urlscan.io logo urlscan.io
SecurityTrails logo

balipayungrafting.com Open in urlscan Pro
103.142.21.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://balipayungrafting.com/
Effective URL: https://balipayungrafting.com/
Submission Tags: falconsandbox
Submission: On June 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 103.142.21.66, located in Surabaya, Indonesia and belongs to IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID. The main domain is balipayungrafting.com.
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.
This is the only time balipayungrafting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 103.142.21.66 138131 (IDNIC-NAT...)
2 2a00:1450:400... 15169 (GOOGLE)
9 151.101.130.40 54113 (FASTLY)
3 5 151.101.2.83 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
41 9
21    103.142.21.66 (Surabaya, Indonesia)

ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID)
PTR: s03id.solidrockservers.com
balipayungrafting.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    151.101.130.40 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.tripadvisor.com
5    151.101.2.83 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.jscache.com
static.tacdn.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
21 balipayungrafting.com
balipayungrafting.com
512 KB
9 tripadvisor.com
www.tripadvisor.com — Cisco Umbrella Rank: 9316
45 KB
3 jscache.com
www.jscache.com — Cisco Umbrella Rank: 17582
2 KB
2 tacdn.com
static.tacdn.com — Cisco Umbrella Rank: 11518
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
90 KB
2 gstatic.com
fonts.gstatic.com
41 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
1 google.com
www.google.com — Cisco Umbrella Rank: 2
41 9
Domain Requested by
21 balipayungrafting.com balipayungrafting.com
9 www.tripadvisor.com balipayungrafting.com
www.jscache.com
3 www.jscache.com 3 redirects
2 static.tacdn.com www.tripadvisor.com
2 connect.facebook.net balipayungrafting.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com balipayungrafting.com
1 www.facebook.com connect.facebook.net
1 www.google.com balipayungrafting.com
41 9

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.tripadvisor.com
Subject Issuer Validity Valid
balipayungrafting.com
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
www.tripadvisor.com
GlobalSign RSA OV SSL CA 2018		 2024-05-23 -
2025-06-24		 a year crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-12 -
2024-06-10		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2024-02-23 -
2025-03-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://balipayungrafting.com/
Frame ID: 4EE4558BB233BFD34C6FF83357C23C11
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3946.572200323613!2d115.24127501478254!3d-8.44360109392825!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2dd223b3718b3825%3A0x6e9a8d43973355b!2sPayung+Rafting+Bali!5e0!3m2!1sen!2sid!4v1510365574325
Frame ID: 64D837ABB03E3B7FC15A12C7A8550A57
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc6e8658f1eab332c%26domain%3Dbalipayungrafting.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbalipayungrafting.com%252Ff120b6aea468e1b30%26relation%3Dparent.parent&container_width=290&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fbalipayungrafting&locale=en_US&sdk=joey&show_faces=true&stream=false&width=270
Frame ID: C6343C06F8E6D8A5554EF728823C62EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Bali Payung Rafting

Page URL History Show full URLs

  1. http://balipayungrafting.com/ HTTP 307
    https://balipayungrafting.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • tripadvisor\.[\w]+/WidgetEmbed
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

90 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

693 kB
Transfer

950 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://balipayungrafting.com/ HTTP 307
    https://balipayungrafting.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
Request Chain 16
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
Request Chain 18
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
balipayungrafting.com/
Redirect Chain
  • http://balipayungrafting.com/
  • https://balipayungrafting.com/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
9df5b5fc1954a4f78f3db2183758fa2e39d7848bfec789e13b1874417ef22a2f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 03 Jun 2024 04:28:11 GMT
server
Apache
vary
Accept,Accept-Encoding

Redirect headers

Location
https://balipayungrafting.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		796 B
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tangerine:400,700
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
103bdd00b57f62ce537e48de2402c8c0f38e651ad5363116b6a194c31c09c650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Jun 2024 04:28:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:28:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jun 2024 04:28:11 GMT
css
fonts.googleapis.com/ 		424 B
403 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69bd82f8ddeb1b4651b0b3a96b63a2e6cbe65d32c2cb684e44ef6d3395c2925a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Jun 2024 04:28:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:01:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jun 2024 04:28:11 GMT
colorbox.css
balipayungrafting.com/include/thirdparty/colorbox139/example2/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/thirdparty/colorbox139/example2/colorbox.css
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
2d8e31febefb1eeed2949acd4de047a43d961483887dec75e2a55314bbc4dc21

