 2023 06:39:47 GMT

GET
H2 200 timthumb.php
photo.jpnn.com/ Frame 850D 75 KB
76 KB 780ms
551ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photo.jpnn.com/timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/07/bakal-calon-presiden-dari-koalisi-perubahan-anies-baswedan-d-3a2m.jpg&h=300&zc=1

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.30

Resource Hash

d4a9286e2a7ba3bda19eae343060d9196850610fd973a7b2853f908efe697869

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:48 GMT
x-cache-by-kid: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.30
x-whom: S3LOKAL
content-length: 77293
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: cloudflare
uri: /timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/07/bakal-calon-presiden-dari-koalisi-perubahan-anies-baswedan-d-3a2m.jpg&h=300&zc=1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aMkFAM5U7Op7CLKSAEvd1noZNqo8ZyAbEUAJ99IMXozUdS4%2B1dLiTK2A0rJHZGpeOboX9sKDOXdUklm7YsPOszYWeCgdRfW1sMZ92CgtrjyZ%2F%2F0nT%2BuNwedG5K3%2Blre%2FWcvkqw05XF%2Bw5qG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000, must-revalidate
accept-ranges: bytes
cf-ray: 7c3fb521ae2c2ba8-FRA
expires: Thu, 18 May 2023 06:39:47 GMT

GET
H2 200 timthumb.php
photo.jpnn.com/ Frame 850D 39 KB
40 KB 486ms
257ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photo.jpnn.com/timthumb.php?src=https://photo.jpnn.com/galeri/watermark/2020/01/10/IMG_20200109_205519.jpg&h=300&zc=1

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.30

Resource Hash

7dfc559857ee2ca4c7d95a42838d63299d91999e72fd55962d89eee50bc11d72

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
x-cache-by-kid: MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.30
x-whom: S3LOKAL
content-length: 40249
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: cloudflare
uri: /timthumb.php?src=https://photo.jpnn.com/galeri/watermark/2020/01/10/IMG_20200109_205519.jpg&h=300&zc=1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmU9Is324gn256QXBWmCAYKipoe%2F5WIJ%2F%2F%2B726A6HlFn3F%2FK8xnEDTtCjlYQgGkGOH%2BuYkjke59iOJYuCg7wSsQLCNne7%2FoU%2B2fUUDXQ0yXMYKgsgjTeiXc1ZY4xISDg%2Biy9B4fkrHvj8pRY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000, must-revalidate
accept-ranges: bytes
cf-ray: 7c3fb521ae2e2ba8-FRA
expires: Thu, 18 May 2023 06:39:47 GMT

GET
H2 200 timthumb.php
photo.jpnn.com/ Frame 850D 54 KB
55 KB 430ms
201ms Image
image/jpeg 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photo.jpnn.com/timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/08/kapolres-pelabuhan-makasar-akbp-yudi-frianto-bersama-jajara-pach.jpg&h=300&zc=1

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.30

Resource Hash

c575e97953387f1315e76c470856ce47156dded2ad60c3896e86195bc03b46e9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
x-cache-by-kid: EXPIRED
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.30
x-whom: S3LOKAL
content-length: 55256
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: cloudflare
uri: /timthumb.php?src=https://photo.jpnn.com/arsip/normal/2023/05/08/kapolres-pelabuhan-makasar-akbp-yudi-frianto-bersama-jajara-pach.jpg&h=300&zc=1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqUUsTxyxEF0iJtc0G9U5UOa3fZvxRhSNO%2F7m%2FvWYnkOT5kxat3Aloy%2B0vWEUYEV5tI0jBkMMAO7912EuC2Ul18wxTofTBWy5r%2BkaXj0ton3gD2kbpaqKhs14vpNqs2IbltsfjCRvpl7Wp9g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000, must-revalidate
accept-ranges: bytes
cf-ray: 7c3fb521ae2f2ba8-FRA
expires: Thu, 18 May 2023 06:39:47 GMT

