urlscan.io logo urlscan.io
SecurityTrails logo

www.payungrafting.fiqua.net Open in urlscan Pro
207.32.216.247  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.payungrafting.fiqua.net/
Submission: On August 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 9 domains to perform 40 HTTP transactions. The main IP is 207.32.216.247, located in Rwanda and belongs to 1GSERVERS, US. The main domain is www.payungrafting.fiqua.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 14th 2020. Valid for: 3 months.
This is the only time www.payungrafting.fiqua.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    207.32.216.247 (Rwanda)

ASN14315 (1GSERVERS, US)
PTR: s02us.solidrockservers.com
www.payungrafting.fiqua.net
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2.21.37.222 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-222.deploy.static.akamaitechnologies.com
www.tripadvisor.com
3    104.111.238.69 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-69.deploy.static.akamaitechnologies.com
www.jscache.com
2    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    68.232.35.198 (United States)

ASN15133 (EDGECAST, US)
static.tacdn.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
20 www.payungrafting.fiqua.net www.payungrafting.fiqua.net
9 www.tripadvisor.com www.payungrafting.fiqua.net
www.jscache.com
3 www.jscache.com 3 redirects
2 static.tacdn.com www.tripadvisor.com
2 connect.facebook.net www.payungrafting.fiqua.net
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.payungrafting.fiqua.net
1 www.facebook.com connect.facebook.net
1 www.google.com www.payungrafting.fiqua.net
40 9

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.tripadvisor.com
Subject Issuer Validity Valid
www.balicycling-wearefamily.fiqua.net
Let's Encrypt Authority X3		 2020-06-14 -
2020-09-12		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
www.tripadvisor.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-08 -
2021-06-02		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2019-12-18 -
2021-02-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.payungrafting.fiqua.net/
Frame ID: A27CBC0B6080C7E45670DAD29779B57A
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3946.572200323613!2d115.24127501478254!3d-8.44360109392825!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2dd223b3718b3825%3A0x6e9a8d43973355b!2sPayung+Rafting+Bali!5e0!3m2!1sen!2sid!4v1510365574325
Frame ID: 234624BC21883FF0FFD926F2F1435269
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c87fb8a166c04%26domain%3Dwww.payungrafting.fiqua.net%26origin%3Dhttps%253A%252F%252Fwww.payungrafting.fiqua.net%252Ff2861ed6b265%26relation%3Dparent.parent&container_width=290&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fbalipayungrafting&locale=en_US&sdk=joey&show_faces=true&stream=false&width=270
Frame ID: 3349C645BC848E8011C07940DB4B541E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

40
Requests

98 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

9
IPs

6
Countries

651 kB
Transfer

815 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
Request Chain 16
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
Request Chain 18
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.payungrafting.fiqua.net/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache / PHP/5.6.40
Resource Hash
43152b23824f37149fccc05c2333485cda10a8c402ff61cdaf79029a36dd6f56

Request headers

Host
www.payungrafting.fiqua.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:12 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Vary
Accept,Accept-Encoding
Content-Encoding
gzip
ETag
"ontc628kk3oui3txg3e0n1ase8macgsfs8"
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		866 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tangerine:400,700
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59602e955e665a026ea22da5b7404953586de0f0dce9c125401ba82669574f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Aug 2020 18:16:07 GMT
server
ESF
date
Sat, 29 Aug 2020 18:16:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Aug 2020 18:16:12 GMT
css
fonts.googleapis.com/ 		461 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into+Light
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1183812eaab0458cf831843ea466bfaf5f60602478f17737596f00b6350daf25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Aug 2020 17:09:58 GMT
server
ESF
date
Sat, 29 Aug 2020 18:16:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Aug 2020 18:16:12 GMT
colorbox.css
www.payungrafting.fiqua.net/include/thirdparty/colorbox139/example2/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/thirdparty/colorbox139/example2/colorbox.css
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
2d8e31febefb1eeed2949acd4de047a43d961483887dec75e2a55314bbc4dc21

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
2368
additional.css
www.payungrafting.fiqua.net/include/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/css/additional.css
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
9abea2ab27033c3cf7abaa6bd8eae5c94965cd7c5dc17ebe4f8a77838a4f4363

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
3517
default_gallery.css
www.payungrafting.fiqua.net/include/css/ 		760 B
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/css/default_gallery.css
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
9a9b65242c2b1bd8b7ea803733d8eb3326a59966be2fd3edc30d74379dd56fe4