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 24 Apr 2016 17:35:40 GMT
server
Apache
accept-ranges
bytes
content-length
2368
content-type
text/css
additional.css
balipayungrafting.com/include/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/css/additional.css
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
9abea2ab27033c3cf7abaa6bd8eae5c94965cd7c5dc17ebe4f8a77838a4f4363

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 24 Apr 2016 17:35:37 GMT
server
Apache
accept-ranges
bytes
content-length
3517
content-type
text/css
default_gallery.css
balipayungrafting.com/include/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/css/default_gallery.css
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
b1b276ca74dd3697fa7acf777bf274d1363181133e8d11a163332420a1978dfc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 13:02:56 GMT
server
Apache
accept-ranges
bytes
content-length
1228
content-type
text/css
style.css
balipayungrafting.com/themes/Business_Casual/1_default/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
6bef6b91f38a69d187e1654f0ce02f64ffbec94b7941cc77daaf4169c31d5e4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 01 Jan 2017 08:36:15 GMT
server
Apache
accept-ranges
bytes
content-length
5490
content-type
text/css
payung-rafting-5.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/Rafting/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/Rafting/payung-rafting-5.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
ab32569693d69f07d08b144d2195366749d8d0df142ad5710ecdf959bdd03f11

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 01 Jan 2017 07:27:13 GMT
server
Apache
accept-ranges
bytes
content-length
18669
content-type
image/jpeg
SAM_0873.JPG.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/Rafting/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/Rafting/SAM_0873.JPG.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
f4e15ba781319cc99b8569016c94cba392253eeff363284bf779cb90bd25d466

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 01 Jan 2017 07:27:33 GMT
server
Apache
accept-ranges
bytes
content-length
20081
content-type
image/jpeg
IMG-20220720-WA0012.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/IMG-20220720-WA0012.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
8e18dd084cb2301ddb890768c363e0049c2b5abe3376770a5cbb40b90b884eb8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 22:38:53 GMT
server
Apache
accept-ranges
bytes
content-length
22570
content-type
image/jpeg
IMG-20220720-WA0016.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/IMG-20220720-WA0016.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
04445d2c023397de91b4f9d5652d505e71d2d3d38f6cffcce80822155d890cd9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 22:39:04 GMT
server
Apache
accept-ranges
bytes
content-length
20850
content-type
image/jpeg
IMG-20220720-WA0027.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/IMG-20220720-WA0027.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
2253123b9cd52d46083552e151a23dc03838a364414e09975b3f896ca213f8d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 22:41:22 GMT
server
Apache
accept-ranges
bytes
content-length
19632
content-type
image/jpeg
IMG-20220720-WA0042.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/IMG-20220720-WA0042.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
2cf0044f751f5db1da02da9e6a68a1d7ad7dec4b7da1372b299a8e298505e138

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 22:42:41 GMT
server
Apache
accept-ranges
bytes
content-length
23573
content-type
image/jpeg
IMG-20220720-WA0052.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/IMG-20220720-WA0052.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
b158c66f2f5a140b97f8e0f4d82d4a697fb8e9613542033a458b2d5af40f62ca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 22:45:05 GMT
server
Apache
accept-ranges
bytes
content-length
21335
content-type
image/jpeg
IMG-20220720-WA0017.jpg.jpg
balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/data/_uploaded/image/thumbnails/image/rafting2022/IMG-20220720-WA0017.jpg.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
80ec5894d6f1817b903b707936ac28d1d233191bb31ede2e99a49736b05429d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Tue, 09 Aug 2022 22:39:22 GMT
server
Apache
accept-ranges
bytes
content-length
21553
content-type
image/jpeg
CoE2016_WidgetAsset-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/CoE2016_WidgetAsset-14348-2.png
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
de5eadb63d4e626464eef3fe8f38dfba6b4cae07c09d42c90509d57a5c7e7ae7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
via
1.1 varnish
expires
Mon, 03 Jun 2024 16:28:12 GMT
server
envoy
x-timer
S1717388892.032079,VS0,VE100
x-cache
MISS
content-type
image/png
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
df84e3c5-1445-4b84-b3f7-0f2ee03d41ce
x-served-by
cache-fra-eddf8230076-FRA
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
276 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
704dca58d42eb2387c989710b31a5bf63c13e69dcae7174a602c64f90fb5854a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balipayungrafting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
dee1f0e1-2ff4-4ee5-8100-053472e73a16
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
envoy
x-timer
S1717388892.136356,VS0,VE121
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0