GET
H2 200 logo-jpnn-default.png
widget.jpnn.com/assets/img/ Frame 850D 8 KB
8 KB 184ms
183ms Image
image/png 159.89.208.39
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.jpnn.com/assets/img/logo-jpnn-default.png
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.208.39 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3dd62705ffa49d9b6a59aa97be6abe19abaf4e1bca72d3386287ff6cfa15b678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/terbaru/landscape
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: public
date: Mon, 08 May 2023 06:39:47 GMT
last-modified: Thu, 22 Aug 2019 18:11:10 GMT
server: nginx
etag: "5d5edabe-20e9"
content-type: image/png
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 8425
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 850D 135 KB
52 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KV2DFQ7

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ceb9c9fd9b46cd46c05b32325e9a147785182845705b0267ed938fb0285a6d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52977
x-xss-protection: 0
last-modified: Mon, 08 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 06:39:47 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 850D 164 KB
58 KB 259ms
112ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-e583"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58755
expires: Mon, 08 May 2023 07:39:47 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 850D 4 KB
2 KB 62ms
8ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:33:55 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 352
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: IbFD6EVAXqJJoz5RI95BX0t8v-hfrHzVimwmhpxEXCfZUDjMT-q7rQ==

GET atrk.js
certify-js.alexametrics.com/ Frame 850D 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 850D 3 KB
2 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d03ff16161abf6579f26c5edf3c2cc1c2f59d0a37f3b7761d47d1685b707c1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 06:39:47 GMT
content-md5: YVkFkrRKJdZVk0UMNUkRHw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: z/ygt7ub0wC40YyhlkLViGs+Ren2toflk/tKoFx34dasH3Y6rFPQw6qvj+oRxsnLc/hKQ2rCRxsr9XPK9jToOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 66307bd611a0addfdff585afd8afb911
cross-origin-opener-policy: same-origin-allow-popups
etag: "371f811541252691f54fee38d1d2962b"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 08 May 2023 06:44:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 850D 4 KB
754 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/assets/css/default.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:44:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 May 2023 06:39:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 850D 5 KB
775 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/assets/css/default.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1effdafaa2ff6aee903b0691f9202aed909b2dca695867c551cb486be70984c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 May 2023 06:21:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 May 2023 06:39:47 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 848D 320 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwidget.jpnn.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC0) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://widget.jpnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 810398
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 08 May 2023 06:39:47 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ebooking.tianrosandhy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 275610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 02:06:17 GMT

GET
H3 200 fontawesome-webfont.woff2
www.ebooking.tianrosandhy.com/styling/assets/fonts/ 75 KB
75 KB 166ms
166ms Font
font/woff2 103.145.227.134
IDNIC-NSR-DEWAWEB...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebooking.tianrosandhy.com/styling/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/assets/css/bootstrap.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.145.227.134 , Indonesia, ASN139456 (IDNIC-NSR-DEWAWEB-AS-ID PT DEWAWEB, ID),

Reverse DNS

sgx11.dewaweb.com

Software

LiteSpeed /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ebooking.tianrosandhy.com/styling/assets/css/bootstrap.css
Origin: https://www.ebooking.tianrosandhy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=15552000;includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 01 Mar 2020 06:29:31 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Mon, 15 May 2023 06:39:47 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://www.ebooking.tianrosandhy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 38ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ebooking.tianrosandhy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 141294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 15:24:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ebooking.tianrosandhy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 135332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 850D 15 KB
15 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.jpnn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 275610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 02:06:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 850D 15 KB
16 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.jpnn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 135332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:04:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 850D 47 KB
47 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widget.jpnn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 195483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 00:21:44 GMT

GET
H2 200 bx_loader.gif
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/images/ Frame 850D 8 KB
7 KB 12ms
11ms Image
image/gif 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/images/bx_loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/jquery.bxslider.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/jquery.bxslider.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15345113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6685
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-2185"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPXWa7%2F7YnzUq9o0qAN9Pfx0rvh1WDx%2BhTHqOOfcD08EQ6vpQFyjnfibN4utk9Wy0QZsa15pfUbB8%2FCJ36YpIW8OYm05a241%2FdcQrwiKmhcZHT75g0S4iEyUMnPLrRjMspkyAlIC3h4OaNWxL4qcyEXw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c3fb5207a8903a6-FRA
expires: Sat, 27 Apr 2024 06:39:47 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 848D 869 B
661 B 198ms
139ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0a0d18e08ca7af4bd987cd9362de598044b9dd70

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwidget.jpnn.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 08 May 2023 06:39:47 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 756536c3722d2096
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 3b9ead5102c3aeb45bd48e34bfe98cd25fec1a2d5756bb5962030374384a5df6
content-length: 337