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
760
style.css
www.payungrafting.fiqua.net/themes/Business_Casual/1_default/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
6bef6b91f38a69d187e1654f0ce02f64ffbec94b7941cc77daaf4169c31d5e4e

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
5490
bali_rafting-06.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/bali_rafting-06.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
ac13f1175c96aea76f94e8def0aec9143f93d726a40779734a19cc20fbdf8df0

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
17262
payung-rafting-5.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/payung-rafting-5.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
ab32569693d69f07d08b144d2195366749d8d0df142ad5710ecdf959bdd03f11

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
18669
1378133_438291296276923_1111066729_n.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/1378133_438291296276923_1111066729_n.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
9519796c90f69fbf1f84ed593b44a50af9508fd358985d4c4a47e077c8fb98d8

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=96
Content-Length
21076
SAM_0873.JPG.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/Rafting/SAM_0873.JPG.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
f4e15ba781319cc99b8569016c94cba392253eeff363284bf779cb90bd25d466

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
20081
IMG-20170327-WA0001.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/IMG-20170327-WA0001.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
fad1bcdfe093e4ca1a89fae0721abf68b06884951098c5b46ee7f053298ab285

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
19240
IMG-20170327-WA0007.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/IMG-20170327-WA0007.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
639934cdf8f56f741d3825154a7f7421f63f9d11cba6fa82b261d71155e08e51

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
25166
IMG-20170327-WA0004.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/IMG-20170327-WA0004.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
7e81fa1b5d63c366ddf0ff1d9de692c4492e6d150f0fe497fc047eb6835324e6

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=95
Content-Length
17125
IMG-20170327-WA0005.jpg.jpg
www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/data/_uploaded/image/thumbnails/image/new_finish/IMG-20170327-WA0005.jpg.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
ac0f51afb4ef5718c5403d30e8d70b664e450218d40a3763e5eec8f0409c2dad

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
23736
CoE2016_WidgetAsset-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/CoE2016_WidgetAsset-14348-2.png
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de5eadb63d4e626464eef3fe8f38dfba6b4cae07c09d42c90509d57a5c7e7ae7

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
https://www.tripadvisor.com
date
Sat, 29 Aug 2020 18:16:13 GMT
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
status
200
cache-control
private, max-age=43200
content-type
image/png
content-length
6285
expires
Sun, 30 Aug 2020 06:16:13 GMT
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
276 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
704dca58d42eb2387c989710b31a5bf63c13e69dcae7174a602c64f90fb5854a

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:13 GMT
content-encoding
gzip
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
status
200
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
246
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:13 GMT
server
Apache
timing-allow-origin
https://www.tripadvisor.com
status
301
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
content-length
0
expires
Sat, 29 Aug 2020 18:16:13 GMT
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
276 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
39c9353b9c64818b5a447f6dbb525364e3f36c019ed6dd03d63134b921f52192

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:13 GMT
content-encoding
gzip
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
status
200
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
246
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:13 GMT
server
Apache
timing-allow-origin
https://www.tripadvisor.com
status
301
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
content-length
0
expires
Sat, 29 Aug 2020 18:16:13 GMT
CoE2017_WidgetAsset-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/CoE2017_WidgetAsset-14348-2.png
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
https://www.tripadvisor.com
date
Sat, 29 Aug 2020 18:16:13 GMT
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
status
200
cache-control
private, max-age=43200
content-type
image/png
content-length
15558
expires
Sun, 30 Aug 2020 06:16:13 GMT
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
275 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b70f8b51c41c42b55191cdcc9e531dd762e89bedbde9b06d3e4e6ebcfbc8d100

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:13 GMT
content-encoding
gzip
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
status
200
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
245
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:13 GMT
server
Apache
timing-allow-origin
https://www.tripadvisor.com
status
301
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
content-length
0
expires
Sat, 29 Aug 2020 18:16:13 GMT
jquery.js
www.payungrafting.fiqua.net/include/thirdparty/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/thirdparty/js/jquery.js
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
95992
bootstrap.min.js
www.payungrafting.fiqua.net/include/thirdparty/Bootstrap3/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/thirdparty/Bootstrap3/js/bootstrap.min.js
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:20 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
36868
main.js
www.payungrafting.fiqua.net/include/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/js/main.js
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
efba8ac7970e7c9caf1fb779326b4869c9fcf245ea096d0edbc12207da3163ff