Redirect headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
via
1.1 varnish
x-cache
MISS
content-length
0
x-request-id
244b0632-7039-41b3-8847-83ed0d7f0e51
x-served-by
cache-fra-etou8220118-FRA
pragma
no-cache
server
envoy
x-timer
S1717388892.027490,VS0,VE102
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
276 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
39c9353b9c64818b5a447f6dbb525364e3f36c019ed6dd03d63134b921f52192

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balipayungrafting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
226ffc77-e471-4535-8e69-c88d1a754c1b
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
envoy
x-timer
S1717388892.161042,VS0,VE112
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0

Redirect headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
via
1.1 varnish
x-cache
MISS
content-length
0
x-request-id
a2e44fab-77ff-46ab-9d5b-617fcfde8eba
x-served-by
cache-fra-etou8220118-FRA
pragma
no-cache
server
envoy
x-timer
S1717388892.027591,VS0,VE126
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
CoE2017_WidgetAsset-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/CoE2017_WidgetAsset-14348-2.png
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
via
1.1 varnish
expires
Mon, 03 Jun 2024 16:28:12 GMT
server
envoy
x-timer
S1717388892.032550,VS0,VE110
x-cache
MISS
content-type
image/png
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
a949762b-7c0a-49de-945c-ee1fa7fee3c6
x-served-by
cache-fra-eddf8230076-FRA
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
275 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b70f8b51c41c42b55191cdcc9e531dd762e89bedbde9b06d3e4e6ebcfbc8d100

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balipayungrafting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
7c840e42-ff8e-4414-8392-6e0afa3b1f00
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
envoy
x-timer
S1717388892.134957,VS0,VE104
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0

Redirect headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:12 GMT
via
1.1 varnish
x-cache
MISS
content-length
0
x-request-id
006dd667-24b9-4f12-b7bc-00cc8e0c8e47
x-served-by
cache-fra-etou8220118-FRA
pragma
no-cache
server
envoy
x-timer
S1717388892.027479,VS0,VE100
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
jquery.js
balipayungrafting.com/include/thirdparty/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/thirdparty/js/jquery.js
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 24 Apr 2016 17:35:41 GMT
server
Apache
accept-ranges
bytes
content-length
95992
content-type
application/x-javascript
bootstrap.min.js
balipayungrafting.com/include/thirdparty/Bootstrap3/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/thirdparty/Bootstrap3/js/bootstrap.min.js
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 24 Apr 2016 17:35:39 GMT
server
Apache
accept-ranges
bytes
content-length
36868
content-type
application/x-javascript
main.js
balipayungrafting.com/include/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/js/main.js
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
efba8ac7970e7c9caf1fb779326b4869c9fcf245ea096d0edbc12207da3163ff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 24 Apr 2016 17:35:39 GMT
server
Apache
accept-ranges
bytes
content-length
8899
content-type
application/x-javascript
jquery.colorbox.js
balipayungrafting.com/include/thirdparty/colorbox139/colorbox/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/include/thirdparty/colorbox139/colorbox/jquery.colorbox.js
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
7c0bdda2c45a8e4072c530cc6540fb128b5b7d0ec82330a95f7297f9c4b10ce1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Sun, 24 Apr 2016 17:35:40 GMT
server
Apache
accept-ranges
bytes
content-length
12287
content-type
application/x-javascript
css
fonts.googleapis.com/ 		0
0
bootstrap.min.css
balipayungrafting.com/themes/Business_Casual/css/ 		114 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/themes/Business_Casual/css/bootstrap.min.css
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:12 GMT
last-modified
Mon, 19 Jan 2015 16:48:02 GMT
server
Apache
accept-ranges
bytes
content-length
117150
content-type
text/css
bgc.jpg
balipayungrafting.com/themes/Business_Casual/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/themes/Business_Casual/img/bgc.jpg
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
3280c486553ba2942c9d57e7b32f90f334114b17e38c0dec2bdb1a44bf627f35

