bersamawisata.com Open in urlscan Pro
103.131.51.70  Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/	182 KB 39 KB	4053ms 3434ms	Document text/html	103.131.51.70 IDNIC-JALANET-AS-...
General Check archive.org Show headers Download Go to Full URL https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.131.51.70 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID), Reverse DNS optimusserver.hosterserver.com Software LiteSpeed / PHP/7.4.30 Resource Hash 8f6902160d70d4f1578294d1b098f81454dacc0efb0b159c476de932cad15044 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control public, max-age=0 content-encoding br content-type text/html; charset=UTF-8 date Mon, 19 Sep 2022 17:56:17 GMT expires Mon, 19 Sep 2022 17:56:17 GMT last-modified Mon, 19 Sep 2022 17:56:17 GMT link <https://bersamawisata.com/wp-json/>; rel="https://api.w.org/" <https://bersamawisata.com/wp-json/wp/v2/posts/121486>; rel="alternate"; type="application/json" <https://bersamawisata.com/?p=121486>; rel=shortlink server LiteSpeed vary Accept-Encoding,Accept-Encoding x-pingback https://bersamawisata.com/xmlrpc.php x-powered-by PHP/7.4.30
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	92ms 35ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oswald%7CSlabo%2027px%7CMuli&display=swap Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 085ce9d44f3700c10574e3107bb756fcb0fe8d0541d2a0200f99fb34b7b6b881 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 19 Sep 2022 17:56:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 19 Sep 2022 17:56:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Sep 2022 17:56:17 GMT
GET H2	200	5e6333d737d1fc4b815399c38fce0cbd.css bersamawisata.com/wp-content/cache/min/1/	343 KB 62 KB	264ms 263ms	Stylesheet text/css	103.131.51.70 IDNIC-JALANET-AS-...
General Check archive.org Show headers Download Go to Full URL https://bersamawisata.com/wp-content/cache/min/1/5e6333d737d1fc4b815399c38fce0cbd.css Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.131.51.70 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID), Reverse DNS optimusserver.hosterserver.com Software LiteSpeed / Resource Hash 7c25311031ffbd74c33dabb7e2cb91fec9c51cc291664d171cb492aadcec240c Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 19 Sep 2022 17:56:17 GMT content-encoding br last-modified Mon, 19 Sep 2022 17:00:29 GMT server LiteSpeed vary Accept-Encoding,Accept-Encoding content-type text/css cache-control public, max-age=31536000,public accept-ranges bytes content-length 63763 expires Tue, 19 Sep 2023 17:56:17 GMT
GET H/1.1	403 Forbidden	4f40e85b4c8ddf6d4c7b4ad0ca049100.js chandlersubsequently.com/4f/40/e8/	0 0	1357ms 49ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://chandlersubsequently.com/4f/40/e8/4f40e85b4c8ddf6d4c7b4ad0ca049100.js Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Mon, 19 Sep 2022 17:56:19 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H/1.1	403 Forbidden	deb3dd0c606c4dce1c84c36007f51e19.js chandlersubsequently.com/de/b3/dd/	0 0	1380ms 68ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://chandlersubsequently.com/de/b3/dd/deb3dd0c606c4dce1c84c36007f51e19.js Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Mon, 19 Sep 2022 17:56:19 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H2	200	e-202238.js Show response stats.wp.com/	9 KB 3 KB	62ms 16ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202238.js Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-nc HIT yyz date Mon, 19 Sep 2022 17:56:19 GMT content-encoding br server nginx etag W/"61beb56a-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 11 Sep 2023 01:47:05 GMT
GET H3	200	lazyload.min.js Show response bersamawisata.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/	8 KB 3 KB	262ms 262ms	Script application/javascript	103.131.51.70 IDNIC-JALANET-AS-...