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:20 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
8899
jquery.colorbox.js
www.payungrafting.fiqua.net/include/thirdparty/colorbox139/colorbox/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/include/thirdparty/colorbox139/colorbox/jquery.colorbox.js
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
7c0bdda2c45a8e4072c530cc6540fb128b5b7d0ec82330a95f7297f9c4b10ce1

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
12287
css
fonts.googleapis.com/ 		0
0
bootstrap.min.css
www.payungrafting.fiqua.net/themes/Business_Casual/css/ 		114 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payungrafting.fiqua.net/themes/Business_Casual/css/bootstrap.min.css
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

Referer
https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:13 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
117150
bgc.jpg
www.payungrafting.fiqua.net/themes/Business_Casual/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/themes/Business_Casual/img/bgc.jpg
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
3280c486553ba2942c9d57e7b32f90f334114b17e38c0dec2bdb1a44bf627f35

Request headers

Referer
https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:14 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
52384
logo.png
www.payungrafting.fiqua.net/themes/Business_Casual/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payungrafting.fiqua.net/themes/Business_Casual/img/logo.png
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.32.216.247 , Rwanda, ASN14315 (1GSERVERS, US),
Reverse DNS
s02us.solidrockservers.com
Software
Apache /
Resource Hash
3e9d2da3121ed90e2b8333f486aced55a4255f740c02fe54d2fb7c60a00bcb68

Request headers

Referer
https://www.payungrafting.fiqua.net/themes/Business_Casual/1_default/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 29 Aug 2020 18:16:14 GMT
Last-Modified
Thu, 13 Dec 2018 15:19:21 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
12494
Iurd6Y5j_oScZZow4VO5srNZi5FNym499g.woff2
fonts.gstatic.com/s/tangerine/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tangerine/v11/Iurd6Y5j_oScZZow4VO5srNZi5FNym499g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tangerine:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46187d6f11f15a53dc5fc8f0eca2b2f497ad8ac9fdf243f42a0baa8882dc2d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.payungrafting.fiqua.net
Referer
https://fonts.googleapis.com/css?family=Tangerine:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:22:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:37:04 GMT
server
sffe
age
464013
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16176
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:22:40 GMT
UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD55TecYQ.woff2
fonts.gstatic.com/s/shadowsintolight/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolight/v9/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD55TecYQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08779ea8ea4bab16a0834b186ea300c23881937a93945778efd3511e8b787fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.payungrafting.fiqua.net
Referer
https://fonts.googleapis.com/css?family=Shadows+Into+Light
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:13:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:06 GMT
server
sffe
age
464563
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15988
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:13:30 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb67c4a9246af97a83e64931b86e0452159cecfab3c604b117df39b6e579ee69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mOSJXXKOeQQ2v/f7424XoA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"56487e1c3d1aa03141be4e3ea0dfdf5d"
x-fb-debug
apthpoRmKdjGhOxUXbFyIEPu/8jBy01Tp8oSB6rxxYynwnR44CnLAG/p6yjzmk/kwgFNQQjr+0z9odnMBUFBrA==
x-fb-trip-id
664085054
x-fb-content-md5
49628782774cd9ebcba06505b2494b42
x-frame-options
DENY
date
Sat, 29 Aug 2020 18:16:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Aug 2020 18:16:56 GMT
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2016&locationId=3296058&display_version=2&uniq=113&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=113&locationId=3296058&lang=en_US&year=2016&display_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d2829f256754e7407fe096259b02a49c787800375e760d3545659a74479b295b

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:14 GMT
content-encoding
gzip
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
3217
expires
0
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2015&locationId=3296058&display_version=2&uniq=863&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=863&locationId=3296058&lang=en_US&year=2015&display_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c4a7ac2fc0d7e79d22d24009a970709c156f4986553862e88a5f516e920b5a7d

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:14 GMT
content-encoding
gzip
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
3209
expires
0
embed
www.google.com/maps/ Frame 2346 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3946.572200323613!2d115.24127501478254!3d-8.44360109392825!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2dd223b3718b3825%3A0x6e9a8d43973355b!2sPayung+Rafting+Bali!5e0!3m2!1sen!2sid!4v1510365574325
Requested by
Host: www.payungrafting.fiqua.net
URL: https://www.payungrafting.fiqua.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-0o3uMPinHiiXI0WYSgMAFg==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?pb=!1m18!1m12!1m3!1d3946.572200323613!2d115.24127501478254!3d-8.44360109392825!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x2dd223b3718b3825%3A0x6e9a8d43973355b!2sPayung+Rafting+Bali!5e0!3m2!1sen!2sid!4v1510365574325
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.payungrafting.fiqua.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payungrafting.fiqua.net/