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:13 GMT
last-modified
Sun, 01 Jan 2017 06:16:50 GMT
server
Apache
accept-ranges
bytes
content-length
52384
content-type
image/jpeg
logo.png
balipayungrafting.com/themes/Business_Casual/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balipayungrafting.com/themes/Business_Casual/img/logo.png
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
3e9d2da3121ed90e2b8333f486aced55a4255f740c02fe54d2fb7c60a00bcb68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/themes/Business_Casual/1_default/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:13 GMT
last-modified
Sun, 01 Jan 2017 05:48:09 GMT
server
Apache
accept-ranges
bytes
content-length
12494
content-type
image/png
Iurd6Y5j_oScZZow4VO5srNZi5FN.woff2
fonts.gstatic.com/s/tangerine/v17/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tangerine/v17/Iurd6Y5j_oScZZow4VO5srNZi5FN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tangerine:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbef693a0e3502c8b77d77874867ae7e87514309f644009b0a5aa4d52a2536b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://balipayungrafting.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 13:00:55 GMT
x-content-type-options
nosniff
age
142038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24804
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:53:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 13:00:55 GMT
UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v19/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolight/v19/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://balipayungrafting.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 14:41:20 GMT
x-content-type-options
nosniff
age
481613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16296
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:21:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:41:20 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
489b4ed8c1a5f29ee9670a4578aa9f5a3587dcd92f75262d0e64724c74e37537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Jun 2024 04:28:13 GMT
content-md5
ehMvv0NhVVJDAmVvRmb7yA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
7bOe9nieD8kXVcy7yStWVJAX2fIjrtgRUBqEMzhOJkbBZ1c8mAEoyjSlUTudvkfIMe4dQqxU9Y91Awl4lXeEkA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f1a1d192659e91be69d15e18f8f50eb9
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"f047a8eed0960593df79f0d057d0c3d9"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 03 Jun 2024 04:28:54 GMT
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2016&locationId=3296058&display_version=2&uniq=113&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e8b1903b6531f84873396cba58f96abda86f801c52b59ce2f5aab343b010bc5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:13 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
e43494a9-e75f-42ff-a6e9-14df4d12bc27
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
envoy
x-timer
S1717388893.476012,VS0,VE163
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2015&locationId=3296058&display_version=2&uniq=863&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
0d8493d7c2f244fa380bab9e4ad6a05c0d3366307fbd0d20b41db7484c23cc66

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:13 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
621f5463-2529-4b1f-9b4d-b637b7fbe00b
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
envoy
x-timer
S1717388893.476263,VS0,VE163
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=3296058&display_version=2&uniq=81&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a01a51e4f78ca5dfd797c46492fd0231de6c73e3f6b9f19012a6ebbc1d935957