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 850D 306 KB
87 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6122f2cd4dfd3f5e0902feb96bccc50c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44bbd44c509a5f2eb272fbde79d71c3a8f4759dde673f194a860c4c0e02ea5ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget.jpnn.com/
Origin: https://widget.jpnn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 06:39:47 GMT
content-md5: 3OzRu418q3HT1c9vCHKqmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88642
x-fb-rlafr: 0
x-fb-debug: Vs+qysva/rWzhh6B+lUTFIVBaxoDPYpeuR10FzIn6nGq/NjxURGZfiGYQ1NoniylLg+iz57hW3Y0Ghly9ZZJcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 000b3566489c8cdff8866b885b4c9278
cross-origin-opener-policy: same-origin-allow-popups
etag: "8f1e2f18f8badef9d5df8bd89e771af7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 May 2024 05:10:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 850D 51 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV2DFQ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 05:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5687
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 08 May 2023 07:05:00 GMT

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ Frame 850D 99 KB
37 KB 879ms
155ms Script
application/javascript 184.31.93.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.93.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-93-220.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 7d31f094e20702ad44b813a77d7b800ad6ffacc08886a523ab12363b917c3c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: PfzgWlwQNLXtGvFnlFxkuQc6siQgTLfR
content-encoding: gzip
date: Mon, 08 May 2023 06:39:48 GMT
last-modified: Sun, 07 May 2023 23:17:55 GMT
server: nginx/1.20.0
x-amz-request-id: EMZHQZFZPKJ2AJAK
etag: "2e3dd0effb09d7c1575fe6ad27bf56c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=59895
accept-ranges: bytes
content-length: 37884
x-amz-id-2: ep4m0j+O1Yi2Zxs4KDZwRA5jQdX5elxlXMeLB/QmwG7KZrcdATb0Q9Mam24BhVpI5shvUBfgT20=

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/ Frame 850D
Redirect Chain

https://sb.scorecardresearch.com/cs/36655557/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
6ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:21:03 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 10:02:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1125
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: W4qxrH-BNl1R9FxpJTOR-UIfEleqmdR9YhNsYBP7UYm3gkIL2ppjnw==

Redirect headers

date: Mon, 08 May 2023 06:39:47 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 9LkfqUBwiBG_eB3Lbjt8t1Fj_Jn0fLHbHHSpxCOkyWDcA9EoxKBvNg==

GET atrk.js
certify-js.alexametrics.com/ Frame 850D 0
0

GET
H2 404 avmLibrary.js
storage.googleapis.com/adasia-ad-network-origin/atm/library/ Frame 850D 0
0 312ms
289ms Script
application/xml 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Requested by: Host: www.ebooking.tianrosandhy.com
URL: https://www.ebooking.tianrosandhy.com/styling/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 fb8f19a225746097cd8e8bcd8ba488c8dcb0d20c.js Show response
cdn.izooto.com/scripts/ Frame 850D 3 KB
1 KB 48ms
21ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/fb8f19a225746097cd8e8bcd8ba488c8dcb0d20c.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV2DFQ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f305193cf176a9cb3f4da59b1e8b68eddb7bf75ed07b426db8775dce24348a14

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 22 Apr 2023 23:38:24 GMT
server: cloudflare
age: 98016
etag: W/"64446ff0-a5c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7c3fb5210b1918e0-FRA
x-xss-protection: 1; mode=block
expires: Wed, 24 May 2023 06:39:47 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 850D 0
226 B 7ms
7ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28872645&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683527987334&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&c8=Berita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&c9=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ixSF1Eubm4NzP5LQfMs4PD4QPL_EDiH-cr8hFR4HlbCyMO4KUtatYg==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ Frame 850D 0
226 B 9ms
9ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=36655557&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683527987334&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&c8=Berita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&c9=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F
Requested by: Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: KlhbsFUD8NpYgbdC3KXoxY8Q365YEF2XqgCo0HMYo6G3GrnsziW4zA==
x-cache: Miss from cloudfront

GET
H2 200 /
www.facebook.com/tr/ Frame 850D 0
186 B 50ms
16ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=102007653537717&ev=fb_page_view&dl=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&rl=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&if=true&ts=1683527987430&sw=1600&sh=1200&at=