General Check archive.org Show headers Download Go to Full URL https://bersamawisata.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H3 Security QUIC, , AES_128_GCM Server 103.131.51.70 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID), Reverse DNS optimusserver.hosterserver.com Software LiteSpeed / Resource Hash 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 19 Sep 2022 17:56:19 GMT content-encoding br last-modified Sun, 18 Sep 2022 03:00:28 GMT server LiteSpeed vary Accept-Encoding,Accept-Encoding content-type application/javascript cache-control public, max-age=31536000,public accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 2738 expires Tue, 19 Sep 2023 17:56:19 GMT
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2eaa2150f587a3697d4cc63e4935dd53d933c44e19068177453f143b7724426a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2 fonts.gstatic.com/s/muli/v28/	17 KB 17 KB	77ms 22ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v28/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald%7CSlabo%2027px%7CMuli&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15559265c43e023322fbb97f910244594c12c7c9b60afcfe7bd3529155f560ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bersamawisata.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 05:56:54 GMT x-content-type-options nosniff age 388765 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16932 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:54:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 15 Sep 2023 05:56:54 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 fonts.gstatic.com/s/oswald/v49/	10 KB 10 KB	81ms 26ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald%7CSlabo%2027px%7CMuli&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bersamawisata.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 12 Sep 2022 21:25:12 GMT x-content-type-options nosniff age 592267 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9840 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:24:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Sep 2023 21:25:12 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e5b830eeccd293ca6d8f487f1d2b55dabaca765933fb9d756dad1547c1e3dfd3 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 15aaa3fac9ef000c2657393091d534e2b842f8b076acf7aedd915f7147dcfd18 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1555626fd0b847f6453bcf96e9674aad49425cbed925906c6e624e5f80ad468 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	fontawesome-webfont.woff2 bersamawisata.com/wp-content/themes/refined-magazine/candidthemes/assets/framework/Font-Awesome/fonts/	75 KB 76 KB	263ms 262ms	Font font/woff2	103.131.51.70 IDNIC-JALANET-AS-...
General Check archive.org Show headers Download Go to Full URL https://bersamawisata.com/wp-content/themes/refined-magazine/candidthemes/assets/framework/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: bersamawisata.com URL: https://bersamawisata.com/wp-content/cache/min/1/5e6333d737d1fc4b815399c38fce0cbd.css Protocol H3 Security QUIC, , AES_128_GCM Server 103.131.51.70 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID), Reverse DNS optimusserver.hosterserver.com Software LiteSpeed / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://bersamawisata.com/wp-content/cache/min/1/5e6333d737d1fc4b815399c38fce0cbd.css Origin https://bersamawisata.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 19 Sep 2022 17:56:19 GMT last-modified Tue, 06 Sep 2022 17:13:40 GMT server LiteSpeed vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=10368000 accept-ranges bytes content-length 77160 expires Tue, 17 Jan 2023 17:56:19 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	22ms 18ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=180175479&post=121486&tz=7&srv=bersamawisata.com&host=bersamawisata.com&ref=&fcp=5709&rand=0.7996435109208182 Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-origin * date Mon, 19 Sep 2022 17:56:19 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	cropped-header.jpg i0.wp.com/bersamawisata.com/wp-content/uploads/2020/07/	83 KB 84 KB	55ms 16ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/bersamawisata.com/wp-content/uploads/2020/07/cropped-header.jpg Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 5f608750bb71409ba8a1ffec88813cca66ff8eceaff3b5bb2f0a478e84772218 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-nc HIT yyz 1 date Mon, 19 Sep 2022 17:56:19 GMT x-content-type-options nosniff last-modified Sun, 28 Nov 2021 10:28:48 GMT server nginx etag "c76055bb167dd630" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <http://bersamawisata.com/wp-content/uploads/2020/07/cropped-header.jpg>; rel="canonical" content-length 85442 expires Tue, 28 Nov 2023 22:28:48 GMT