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:13 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
x-request-id
3d646668-8a73-49b5-b995-d22def01eb02
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
server
envoy
x-timer
S1717388893.476707,VS0,VE137
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
embed
www.google.com/maps/ Frame 64D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3946.572200323613!2d115.24127501478254!3d-8.44360109392825!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2dd223b3718b3825%3A0x6e9a8d43973355b!2sPayung+Rafting+Bali!5e0!3m2!1sen!2sid!4v1510365574325
Requested by
Host: balipayungrafting.com
URL: https://balipayungrafting.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Zfd3F0BixizNrYs7V970Hw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balipayungrafting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1412
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Zfd3F0BixizNrYs7V970Hw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Mon, 03 Jun 2024 04:28:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0
all.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=9944527150871f07cac1b713a6d8f188
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74480e7177c67dd78db06914ddc89ad8522db80ce7de68d9ce5290ed1cd7fb65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Origin
https://balipayungrafting.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Jun 2024 04:28:13 GMT
content-md5
YLH1RWEn4+b9GKUyb64d6Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88561
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4325, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
hlE1rI29QwbK4A+dSipJT9WTYxVhWCou4pRgFKYWVpY0bSyRdj/BmXw7KlvK62q9tTUWdEH4rr3+P2ZGNM4mFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d36c62bac42e5c192b448ca016dd9b6f
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"c8a9c9fd59f677b8e61360729a8df292"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Jun 2025 03:10:51 GMT
t4b_widget_coe-v2381509749a.css
static.tacdn.com/css2/build/concat/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
Requested by
Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=3296058&display_version=2&uniq=81&lang=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4348
date
Mon, 03 Jun 2024 04:28:13 GMT
content-encoding
br
via
1.1 varnish
age
2244707
x-cache
HIT
content-length
2009
x-request-id
5606a969-51d7-4862-a8e6-63b439482079
x-served-by
cache-fra-etou8220118-FRA
last-modified
Mon, 06 May 2024 09:34:47 GMT
server
envoy
x-timer
S1717388894.640366,VS0,VE0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 May 2025 04:56:26 GMT
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ 		2 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by
Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=3296058&display_version=2&uniq=81&lang=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
7096
date
Mon, 03 Jun 2024 04:28:13 GMT
content-encoding
br
via
1.1 varnish
age
3357439
x-cache
HIT
content-length
570
x-request-id
ad0e7c40-8e30-4369-8390-84c294829950
x-served-by
cache-fra-etou8220118-FRA
last-modified
Sun, 21 Apr 2024 11:38:22 GMT
server
envoy
x-timer
S1717388894.640497,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Apr 2025 07:50:54 GMT
like_box.php
www.facebook.com/plugins/ Frame C634 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc6e8658f1eab332c%26domain%3Dbalipayungrafting.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbalipayungrafting.com%252Ff120b6aea468e1b30%26relation%3Dparent.parent&container_width=290&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fbalipayungrafting&locale=en_US&sdk=joey&show_faces=true&stream=false&width=270
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9944527150871f07cac1b713a6d8f188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balipayungrafting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jun 2024 04:28:14 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2770, tp=-1, tpl=-1, uplat=652, ullat=0
x-fb-debug
BpvuU/AuNxIsxg6ZxzPrcMvibz1t+VBZRXx1eDo8meB1g37cJjyze3F5jORVHQf//UtabxslBCg0NjA0odXdCg==
x-xss-protection
0
coe-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/v2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/v2/coe-14348-2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Mon, 03 Jun 2024 04:28:13 GMT
via
1.1 varnish
expires
Mon, 03 Jun 2024 16:28:13 GMT
server
envoy
x-timer
S1717388894.894442,VS0,VE97
x-cache
MISS
content-type
image/png
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
e69891b7-1f7f-4a4f-9895-3bb10b25ff4e
x-served-by
cache-fra-eddf8230076-FRA
favicon.ico
balipayungrafting.com/ 		8 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://balipayungrafting.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.142.21.66 Surabaya, Indonesia, ASN138131 (IDNIC-NATANET-AS-ID CV. NATANETWORK SOLUTION, ID),
Reverse DNS
s03id.solidrockservers.com
Software
Apache /
Resource Hash
0ab93d541b9e796a7f6c9fef788be65dd802c1df580856ab8513023ccff23e78

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://balipayungrafting.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 04:28:15 GMT
content-encoding
gzip
server
Apache
vary
Accept,Accept-Encoding
content-type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,700,600italic,800,700italic,800italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| gplinks object| gpinputs object| gpresponse object| colorbox_lang boolean| isadmin string| gpBase string| post_nonce string| req_type function| $ function| jQuery object| jQuery111304715334523310395 object| $gp function| strip_to function| strip_from function| jPrep function| ajaxResponse function| loading function| loaded object| FB object| __buffer object| newSS object| newJs function| checkHomePageLink function| injectcertificateOfExcellence2192 object| taOnLoad object| taValList number| taValIndex function| taValidate function| taAddValidator object| ta function| injectcertificateOfExcellence5451 function| injectcertificateOfExcellence2586 number| ii function| fname object| hasNoFollow