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Sat, 29 Aug 2020 18:16:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-0o3uMPinHiiXI0WYSgMAFg==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding
gzip
server
mafe
content-length
1588
x-xss-protection
0
server-timing
gfet4t7; dur=138
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WidgetEmbed-certificateOfExcellence
www.tripadvisor.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2017&locationId=3296058&display_version=2&uniq=81&lang=en_US
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=81&locationId=3296058&lang=en_US&year=2017&display_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e318543366b57db428f07a761c42474107d822a76074cd1887ee6788e47800e

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Aug 2020 18:16:14 GMT
content-encoding
gzip
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
3216
expires
0
all.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e7cefef6a067c97b28a110f9e247f53733e3192341f8c38e641c0e30e368c3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.payungrafting.fiqua.net
Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gCfRuBht3aLWm8ZwZCGSzA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59779
etag
"1fe3d9c88e59967b91bbbc739187cede"
x-fb-debug
mKup1WtNzN/S5dbeW37ANUqXMyKUe/SB+yi9XKiv2lfz1qr7qL2c6tlSB0wBCA0+tBJk1bGDT544mUJsypYYPw==
x-fb-trip-id
664085054
x-fb-content-md5
6a760d82e0d971f32f8e27ab666147db
x-frame-options
DENY
date
Sat, 29 Aug 2020 18:16:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sun, 29 Aug 2021 17:30:51 GMT
t4b_widget_coe-v2381509749a.css
static.tacdn.com/css2/build/concat/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
Requested by
Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2015&locationId=3296058&display_version=2&uniq=863&lang=en_US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.198 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AA) /
Resource Hash
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 18:16:14 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 10:17:08 GMT
server
ECS (fcn/41AA)
age
5878199
status
200
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
content-length
2171
expires
Sun, 29 Aug 2021 18:16:14 GMT
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ 		2 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by
Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2015&locationId=3296058&display_version=2&uniq=863&lang=en_US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.198 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4189) /
Resource Hash
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 18:16:14 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 08:28:18 GMT
server
ECS (fcn/4189)
age
26982275
status
200
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
content-length
641
expires
Sun, 29 Aug 2021 18:16:14 GMT
like_box.php
www.facebook.com/plugins/ Frame 3349 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c87fb8a166c04%26domain%3Dwww.payungrafting.fiqua.net%26origin%3Dhttps%253A%252F%252Fwww.payungrafting.fiqua.net%252Ff2861ed6b265%26relation%3Dparent.parent&container_width=290&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fbalipayungrafting&locale=en_US&sdk=joey&show_faces=true&stream=false&width=270
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c87fb8a166c04%26domain%3Dwww.payungrafting.fiqua.net%26origin%3Dhttps%253A%252F%252Fwww.payungrafting.fiqua.net%252Ff2861ed6b265%26relation%3Dparent.parent&container_width=290&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fbalipayungrafting&locale=en_US&sdk=joey&show_faces=true&stream=false&width=270
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.payungrafting.fiqua.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.payungrafting.fiqua.net/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
lrAfPKYSJ8vocNGpP30FkJkNRGldE+dF64+3vgdNKKGWq3RUvAh38SAOgAQbyuRH/XMEqVgsJRodw9gGzh8U8Q==
date
Sat, 29 Aug 2020 18:16:14 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
coe-14348-2.png
www.tripadvisor.com/img/cdsi/img2/awards/v2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.com/img/cdsi/img2/awards/v2/coe-14348-2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.222 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c

Request headers

Referer
https://www.payungrafting.fiqua.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
https://www.tripadvisor.com
date
Sat, 29 Aug 2020 18:16:14 GMT
server
Apache
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
status
200
cache-control
private, max-age=43200
content-type
image/png
content-length
5516
expires
Sun, 30 Aug 2020 06:16:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,700,600italic,800,700italic,800italic&subset=latin,cyrillic-ext,latin-ext,cyrillic

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| gplinks object| gpinputs object| gpresponse object| colorbox_lang boolean| isadmin string| gpBase string| post_nonce string| req_type function| $ function| jQuery object| jQuery11130737871452052715 object| $gp function| strip_to function| strip_from function| jPrep function| ajaxResponse function| loading function| loaded object| FB object| newSS object| newJs function| checkHomePageLink function| injectcertificateOfExcellence2109 object| taOnLoad object| taValList number| taValIndex function| taValidate function| taAddValidator function| injectcertificateOfExcellence3176 function| injectcertificateOfExcellence9472 object| ta number| ii function| fname object| hasNoFollow

