Submitted URL: https://pos2.dretail.id/
Effective URL: https://pos2.dretail.id/admin/
Submission: On March 28 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 103.30.123.37, located in Indonesia and belongs to SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID. The main domain is pos2.dretail.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 23rd 2023. Valid for: a year.
This is the only time pos2.dretail.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 103.30.123.37 63498 (SPA-AS-ID...)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
8 103.30.123.86 63498 (SPA-AS-ID...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 172.64.129.7 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
21 8
Apex Domain
Subdomains
Transfer
10 dretail.id
pos2.dretail.id
backoffice.dretail.id
59 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1738
ka-f.fontawesome.com — Cisco Umbrella Rank: 4238
177 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 357
64 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2984
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1117
40 KB
1 gstatic.com
fonts.gstatic.com
16 KB
21 5
Domain Requested by
8 backoffice.dretail.id pos2.dretail.id
backoffice.dretail.id
5 ka-f.fontawesome.com kit.fontawesome.com
pos2.dretail.id
2 ajax.googleapis.com pos2.dretail.id
2 pos2.dretail.id 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com pos2.dretail.id
1 fonts.googleapis.com pos2.dretail.id
1 kit.fontawesome.com pos2.dretail.id
1 stackpath.bootstrapcdn.com pos2.dretail.id
21 9

This site contains links to these domains. Also see Links.

Domain
wa.me
dretail.id
dip.id
backoffice.dretail.id
Subject Issuer Validity Valid
*.dretail.id
Sectigo RSA Domain Validation Secure Server CA
2023-10-23 -
2024-10-20
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-04 -
2025-01-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5
2024-03-05 -
2024-06-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://pos2.dretail.id/admin/
Frame ID: 4E4001FEED62B1195E17FF8CE8DC8187
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

MPOS dRetail - Admin Login

Page URL History Show full URLs

  1. https://pos2.dretail.id/ HTTP 302
    http://pos2.dretail.id/admin/ HTTP 307
    https://pos2.dretail.id/admin/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

357 kB
Transfer

730 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pos2.dretail.id/ HTTP 302
    http://pos2.dretail.id/admin/ HTTP 307
    https://pos2.dretail.id/admin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pos2.dretail.id/admin/
Redirect Chain
  • https://pos2.dretail.id/
  • http://pos2.dretail.id/admin/
  • https://pos2.dretail.id/admin/
26 KB
7 KB
Document
General
Full URL
https://pos2.dretail.id/admin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.30.123.37 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
openresty /
Resource Hash
5ecef9a4eba0bef8ebda02c27e2cfad10172b6afe847936236f417b1c757bd40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 17:35:24 GMT
server
openresty
x-served-by
pos2.dretail.id