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 May 2023 06:39:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ Frame 850D 284 KB
67 KB 33ms
33ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/fb8f19a225746097cd8e8bcd8ba488c8dcb0d20c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7062126e3a764814869589401e7a6854f94558f1ae647a1522cb6c3fc84c4df

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 03 May 2023 12:04:12 GMT
server: cloudflare
age: 412483
etag: W/"64524dbc-47009"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7c3fb5218b9c18e0-FRA
x-xss-protection: 1; mode=block
expires: Wed, 24 May 2023 06:39:47 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 11CE 4 KB
1 KB 22ms
20ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.jpnn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2405468
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7c3fb521ebeb18e0-FRA
content-encoding: br
content-type: text/html
date: Mon, 08 May 2023 06:39:47 GMT
expires: Thu, 08 Jun 2023 06:39:47 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 850D 43 B
113 B 125ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05 May 2023 15:14:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6454f31f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 08 May 2023 07:39:47 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/46643340/ Frame 850D
Redirect Chain

https://mc.yandex.com/watch/46643340?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browse...
https://mc.yandex.com/watch/46643340/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&brow...

435 B
471 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46643340/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A705275410445%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A458235948%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ca1195af3438dba3d03d4aeb6e76c4910ab358e6577c2699234be1a88a77163c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 08-May-2023 06:39:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.jpnn.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 08-May-2023 06:39:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08-May-2023 06:39:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/46643340/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A705275410445%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A458235948%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://widget.jpnn.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 08-May-2023 06:39:47 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/46068570/ Frame 850D
Redirect Chain

https://mc.yandex.com/watch/46068570?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browse...
https://mc.yandex.com/watch/46068570/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&brow...

447 B
605 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46068570/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A0%3Als%3A1356047155064%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A949061903%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: widget.jpnn.com
URL: https://widget.jpnn.com/terbaru/landscape

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d53d20c04c1e56c66ae411ca9928d9c132d656b3bc988ef8b2e9270433211344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 08-May-2023 06:39:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.jpnn.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Mon, 08-May-2023 06:39:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:47 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08-May-2023 06:39:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/46068570/1?wmode=7&page-url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&page-ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A1528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A2%3Adp%3A0%3Als%3A1356047155064%3Ahid%3A442161327%3Az%3A0%3Ai%3A20230508063947%3Aet%3A1683527988%3Ac%3A1%3Arn%3A949061903%3Arqn%3A1%3Au%3A1683527988524602176%3Aw%3A1600x300%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A16%2C369%2C285%2C1%2C0%2C0%2C%2C392%2C36%2C%2C%2C%2C1064%3Aco%3A0%3Acpf%3A1%3Ans%3A1683527986173%3Arqnl%3A1%3Ast%3A1683527988%3At%3ABerita%20Hari%20Ini%20JPNN.com%20-%20Portrait%20-%20Widget%20JPNN.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://widget.jpnn.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 08-May-2023 06:39:47 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/jpnn.com/ Frame 850D 824 B
1 KB 831ms
336ms Script
text/javascript 3.39.185.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/jpnn.com/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.39.185.87 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-39-185-87.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

02f4802c07588301e78b791ffcd6c78a1a081c2a83e7ab527131458ec73ceff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-decorator-operation: reco-api-svc-0-stable.reco-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"338-vV5eT7FiSEOK4nh5Uue4+IyPuyk"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 101

GET
H2 200 visit Show response
r-log.dable.io/s/jpnn.com/u/00000000.0000000000000/ Frame 850D 54 B
199 B 835ms
271ms Script
text/javascript 3.35.89.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/jpnn.com/u/00000000.0000000000000/visit?url=https%3A%2F%2Fwidget.jpnn.com%2Fterbaru%2Flandscape&ref=https%3A%2F%2Fwww.ebooking.tianrosandhy.com%2F&lang=en-US&cid=00000000.0000000000000&gdpr=1&z=296074&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.35.89.61 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-89-61.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 08 May 2023 06:39:50 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2

200

match2
act.ds.kakao.com/ Frame 850D
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230508%22,%22u%22:%2200000000.0000000000000%22%7D%7D

0
492 B

534ms
276ms

Image
text/plain

121.53.104.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230508%22,%22u%22:%2200000000.0000000000000%22%7D%7D