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://balipayungrafting.com/(Line 13)
Message:
Mixed Content: The page at 'https://balipayungrafting.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,700,600italic,800,700italic,800italic&subset=latin,cyrillic-ext,latin-ext,cyrillic'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://balipayungrafting.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balipayungrafting.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
static.tacdn.com
www.facebook.com
www.google.com
www.jscache.com
www.tripadvisor.com
fonts.googleapis.com
103.142.21.66
151.101.130.40
151.101.2.83
2a00:1450:4001:801::200a
2a00:1450:4001:812::2004
2a00:1450:4001:831::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
04445d2c023397de91b4f9d5652d505e71d2d3d38f6cffcce80822155d890cd9
0ab93d541b9e796a7f6c9fef788be65dd802c1df580856ab8513023ccff23e78
0d8493d7c2f244fa380bab9e4ad6a05c0d3366307fbd0d20b41db7484c23cc66
0dbef693a0e3502c8b77d77874867ae7e87514309f644009b0a5aa4d52a2536b
103bdd00b57f62ce537e48de2402c8c0f38e651ad5363116b6a194c31c09c650
2253123b9cd52d46083552e151a23dc03838a364414e09975b3f896ca213f8d6
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2cf0044f751f5db1da02da9e6a68a1d7ad7dec4b7da1372b299a8e298505e138
2d8e31febefb1eeed2949acd4de047a43d961483887dec75e2a55314bbc4dc21
3280c486553ba2942c9d57e7b32f90f334114b17e38c0dec2bdb1a44bf627f35
39c9353b9c64818b5a447f6dbb525364e3f36c019ed6dd03d63134b921f52192
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a
3e9d2da3121ed90e2b8333f486aced55a4255f740c02fe54d2fb7c60a00bcb68
489b4ed8c1a5f29ee9670a4578aa9f5a3587dcd92f75262d0e64724c74e37537
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625
69bd82f8ddeb1b4651b0b3a96b63a2e6cbe65d32c2cb684e44ef6d3395c2925a
6bef6b91f38a69d187e1654f0ce02f64ffbec94b7941cc77daaf4169c31d5e4e
704dca58d42eb2387c989710b31a5bf63c13e69dcae7174a602c64f90fb5854a
74480e7177c67dd78db06914ddc89ad8522db80ce7de68d9ce5290ed1cd7fb65
7c0bdda2c45a8e4072c530cc6540fb128b5b7d0ec82330a95f7297f9c4b10ce1
80ec5894d6f1817b903b707936ac28d1d233191bb31ede2e99a49736b05429d3
8e18dd084cb2301ddb890768c363e0049c2b5abe3376770a5cbb40b90b884eb8
9abea2ab27033c3cf7abaa6bd8eae5c94965cd7c5dc17ebe4f8a77838a4f4363
9df5b5fc1954a4f78f3db2183758fa2e39d7848bfec789e13b1874417ef22a2f
a01a51e4f78ca5dfd797c46492fd0231de6c73e3f6b9f19012a6ebbc1d935957
ab32569693d69f07d08b144d2195366749d8d0df142ad5710ecdf959bdd03f11
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b158c66f2f5a140b97f8e0f4d82d4a697fb8e9613542033a458b2d5af40f62ca
b1b276ca74dd3697fa7acf777bf274d1363181133e8d11a163332420a1978dfc
b70f8b51c41c42b55191cdcc9e531dd762e89bedbde9b06d3e4e6ebcfbc8d100
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
de5eadb63d4e626464eef3fe8f38dfba6b4cae07c09d42c90509d57a5c7e7ae7
e8b1903b6531f84873396cba58f96abda86f801c52b59ce2f5aab343b010bc5f
efba8ac7970e7c9caf1fb779326b4869c9fcf245ea096d0edbc12207da3163ff
f4e15ba781319cc99b8569016c94cba392253eeff363284bf779cb90bd25d466