GET H2	200	cropped-BersamaWisata-1.png i0.wp.com/bersamawisata.com/wp-content/uploads/2020/07/	4 KB 4 KB	78ms 40ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/bersamawisata.com/wp-content/uploads/2020/07/cropped-BersamaWisata-1.png Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash c00398e7e8953597e7c3f6a40fc3eec13f0b3da81ea9a1207c96307eb347519b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-nc HIT yyz 2 date Mon, 19 Sep 2022 17:56:19 GMT x-content-type-options nosniff last-modified Thu, 01 Sep 2022 16:44:29 GMT server nginx etag "0cc523fd2c63e2b3" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <http://bersamawisata.com/wp-content/uploads/2020/07/cropped-BersamaWisata-1.png>; rel="canonical" content-length 4342 expires Sun, 01 Sep 2024 04:44:29 GMT
GET H2	200	HOlidays-361.jpg i0.wp.com/bersamawisata.com/wp-content/uploads/2022/09/	70 KB 70 KB	2312ms 2274ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/bersamawisata.com/wp-content/uploads/2022/09/HOlidays-361.jpg Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash cfa56e1d28d9f0e16ec187fd1f6635c671f9858237b56d1ec7727ae5fcd9fc18 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-nc MISS yyz 4 date Mon, 19 Sep 2022 17:56:21 GMT x-content-type-options nosniff last-modified Mon, 19 Sep 2022 17:56:21 GMT server nginx etag "8754db7a9058c0f3" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <http://bersamawisata.com/wp-content/uploads/2022/09/HOlidays-361.jpg>; rel="canonical" content-length 71778 expires Thu, 19 Sep 2024 05:56:21 GMT
GET H2	200	61a4ac81.jpg i0.wp.com/bersamawisata.com/wp-content/uploads/2022/05/	24 KB 24 KB	78ms 41ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/bersamawisata.com/wp-content/uploads/2022/05/61a4ac81.jpg Requested by Host: bersamawisata.com URL: https://bersamawisata.com/berita_dan_promo/go-to-gate-travel-insurance-protection-plan-for-customers-of/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash b68e8c25d9032680e5585a9cc77d2812a2cbfff28cd7c368f9d790e04fd288ce Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://bersamawisata.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-nc HIT yyz 3 date Mon, 19 Sep 2022 17:56:19 GMT x-content-type-options nosniff last-modified Sun, 29 May 2022 09:42:16 GMT server nginx etag "ec33d8f53b60ec9e" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <http://bersamawisata.com/wp-content/uploads/2022/05/61a4ac81.jpg>; rel="canonical" content-length 24218 expires Tue, 28 May 2024 21:42:16 GMT

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| href object| related_posts_js_options object| accordions_ajax object| wpcf7 object| viewsCacheL10n object| RocketPreloadLinksConfig object| wpcf7_recaptcha object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| st_go function| linktracker_init object| wpcom function| LazyLoad

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://chandlersubsequently.com/4f/40/e8/4f40e85b4c8ddf6d4c7b4ad0ca049100.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://chandlersubsequently.com/de/b3/dd/deb3dd0c606c4dce1c84c36007f51e19.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bersamawisata.com
chandlersubsequently.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
pixel.wp.com
stats.wp.com
103.131.51.70
192.0.76.3
192.0.77.2
192.243.59.12
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::200a
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
085ce9d44f3700c10574e3107bb756fcb0fe8d0541d2a0200f99fb34b7b6b881
15559265c43e023322fbb97f910244594c12c7c9b60afcfe7bd3529155f560ae
15aaa3fac9ef000c2657393091d534e2b842f8b076acf7aedd915f7147dcfd18
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2eaa2150f587a3697d4cc63e4935dd53d933c44e19068177453f143b7724426a
327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97
5f608750bb71409ba8a1ffec88813cca66ff8eceaff3b5bb2f0a478e84772218
7c25311031ffbd74c33dabb7e2cb91fec9c51cc291664d171cb492aadcec240c
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8f6902160d70d4f1578294d1b098f81454dacc0efb0b159c476de932cad15044
b1555626fd0b847f6453bcf96e9674aad49425cbed925906c6e624e5f80ad468
b68e8c25d9032680e5585a9cc77d2812a2cbfff28cd7c368f9d790e04fd288ce
c00398e7e8953597e7c3f6a40fc3eec13f0b3da81ea9a1207c96307eb347519b
cfa56e1d28d9f0e16ec187fd1f6635c671f9858237b56d1ec7727ae5fcd9fc18
e5b830eeccd293ca6d8f487f1d2b55dabaca765933fb9d756dad1547c1e3dfd3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1