Protocol

Server

121.53.104.194 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230508%22,%22u%22:%2200000000.0000000000000%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 850D 170 B
410 B 53ms
17ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ Frame 850D 0
607 B 773ms
243ms Image
text/plain 103.243.202.190
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 06:39:50 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H2 403 cs
cs.gssprt.jp/yie/ld/ Frame 850D 82 B
82 B 954ms
258ms Image
application/octet-stream 222.230.178.131
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.131 Bannaguro, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.jpnn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 06:39:50 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 82
content-type: application/octet-stream

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.izooto.com/	1970-01-20 21:14:47	Name: IZCID Value: 4d75df54-62c4-4b81-9302-dfbc523aad49
.jpnn.com/	1970-01-20 20:24:23	Name: _ym_uid Value: 1683527988524602176
.jpnn.com/	1970-01-20 20:24:23	Name: _ym_d Value: 1683527988
.yandex.com/	1970-01-20 20:24:23	Name: ymex Value: 1715063987.yc.1683527987#1715063987.yrts.1683527987#1715063987.yrtsi.1683527987
.yandex.com/	1970-01-20 20:24:23	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 623567741683527987
.yandex.com/	1970-01-20 21:14:47	Name: i Value: 4Flbfm1iWmDqqcE+BgLab67GQM1AHwdSsmz+zQa7XlfsOgK+zXGnA7OKqkfFviexs+EEqnfg7CoBwtaMDEzeggmBOgs=
.yandex.com/	1970-01-20 21:14:47	Name: yandexuid Value: 1614315631683527987
.yandex.com/	1970-01-20 20:24:23	Name: yuidss Value: 1614315631683527987
.jpnn.com/	1970-01-20 11:39:59	Name: _ym_isad Value: 2
.dable.io/	1970-01-20 11:57:07	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 11:57:07	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 11:57:07	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 11:57:07	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 11:57:07	Name: _kko_ck_match Value: 1
.toast.com/	1970-01-20 21:14:47	Name: BID Value: H23IIS35R2ZF6F1E62C3FFS7Q
.toast.com/	1970-01-20 15:57:59	Name: txmed_1440080439 Value: 00000000.0000000000000_:_EXP_:_1699079990
.toast.com/	1970-01-20 15:57:59	Name: txsync Value: 1683527990