Redirect headers

Location
https://pos2.dretail.id/admin/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
2491282
cdn-cachedat
01/04/2023 11:35:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c6eaf77136ac05b2e12d5eac40573c47
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
86b960669925a252-YYZ
cdn-requestpullsuccess
True
b5797c5acc.js
kit.fontawesome.com/
12 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/b5797c5acc.js
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e97ae0812eb2b4a0e7253849fa8467d1576da67ddf69a6ea44961924854c8e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:25 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
86b96066fdb04bd3-BUF
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F8D-LHYwLqFfrCVVcWNB
css
fonts.googleapis.com/
2 KB
973 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito&display=swap
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a98b3ab1d1fcf2cd367adf92734fa75730d939ac1a65f48700d5a3b8ee3e9395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Mar 2024 17:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Mar 2024 17:02:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Mar 2024 17:35:25 GMT
login.css
backoffice.dretail.id/admin/settings/assets/css/
16 KB
17 KB
Stylesheet
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/css/login.css
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
5f3867420ffd94aa6a96620c60e94d406b905de7c7fcef06128b2b3264685e8e
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
16584
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Tue, 21 Jul 2020 02:49:47 GMT
Server
Apache
ETag
"40c8-5aaeaad1d48c0"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 04:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 04:39:50 GMT
whatsapphover.png
backoffice.dretail.id/admin/settings/assets/img/
4 KB
4 KB
Image
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/img/whatsapphover.png
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
9ac9410fc746b67314bb58764bd4c4b81ed390588b52823d6b54dba2c6d0c0a5
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
3647
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Mon, 13 Apr 2020 10:32:25 GMT
Server
Apache
ETag
"e3f-5a3299954a040"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
dretaillogo1.png
backoffice.dretail.id/admin/settings/assets/img/login/
2 KB
2 KB
Image
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/img/login/dretaillogo1.png
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
c82be016789edb535ab427e5b330e6a3b624886caef5551dc15a73e349e2e20c
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
1674
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Wed, 03 Jun 2020 03:19:00 GMT
Server
Apache
ETag
"68a-5a7257d37f100"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
dretail-hd.png
backoffice.dretail.id/admin/settings/assets/img/login/
2 KB
3 KB
Image
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/img/login/dretail-hd.png
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
8bbfbf0b7c40a5c8070908cf0d25c4babaa2f06b90c12f0744ced6b8fa07b460
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
2314
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Wed, 03 Jun 2020 03:19:00 GMT
Server
Apache
ETag
"90a-5a7257d37f100"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/
86 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 12:43:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 12:43:26 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/
57 KB
16 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1068
age
633840
cdn-cachedat
01/17/2024 22:37:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d3ebe31b67f4545536f8e30aa1286834
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86b9609e4fd0a252-YYZ
cdn-requestpullsuccess
True
login.js
backoffice.dretail.id/admin/settings/assets/js/
4 KB
4 KB
Script
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/js/login.js
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
c06ad1ab43205d4068f6f2c7a61347da7b4d620c8976ebff29702db8c0f9f8ad
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
3605
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Tue, 21 Jul 2020 02:35:00 GMT
Server
Apache
ETag
"e15-5aaea783ebd00"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
59 KB
13 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=b5797c5acc
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b5797c5acc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:25 GMT
via
1.1 2dd59b0ea355cb92a87e9e385032622a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tWGU11D3pazPFuLOVvVgSQCITIDsKZpic6Ju8zfR4RO55qBMqdxnenMv5byDtE7RN8V0mixbQvkbwvdizg1p6SeqzNJt%2FhejUWecUm%2Bzmr94MNWG8vb4RwyJTQotJVOiP6TOu9gyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86b960689d333344-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
iox1kiGtdw3f-tQH96GvU_lC5Jikq0lsRj8N7DIKuIZIT56yJs6w0Q==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
26 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=b5797c5acc
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b5797c5acc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:25 GMT
via
1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9usFFdfO7ugGCeHLxRkXryFAVIKuyKNDnUGCpKoxyPttACBe7OAVu6uKXhMZZ1kv6naKNh9K6KkSqbWX5gFzzxj7cxT8HwTOoSpr4jZhr4ATQ9QQzzN5Z23wYP7s7tseFmYNHiA%2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86b960689d343344-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
8AqsnHZVNN45Hui14DsH1y_hWBMFNmQwjbwh3Ih4JjSXB6qfhcwOSA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/
3 KB
1 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=b5797c5acc
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b5797c5acc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:25 GMT
via
1.1 7082f41e4415fb7199f3ca9b16b5849a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3PbiXOxYuMgx4jkLNu5I7vTmMibha5TDWXhCJkeF1g9jukPztA%2FDfZV2uRW8u35eZM4vx0hC0QTB%2F6uEfygbTTTaR59i0mwpROhmUrxao%2FFcRryOqEfKo8rjBq3q%2ByIYUc3EPaSkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86b960689d323344-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
1s6P-qHuonBSZPAmWaJUK-xEnel5mNQd7embjwqs99EBKmnBaTq8Lw==
indo.png
backoffice.dretail.id/admin/settings/assets/img/login/
1 KB
2 KB
Image
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/img/login/indo.png
Requested by
Host: backoffice.dretail.id
URL: https://backoffice.dretail.id/admin/settings/assets/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
ad5a299149a7fa7cc714abcf09460f0d8a93403f979877add49425398606b180
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://backoffice.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
1528
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Thu, 27 Feb 2020 07:30:55 GMT
Server
Apache
ETag
"5f8-59f89b38929c0"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
english.png
backoffice.dretail.id/admin/settings/assets/img/login/
3 KB
4 KB
Image
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/img/login/english.png
Requested by
Host: backoffice.dretail.id
URL: https://backoffice.dretail.id/admin/settings/assets/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
85554ceb683b4e9b619f209795974e8b3d53bfd3f264be4e8c66d90b4e413b6d
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://backoffice.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
2973
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Referrer-Policy
strict-origin
Last-Modified
Thu, 27 Feb 2020 07:30:54 GMT
Server
Apache
ETag
"b9d-59f89b379e780"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
vibrate 'none';
Accept-Ranges
bytes
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://pos2.dretail.id
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:37:21 GMT
x-content-type-options
nosniff
age
64693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16292
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:41:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 23:37:21 GMT
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
75 KB
76 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
Origin
https://pos2.dretail.id
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:34 GMT
via
1.1 c7705692ed008dad7e46e32f966aa3fe.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfSo9FJnuoLhrySIQnBPB7oaG2Sh7UR2tQHUFJ92uymM8%2Bma3In9hck9RIeDA%2BCe4IgcD8WAZkrn48sLMhGQNfdJPh3eLtX9sS%2BBiPbA5FHDLPyEiSgrLq0Ch8IYIELHOqMOMoe5ng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
86b960a0692b3344-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
4PyRY1e89pqWCLExVkJxQfou6Y_j5i3WgAWndftk_KGTDoJIGWyawg==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: pos2.dretail.id
URL: https://pos2.dretail.id/admin/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
Origin
https://pos2.dretail.id
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:35:34 GMT
via
1.1 c23bc76444fad08250d9cd740d061b4a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJwtGLRUZvePGSVmHTAI30LWa5kI28W6M%2BtHBCIkyVb2OwU75FZBCMClPhxEiqmt3%2F9k7Q0V3Y2jLgGlxwkuAESW5PJ1n98BNXZIS3wuo5mX5OaxRE%2FJl2NUhLCPFQ0eulbkXEsAsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
86b960a0692d3344-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
OWhspvnUOEGsLEgX6AmXxcWuUfjbrAItLAaWOVmesml9fGZzuaAOlQ==
favicon.ico
backoffice.dretail.id/admin/settings/assets/img/
15 KB
16 KB
Other
General
Full URL
https://backoffice.dretail.id/admin/settings/assets/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.30.123.86 , Indonesia, ASN63498 (SPA-AS-ID PT. SURYAPUTRA ADIPRADANA, ID),
Reverse DNS
Software
Apache /
Resource Hash
7e3c950081afce1c2b85a6c03116c1d6fb55dc229e6bae45f011687d36f7940b
Security Headers
Name Value
Public-Key-Pins pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pos2.dretail.id/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:21:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 13 Nov 2020 21:58:28 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
master-only
ETag
"3c2e-5b40420e06900"
Expect-CT
max-age=60, report-uri="https://mydomain.com/report"
X-Frame-Options
SAMEORIGIN
Permissions-Policy
vibrate 'none';
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
Public-Key-Pins
pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="7Gqn1I7OupUR1ZLk8F/aE7NZhCM4i2C3qd7YoP4d4ww="; max-age=2592000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| FontAwesomeKitConfig function| $ function| jQuery object| bootstrap function| tryFreeButton function| navbarBoxShadow function| navBottom function| navbarView number| position