0 Cookies

10 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
Invalid App Id: Must be a number or numeric string representing the application id.
console-api warning URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
FB.getLoginStatus() called before calling FB.init().
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
sdkperf: it took 25 ms and 62548 bytes to load https://connect.facebook.net/en_US/all.js
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
sdkperf: init logged after 76 ms
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
domReady
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
XFBML Parsing Start 1
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
sdkperf: pluginframe logged after 322 ms
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
XFBML Parsing Finish 1, 1 tags found
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
sdkperf: ttfp logged after 513 ms
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=616a884762de52c6e995e6a6c9dcef91&ua=modern_es6(Line 52)
Message:
Plugin f1803c38958af7c ready from https://www.facebook.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
static.tacdn.com
www.facebook.com
www.google.com
www.jscache.com
www.payungrafting.fiqua.net
www.tripadvisor.com
fonts.googleapis.com
104.111.238.69
2.21.37.222
207.32.216.247
2a00:1450:4001:806::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:824::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
68.232.35.198
08779ea8ea4bab16a0834b186ea300c23881937a93945778efd3511e8b787fbd
1183812eaab0458cf831843ea466bfaf5f60602478f17737596f00b6350daf25
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2d8e31febefb1eeed2949acd4de047a43d961483887dec75e2a55314bbc4dc21
2e318543366b57db428f07a761c42474107d822a76074cd1887ee6788e47800e
3280c486553ba2942c9d57e7b32f90f334114b17e38c0dec2bdb1a44bf627f35
39c9353b9c64818b5a447f6dbb525364e3f36c019ed6dd03d63134b921f52192
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a
3e9d2da3121ed90e2b8333f486aced55a4255f740c02fe54d2fb7c60a00bcb68
43152b23824f37149fccc05c2333485cda10a8c402ff61cdaf79029a36dd6f56
46187d6f11f15a53dc5fc8f0eca2b2f497ad8ac9fdf243f42a0baa8882dc2d0e
59602e955e665a026ea22da5b7404953586de0f0dce9c125401ba82669574f9c
639934cdf8f56f741d3825154a7f7421f63f9d11cba6fa82b261d71155e08e51
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625
6bef6b91f38a69d187e1654f0ce02f64ffbec94b7941cc77daaf4169c31d5e4e
704dca58d42eb2387c989710b31a5bf63c13e69dcae7174a602c64f90fb5854a
7c0bdda2c45a8e4072c530cc6540fb128b5b7d0ec82330a95f7297f9c4b10ce1
7e81fa1b5d63c366ddf0ff1d9de692c4492e6d150f0fe497fc047eb6835324e6
9519796c90f69fbf1f84ed593b44a50af9508fd358985d4c4a47e077c8fb98d8
9a9b65242c2b1bd8b7ea803733d8eb3326a59966be2fd3edc30d74379dd56fe4
9abea2ab27033c3cf7abaa6bd8eae5c94965cd7c5dc17ebe4f8a77838a4f4363
ab32569693d69f07d08b144d2195366749d8d0df142ad5710ecdf959bdd03f11
ac0f51afb4ef5718c5403d30e8d70b664e450218d40a3763e5eec8f0409c2dad
ac13f1175c96aea76f94e8def0aec9143f93d726a40779734a19cc20fbdf8df0
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b70f8b51c41c42b55191cdcc9e531dd762e89bedbde9b06d3e4e6ebcfbc8d100
bb67c4a9246af97a83e64931b86e0452159cecfab3c604b117df39b6e579ee69
c4a7ac2fc0d7e79d22d24009a970709c156f4986553862e88a5f516e920b5a7d
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
d2829f256754e7407fe096259b02a49c787800375e760d3545659a74479b295b
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
de5eadb63d4e626464eef3fe8f38dfba6b4cae07c09d42c90509d57a5c7e7ae7
e7cefef6a067c97b28a110f9e247f53733e3192341f8c38e641c0e30e368c3ab
efba8ac7970e7c9caf1fb779326b4869c9fcf245ea096d0edbc12207da3163ff
f4e15ba781319cc99b8569016c94cba392253eeff363284bf779cb90bd25d466
fad1bcdfe093e4ca1a89fae0721abf68b06884951098c5b46ee7f053298ab285