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=00000000.0000000000000 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000;includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.ds.kakao.com
analytics.ad.daum.net
api.dable.io
apis.google.com
cdn.izooto.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
cm-exchange.toast.com
cm.g.doubleclick.net
connect.facebook.net
cs.gssprt.jp
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
photo.jpnn.com
platform.twitter.com
r-log.dable.io
sb.scorecardresearch.com
static.dable.io
storage.googleapis.com
syndication.twitter.com
widget.jpnn.com
www.ebooking.tianrosandhy.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
certify-js.alexametrics.com
103.145.227.134
103.243.202.190
104.244.42.200
121.53.104.194
13.32.121.72
159.89.208.39
172.217.16.130
184.31.93.220
222.230.178.131
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:903
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700::6812:d841
2a00:1450:4001:803::200e
2a00:1450:4001:809::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82a::2010
2a02:6b8::1:119
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.35.89.61
3.39.185.87
02f4802c07588301e78b791ffcd6c78a1a081c2a83e7ab527131458ec73ceff4
0508076d71963034aff7853ac29d0fc9cb51956ed6595a288cdc5b7a7eca4798
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11ac1e4ca5c828553b2493b447ffb15cc4e01e1ec3f940aece35ca2854362ebc
1768d054d5d2c8483154a4586877a02c511b2ef0414b84c65455fe2699c480a1
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1dd993fe2665659cec72d369cf669ea40d776e241f76890d3d5e3995796417e0
1effdafaa2ff6aee903b0691f9202aed909b2dca695867c551cb486be70984c8
238c036a1ff54bfdbd3bd3870de98db779eb8a962a5157f5119d0b733fbd1733
23c076e35c35c77d6533b3c13f7a45f6269cb2f90f540b5268eaab801316ecbb
2631381af5e3c8f3efe04b6e21fb42bda7cd73faf00a4cf217c9782e889eae3a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
33675f92dcc44cc15832bdbbfe2a347c7211974ff35afb583f2724e8a80f6e8e
389dfde585d6145f324bc5122111e0e1f0f9e72bc08d59f47c0de78a1d6c4f78
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3dd62705ffa49d9b6a59aa97be6abe19abaf4e1bca72d3386287ff6cfa15b678
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
44bbd44c509a5f2eb272fbde79d71c3a8f4759dde673f194a860c4c0e02ea5ad
4fccf706e6186e617e0ab0ae98fef2bf4929635a4d9d30746563af6c4765b310
5007dac1365dd925963e4bc2ff805516823a6d61e200ca67066b8e0b843887be
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
62340e24ba9ea23225fcc5d4660e658c2a5f237c2ea391339d7e5e7ff021b9c7
62fa176b4f21062758721fcc4a0033aa2e09881767c5e9035b243ea8a01de231
675b7ec3167b121e53d6c2ba69e3d63211103a0851e236552f08f0ad464045e1
6ac1b6730a7d010d7fea161c2220b41aebc8c3366d696387e29c433a94ad0b4e
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6d8a1ac09eb11e48c0742020da1b8b444b4c929d9d7cd17dae19defc7ee4c299
741688363f54b8a7eb314e205e221b0c659e374db9c77296222dad6117be08a9
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
77dbca5c17c10e7e1fb2281042e66abd61b39eddfc508467bc2bd2c382a0e64e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ceb9c9fd9b46cd46c05b32325e9a147785182845705b0267ed938fb0285a6d8
7d31f094e20702ad44b813a77d7b800ad6ffacc08886a523ab12363b917c3c79
7dbb8639777880d599f62fa9baa6933775e4141b8537722d99c557e1bb91cf67
7dfc559857ee2ca4c7d95a42838d63299d91999e72fd55962d89eee50bc11d72
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
882086637da4b64c2913ba1e55d09a9828e9446b357a82e001528f7dbca0ff84
8a84d93d2639afdd8907f788b0e82de80f11dce933994f67ad5ce7994991798f
a3a8e818d526b5710fad9fb67364e3deb9d48bec4ddac07b2c52146819316454
a7062126e3a764814869589401e7a6854f94558f1ae647a1522cb6c3fc84c4df
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5af0284aab2b8e5d9511b75f4af9af49c18681ee6742581eb60df69cd95a27e
c575e97953387f1315e76c470856ce47156dded2ad60c3896e86195bc03b46e9
c6b67fd8ed254d3734360dd19addf19767353ede64b65f1baaac12b47b34301d
ca1195af3438dba3d03d4aeb6e76c4910ab358e6577c2699234be1a88a77163c
d03ff16161abf6579f26c5edf3c2cc1c2f59d0a37f3b7761d47d1685b707c1fe
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d4a9286e2a7ba3bda19eae343060d9196850610fd973a7b2853f908efe697869
d53d20c04c1e56c66ae411ca9928d9c132d656b3bc988ef8b2e9270433211344
de608d229ada01345746f90517f31ddc197aace91a75636050a69dca2ff9a6ce
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea3af4a1e7a1ea9a7d4958a7359a7dd1bdb5028fcd553e87baf1e7a7afa07e27
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
f094cd2c4e88f831d445c2d65a82829afd7a803cf0d05a78237e0edb2e34bc2d
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
f305193cf176a9cb3f4da59b1e8b68eddb7bf75ed07b426db8775dce24348a14
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f808d2947805b22847920e3d60684d42415f8df6d6dc7989d6f0715c0d9c5eaa
f9dc427bd933b43f00a6b153402c80c6edf36640e4b9f40495e1b00eb82bcaa2
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04
ff29faf5a8c9c7a2339b71f5300b9120e734ed1a68fa359df3c31ac043396f3a

www.ebooking.tianrosandhy.com Open in urlscan Pro 103.145.227.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

93 %HTTPS

56 %IPv6

23 Domains

28 Subdomains

26 IPs

7 Countries

5087 kBTransfer

7005 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ebooking.tianrosandhy.com Open in urlscan Pro
103.145.227.134 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

93 %
HTTPS

56 %
IPv6

23
Domains

28
Subdomains

26
IPs

7
Countries

5087 kB
Transfer

7005 kB
Size

18
Cookies

81 HTTP transactions
1 data transactions