3 Cookies

Domain/Path Name / Value
pos2.dretail.id/ Name: csrf_cookie_mpos
Value: f2a0b9e081dee9b4c4c687df69197a66
pos2.dretail.id/ Name: ci_session
Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22af6f2318d76b7aa447da271bff52c723%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22172.168.100.19%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A111%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F123.0.0.0+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1711647324%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D8e264630e40f11a2fb08648835e4100a1aaa7049
backoffice.dretail.id/ Name: cookiesession1
Value: 582E22A57OZW2BZ94IHZXSF2RGAV539E

17 Console Messages

Source Level URL
Text
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/css/login.css': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/css/login.css': No recognized types specified.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/whatsapphover.png': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/whatsapphover.png': No recognized types specified.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/dretaillogo1.png': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/dretaillogo1.png': No recognized types specified.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/dretail-hd.png': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/dretail-hd.png': No recognized types specified.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/js/login.js': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/js/login.js': No recognized types specified.
recommendation verbose URL: https://pos2.dretail.id/admin/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/english.png': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/english.png': No recognized types specified.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/indo.png': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/login/indo.png': No recognized types specified.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/favicon.ico': Unrecognized type: cookies.
other error URL: https://pos2.dretail.id/admin/
Message:
Clear-Site-Data header on 'https://backoffice.dretail.id/admin/settings/assets/img/favicon.ico': No recognized types specified.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
backoffice.dretail.id
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
pos2.dretail.id
stackpath.bootstrapcdn.com
103.30.123.37
103.30.123.86
104.18.10.207
172.64.129.7
2606:4700:4400::ac40:93bc
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c1b::5e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
27e97ae0812eb2b4a0e7253849fa8467d1576da67ddf69a6ea44961924854c8e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5ecef9a4eba0bef8ebda02c27e2cfad10172b6afe847936236f417b1c757bd40
5f3867420ffd94aa6a96620c60e94d406b905de7c7fcef06128b2b3264685e8e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7e3c950081afce1c2b85a6c03116c1d6fb55dc229e6bae45f011687d36f7940b
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
85554ceb683b4e9b619f209795974e8b3d53bfd3f264be4e8c66d90b4e413b6d
8bbfbf0b7c40a5c8070908cf0d25c4babaa2f06b90c12f0744ced6b8fa07b460
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
9ac9410fc746b67314bb58764bd4c4b81ed390588b52823d6b54dba2c6d0c0a5
a98b3ab1d1fcf2cd367adf92734fa75730d939ac1a65f48700d5a3b8ee3e9395
ad5a299149a7fa7cc714abcf09460f0d8a93403f979877add49425398606b180
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
c06ad1ab43205d4068f6f2c7a61347da7b4d620c8976ebff29702db8c0f9f8ad
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c82be016789edb535ab427e5b330e6a3b624886caef5551dc15a73e349e2e20c
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda